Healthcare Organizations Should Identify Every Person in the Facility
November 06, 2019
HIPAA Compliance has many aspects that are not readily apparent. Here’s a scenario that exemplifies the importance of knowing the identity of every person encountered within a healthcare facility:
Setting: Lauren and Max are nurses working nights on a medical-surgical unit in a large urban hospital. They have been on the floor responding to patient call lights and noticed an unidentified male who walked by them several times.
Lauren:Max? Did you notice that guy that just walked passed us?
Max:Which one? It's been kind of busy here tonight.
Lauren:The one in the khakis and blue shirt with the lab coat. He has been by several times. I don't recognize him as an employee or physician and I haven't seen him visiting before. I also did not see an ID badge on him. I don't think he works here.
Max:Maybe we should call Security and ask them to come up and speak with him.
Given the openness of hospitals, it is not difficult for individuals to gain access to almost any area unchallenged. Patients' families and visitors are a familiar sight in the corridors of a facility's patient care units and, in most cases, they have a valid reason for being there. However, where they are and what they may be able to see and hear should be monitored, especially if you have a celebrity for a patient. An individual's motives for being on the unit or in the halls might not be innocent.
Preventing Unauthorized Access Is Important
Take for example our scenario above: Lauren and Max are working and notice a male that neither of them recognizes as a visitor or staff member. They are rightly concerned about his presence and agree to call Security to speak with the person. This action may have averted unauthorized access to a patient or his or her protected health information.
Understand and Follow Policies and Procedures
Let your organization's policies and procedures be your guide when it comes to requesting to see the credentials of someone you do not recognize as staff, or when making polite inquiries if someone appears to be a visitor. If you are not comfortable approaching the individual, call your supervisor or a member of the Security Team for help.
Keeping patients and their information safe is everyone's responsibility, as is complying with all legal requirements about access, privacy, and safety.
Learn more about HCCS solutions for HIPAA Compliance Training.