Where should documentation of patient receipt of our Notice of Privacy Practices go? Does it have to go into a patients medical record?
HIPAA doesn’t state precisely where or how this documentation must be stored. However, it must be secure-if you have taken proper security measures in storing your patient records, it may be logical to store documentation of disclosures there as well. An example of how to comply with this requirement would be to include blank fields in your patient records where uses and disclosures can be recorded, and a box that can be checked once a Notice of Privacy Practices has been received and signed by the patient.
Related Questions
- If my office has a patients medical record and another doctor created certain parts of that record, does the Privacy Rule allow me to disclose the complete medical record?
- What are the requirements for a physician to distribute a Notice of Privacy Practices to patients and seek an acknowledgement that each patient has received a copy?
- How many times do we have to give a patient a copy of the Notice of Privacy Practices?