Navigating the requirements under the U.S. Health Insurance Portability and Accountability Act (HIPAA) can often be confusing and overwhelming. Many times, in order to ensure compliance, healthcare providers are more protective of information than necessary. While being more diligent is better than being noncompliant, it can often lead to miscommunication and confusion as to the true intent and requirements under HIPAA.
We often get questions from dental offices about whether or not patient sign-in sheets and postcard reminders are allowed under HIPAA. The answer is “Yes”, both of these are allowed, however, to reasonably safeguard protected health information (PHI), these incidental disclosures are permitted only when the “minimum necessary” PHI is disclosed. For example, the sign-in sheet may not display medical information that is not necessary for the purpose of signing in and the postcard must only include the information necessary to confirm the appointment.
When a patient reasonably requests confidentiality with regards to communication, the provider must accommodate that request.
Since 1992, OSHA Review, Inc. has provided dental professionals with comprehensive programs to support regulatory compliance and infection control. We are a registered continuing education provider in the state of California, specializing in Dental Practice Act, infection control, and OSHA training.