In health care, safeguarding Protected Health Information (PHI) is not just a regulatory requirement, but also an ethical commitment essential to delivering quality health care. Unauthorized disclosures of PHI may lead to serious consequences, both for the patients and health care providers, under the Health Insurance Portability and Accountability Act (HIPAA).
Incorporating these practices into your daily routine ensures that you are doing your part to safeguard the privacy of patients at UT Health San Antonio.
- Paper Records: Always pause before handing a document containing PHI to a patient. Verify that it is going to the correct patient by confirming their name and date of birth.
- Fax: Prior to sending PHI via fax, confirm the accuracy of the recipient’s fax number. Include a cover sheet with a confidentiality disclaimer and only include the minimum necessary PHI.
Email: Before sending an email containing PHI, double-check the recipient’s email address. Only include the minimum necessary PHI and use “++” in the subject line to encrypt the email, especially if the recipient is external.- Mail: Before mailing a document with PHI, ensure the patient’s mailing address on the envelope is accurate. Double-check that the document belongs to the patient before sending it.
For more information, visit IHOP 11.1.15: Safeguards for Protected Health Information.
For questions or concerns related to privacy matters, contact the Institutional Compliance and Privacy Office at compliance@uthscsa.edu or 210-567-2014. The anonymous compliance hotline may also be reached at http://uthscsa.edu/ReportNow or by calling 877-507-7317.
To open and print out a PDF version of the article, click here.