2 answers
Ashley
Student
Redwood City, California
3
Questions
Asked
407 views
what is your method for keeping confidential information private as a medical administrative assistant?
I am interest on medical administrative assistant #medicaladministrativeassistant
Login to comment
2 answers
Fred Rosenberger
Data Analyst
392
Answers
St. Louis, MO
Updated
Fred’s Answer
I've not worked as a med admin asst., but I worked in IT at a healthcare company for over a decade. There are multiple methods used...
1) Software should restrict who has access to what. There is a principle of "least privilege". You should have permission to do everything needed for your job, but no more. If there is no reason for someone to see a SSN, then they should not have access to it
2) A log (also generally done by the software) should be kept of who accessed a patient record, and periodic audits should be made. If it is found someone is looking at patient records who shouldn't be, then disciplinary measures should be taken, up to and including termination.
3) periodic trainings should happen for all staff, reminding them of the need to keep confidential data confidential.
4) Office policies can help. We have a "clean desk" policy. When I go home at the end of the day, any confidential records have to be secured in a locked drawer or shredded if no longer needed.
5) Common sense. Don't discuss a celebrity's information (or really, anyone's) where it can be overheard. Don't post it to Facebook, even if you've sort of anonymized it. Don't tell your mom/spouse/kids what you saw.
1) Software should restrict who has access to what. There is a principle of "least privilege". You should have permission to do everything needed for your job, but no more. If there is no reason for someone to see a SSN, then they should not have access to it
2) A log (also generally done by the software) should be kept of who accessed a patient record, and periodic audits should be made. If it is found someone is looking at patient records who shouldn't be, then disciplinary measures should be taken, up to and including termination.
3) periodic trainings should happen for all staff, reminding them of the need to keep confidential data confidential.
4) Office policies can help. We have a "clean desk" policy. When I go home at the end of the day, any confidential records have to be secured in a locked drawer or shredded if no longer needed.
5) Common sense. Don't discuss a celebrity's information (or really, anyone's) where it can be overheard. Don't post it to Facebook, even if you've sort of anonymized it. Don't tell your mom/spouse/kids what you saw.
ANDI SANDEN
AZ2, US NAVY
47
Answers
Jacksonville, Florida
Updated
ANDI’s Answer
Make sure all efforts are made to keep information in the "need-to-know".
Make sure doors are closed, windows are shut, phone calls are private, etc.
Ensure that when speaking to patients in front of others, no personal information is made aloud.
Use every effort to discuss private information within an exam room or away from the lobby / wait room.
Limit use of patient names / identifying information on phone calls and release only absolutely pertinent information.
Give vague "call back" or "reminder" calls when not speaking directly with the patient themselves or with someone who is listed on the pateint's information release paperwork.
Do not release information regarding type of diagnosis, testing, or appointment over voicemail or to unauthorized persons.
In office, ensure that all computers are locked when doctors, nurses, necessary staff, are out of the room, and that all paper files / clipboards / charts are closed, flipped over, or in staff possession at all times. Patient data, no matter how "trivial", should never be exposed to those walking by a desk.
Do not disclose private information to anyone outside of your work center for any reason, and within the workcenter, do not discuss anything that is not pertinent and not behind a closed door, if at all possible. Ex, relaying test results verbally to the doctor as he approaches your desk, but the patient behind you happens to be the discussed patient's softball coach... you know never who knows who, so privacy is ALWAYS the best option.
Make sure doors are closed, windows are shut, phone calls are private, etc.
Ensure that when speaking to patients in front of others, no personal information is made aloud.
Use every effort to discuss private information within an exam room or away from the lobby / wait room.
Limit use of patient names / identifying information on phone calls and release only absolutely pertinent information.
Give vague "call back" or "reminder" calls when not speaking directly with the patient themselves or with someone who is listed on the pateint's information release paperwork.
Do not release information regarding type of diagnosis, testing, or appointment over voicemail or to unauthorized persons.
In office, ensure that all computers are locked when doctors, nurses, necessary staff, are out of the room, and that all paper files / clipboards / charts are closed, flipped over, or in staff possession at all times. Patient data, no matter how "trivial", should never be exposed to those walking by a desk.
Do not disclose private information to anyone outside of your work center for any reason, and within the workcenter, do not discuss anything that is not pertinent and not behind a closed door, if at all possible. Ex, relaying test results verbally to the doctor as he approaches your desk, but the patient behind you happens to be the discussed patient's softball coach... you know never who knows who, so privacy is ALWAYS the best option.