Texas Tech University Health Sciences Center
EMR Tip: Security Privacy Restriction within PowerChart

EMR Tip: Security Privacy Restriction within PowerChart

45 CFR 164.510 requires UMC to provide a patient with the right to request to be a privacy patient and restrict disclosure of his/her medical information from family members and/or close personal friends. In other words, UMC is required to have a process in place to allow patients to request UMC not to inform others of their presence at UMC and not to discuss his/her medical information in front of others.

In response to a HIPAA breach at UMC that was reported to the Office of Civil Rights, UMC has reviewed our process. The problem we found was the designation of whether or not a patient was a privacy patient, security patient, or had requested not to have their PHI discussed in front of others, was not readily or easily seen by employees. With the help of several people this has changed. Now the Privacy/Security/Restrict Comm designation elected by the patient will appear in the banner bar, on the patient’s armband, the patient’s labels, the patient list, and the patient access list.

The patient will complete the “Acknowledgement of Receipt of Notice of Privacy Practices and Confirmation of Various Opt-Outs” (Acknowledgement). If the patient choses to be a Privacy patient, to restrict their communications, or both, the following will occur:
  • Registration/admitting personnel will enter the patient’s election in IDX—this will cross over to Cerner. For direct admits that chose one of the various opt outs on the Acknowledgement, the nurse will contact the PPC. The PPC will enter the patient’s choice in IDX.
  • The process for how a patient requests to be a Privacy patient will not change; see PC-24, “No Information/Privacy” Status for Patients.
  • The process for how a patient requests to restrict having his/her medical information discussed in front of others has not changed, see PS-77.1, Requesting Restrictions of Communication of PHI to family and Close Personal Friends.
  • The process for how a patient is designated as a Security patient will not change; see PC-36.2, “Security” Status for Patients.
  • Registration/admitting personnel will scan the Acknowledgement into Onbase and send the Acknowledgement to HIM to be scanned into Cerner. The Acknowledgement may be found under consents.
Screen Shot 2016-08-02 at 12.58.37 PMScreen Shot 2016-08-02 at 12.58.45 PMScreen Shot 2016-08-02 at 12.59.04 PMScreen Shot 2016-08-02 at 12.59.16 PMScreen Shot 2016-08-02 at 1.00.01 PM