Cardiology Coding Alert

Reader Question:

Pose These Questions to Cut Down on Protected Health Information Exposure

Question: Do you have any advice to help us protect our patients’ health information, if they receive care from multiple departments in the hospital? We are really interested in learning the best way to protect this info if the patient receives care that he doesn’t want to become common knowledge.

Alaska Subscriber

Answer: Unfortunately, just because you flag a service that a patient doesn’t want disclosed to his health plan doesn’t mean that information couldn’t still get leaked or pop back up at any time, such as during follow-up care services. But you can plug these holes by asking certain questions to dig down into your organization’s information flow.

When a patient requests that you not disclose protected health information (PHI) to his insurer, make sure you can thoroughly honor this request by asking the following questions:

  • When the physician writes her plan for the patient, where in the record will the patient’s disclosure-re­striction request be identified?
  • How will the information travel to various departments?
  • Who will receive the information, and how will they receive it?
  • Are there checks and balances built into the system to identify that the information is traveling to the end user?
  • How can the patient be assured that the information will remain confidential?
  • If the patient’s disclosure-restriction request is breached, what systems will go into effect to assure that other patients’ information is not at similar risk?