Securely Handling Protected Health Information (PHI)
Your organization’s processes for handling PHI should be based on implementation of best practices, and it should depend on your local assessment of the threats, vulnerabilities, and risk exposure of your location and other factors. Following are descriptions of the many pieces of the physical system you need to consider in this assessment.
First, you should consider whether visitors or patients can view the screens used to display patient information for scheduling, billing/insurance, or electronic medical record (EMR) data. Upon entering the physician’s reception area, you often find the receptionist is behind a wall with a sliding window, with the computer placed in such a way ...