Page 6 of 9 

Protecting Health Information

How is protected health information (PHI) kept private and secure?

There are several things you can do to protect the privacy and security of protected health information (PHI). Follow these guidelines when working with PHI:

  • Use and give our only the minimum information needed
  • If in doubt about giving information, get patient authorization
  • Keep PHI secure

Let’s look at each guideline:

Guideline 1: Use only the minimum information needed to do your job.

When you use patient information, use only what you need to do your job. When others request PHI, give them only the information they need. Examples of using and giving the minimum information needed:

  • Service Providers. Give service providers only the information they need to provide their service. For example, a transportation service will only need appointment dates, times and locations.
  • Family members. If a family member, friend or other caregiver asks questions about the patient you may give information related to that person’s part in the patient’s care if you believe it will help the patient. Do not give information if the patient has asked you not to. Also, do not give information if you believe that giving the information would be inappropriate. For example, if the wife of a patient with memory problems calls to ask about her husband’s medication, you can give her that information.

What do you think?

Page 6 of 9