HIPAA and Big Computer Screens
February 8, 2009
Houston medical practice consultant Reed Tinsley recently asked on his blog: “Do big screens mounted in an operating room (OR) or emergency room (ER) displaying patient data violate the HIPAA security rule regarding work-station use and security standards?”
In his blog post, Tinsley notes that so many unauthorized people can view patient data as they walk by these screens. However, on the other hand, they are crucial for treatment purposes.
Tinsley suggest that, where feasible, hospitals should angle the screens to allow use by the clinician while minimizing incidental disclosure. For example, an OR is generally a more closed environment. Few individuals other than clinical staff members performing an operation are present to see the screen.
If there is a window that allows passersby to see into the OR, Tinsley suggests repositioning equipment as necessary and angle the screen away from the window. It is more difficult to avoid incidental disclosure when using the screens in an ER. The screens represent a valuable tool in patient care.
Where feasible, Tinsley suggests angling the screens so clinicians can view them while minimizing the exposure of PHI to unauthorized individuals (e.g., family members accompanying patients in the ER). Tinsley notes that while the screens do represent a form of workstation, the privacy rule merely states that covered entities must minimize incidental disclosures.
Tinsley concludes covered entities may use the screens in the ER despite the risk of incidental disclosures, but only as long as they make every effort to avoid incidental disclosures (e.g., using them only when necessary and positioning them in a way that minimizes incidental disclosures).
Further, Tinsley advises that password-protect the hardware that controls the screens be kept locked when unattended. Shut down all PHI displays on the screens unneeded by clinicians. This helps to minimize incidental disclosures by only displaying PHI when necessary for patient care.
Have any readers encountered this issue in their practice?
Comments
Jump down to form below to submit your own comments
One Response to “HIPAA and Big Computer Screens”
Reed Tinsley is certainly an expert I recommend that physicians follow for practice management advice that will reduce costs and boost profits. Check out his blog at: http://blogs.rtacpa.com