Richard Hom as #Tips4EyeDocs – HIPAA and Sign-in Sheets
Doctors invariably use sign-in forms or computer tablets/terminals to identify patients for appointments or walk ins. Typically, the sign-in form may lie near the reception desk where the patient first engages the office. The question is how much liability to HIPAA violations do sign in sheets expose doctors.
According to CFR 45 CFR 164.502(a)(1)(iii), doctors “may use sign-in sheets or call out patients in waiting rooms, so long as the information disclosed is appropriately limited. Furthermore, HIPAA explicitly permits this, but it should not include any other information about the patient’s medical background.
Unfortunately, the opinions vary on what is potential medical information to be released. There is a possibility that the specialization of the doctor may already by too much information and may expose a doctor to a complaint for a breach.  For instance, if there is a space for “reason for visit”, this may exceed the minimum information necessary to identify a patient. The permitted entries are: date, name, arrival and appointment times who the appoint is with.
In summary, use a sign in sheet and call the patient from the reception area. However, limit what you say in public.
 N.a. “Code of Federal Regulations.” Gpo.gov. 7 Jun. 2016. Web. 15 Dec. 2017. <https://www.gpo.gov/fdsys/pkg/CFR-2003-title45-vol1/xml/CFR-2003-title45-vol1-sec164-502.xml>
 Ferran, T. “Are Patient Sign In Sheets HIPAA Compliant?.” Blog.securitymetrics.com. 14 Dec. 2017. Web. 15 Dec. 2017. <http://blog.securitymetrics.com/2014/08/sign-in-sheets.html>
 Touchstone Compliance. “What the HIPAA Privacy Rule Says about Patient Sign-In Sheets.” Touchstone Compliance. 7 Feb. 2015. Web. 15 Dec. 2017. <https://wwwhttps://www.gpo.gov/fdsys/pkg/CFR-2003-title45-vol1/xml/CFR-2003-title45-vol1-sec164-502.xml.touchstonecompliance.com/what-the-hipaa-privacy-rule-says-about-patient-sign-in-sheets/>