1. Keep patient information on a sign-in sheet limited to only necessary information such as the patient name, date, and time of arrival. A patient’s reason for visit, or insurance information should never be included on a sign-in sheet. To improve patient privacy, it is also a good idea to cover the names of patients that have signed in. You may also blackout patient’s names with a marker after they have been seen by the provider.
2. When verifying sensitive information with a patient, such as their insurance information, do so discreetly. You can simply ask them to provide their insurance card, or turn your computer monitor so that they can confirm the information on the screen.
3. Implement automatic logoff procedures on computers containing, or with the potential to access, electronic PHI. This way, after a predetermined period of activity, computers will automatically lock, requiring a password to gain access. Reception area computers should never be left visible to patients, so monitors should also be turned to prevent them from unauthorized view.