HIPAA & Your Privacy

To receive Protected Health Information (PHI) in person, verbally or as written request, you should expect employees to ask for identity verification.

Any one of the following three (3) options: 

Valid State/Federal Issue Photo ID (i.e., passport, driver's license) 

Positive match of signature to a signature already on file, e.g., if a request is received from a patient via fax or mail and the signature on the request is compared to the signature on the Conditions of Admission on the patient's chart.

If the requestor is able to provide a minimum of three information items from the "acceptable identifiers" list, as follows:

Patient SSN (required) AND
Patient Date of Birth (required) AND, any one of the following:
Account Number,
Street Address
Insurance Carrier Name
Insurance Policy Number
Medical Record Number
Birth Certificate
Insurance Card

During the registration process of all inpatients and day surgery patients, patients are assigned a "PASSCODE" which they can share with family and/or friends that identifies them as receiving the patient's permission to release more than the minimum data set. If you are calling to inquire about a patient, you must have either the "PASSCODE" or the information outlined above. (see page three of the policy attached.)

So, the next time you call in to inquire about a patient's health status, be prepared to answer questions that IDENTIFY your authority to receive said health information.

Thank you!