Information

  • Campus

  • Building/Room number

  • Site

  • Manager/Supervisor

  • Conducted on

  • Prepared by

  • Personnel assisting inspection

Disposal and retention of protected health information.

  • Document containing are shredded prior to disposal or they are placed an appropriate disposal containers?

  • Regular trash cans are free of paper, labels, and any items that contain PHI

  • Are any computer screens visible from individuals not employed by the clinical lab ?

  • Documents with PHI are secured in close files or turn face down on work surfaces?

  • Patient information cannot be overheard in public areas hallways core doors or elevators or within earshot of visitors?

Clinical Areas

  • Are patients called to the room using appropriate procedures?

  • Do providers and/or staff discuss patient information in or near clinical areas where other patients can overhear?

  • Are telephone calls made to other providers, labs, pharmacies, hospitals, managed care administrators, or case managers in which patient information is discussed and other patients can overhear?

  • Are telephones used in exam rooms?

  • Are lab specimen logs kept covered to prevent PHI from being visible?

  • Are patients escorted from the waiting room to draw area?

  • Are orders given to patients privately or in a low voice as to not be overheard during their check out process?

  • Is any PHI visible in the clinical workstations while unattended?

  • Are PHI shred bins emptied and not overfilled?

  • Are passwords of any kind visible in the clinical workstations?

Front Office and Business Office

  • Is the fax machine located in a secure place?

  • Are there any security passwords visible?

Medical Records

  • Are all staff members allowed access to the medical records?

  • Are medical records (requisitions, reports, etc) transferred between locations?

  • Is the patients written authorization received before release of PHI?

  • Are authorizations filed in the patients medical record?

  • Does the practice have a staff member who is trained to answer patient questions about their records?

Methods of Conveying PHI

  • Are medical records sent to specialists or other providers the patient is being referred to properly?

  • Are test results and other information be given to patients over the telephone?

All Areas

  • Are computer monitors positioned away from public areas to avoid observation by visitors or patients?

  • Does staff protect their ID and passwords and never share them?

  • Are paper records stored behind locked rooms when not staffed?

  • No screens on unattended computers turned to the log-on screen or have a password enabled screen protector?

  • Confidential patient information is not left on an unsecured printer, photocopier, or fax machine unless these devices are in a secure area.

Personnel Policies

  • Does the practice have HIPAA privacy policies written and incorporated in the employee handbook?

  • Are the privacy policies and procedures up to date?

  • Do new employees receive privacy training as part of their orientation?

  • Has all existing staff undergone Privacy Training?

  • Is employee training documented?

Signatures

  • Add signature

The templates available in our Public Library have been created by our customers and employees to help get you started using SafetyCulture's solutions. The templates are intended to be used as hypothetical examples only and should not be used as a substitute for professional advice. You should seek your own professional advice to determine if the use of a template is permissible in your workplace or jurisdiction. You should independently determine whether the template is suitable for your circumstances.