For a better experience, click the Compatibility Mode icon above to turn off Compatibility Mode, which is only for viewing older websites.

Identification of Patient or Authorized Patient Representative Requesting Information over the Phone

Drexel University Clinical Covered Entities
Privacy Program Policies and Procedures

Policy Title: Identification of Patient or Authorized Patient Representative Requesting Information Over the Phone
Policy Number: IM-17
Effective Date: April 14, 2003; September 23, 2013
Last Revision: September 1, 2017
Responsible Officer: Vice President, Chief Compliance, Privacy and Internal Audit Officer

Table of Contents

Applicability

This policy applies to all Covered Entities within Drexel University.

Covered entities are defined in the HIPAA rules as (1) health plans, (2) health care clearinghouses, and (3) health care providers who electronically transmit any health information in connection with transactions for which HHS has adopted standards.

I. Policy

Drexel University (DU) requires that the identity of an individual on the phone be verified before patient information is disclosed. The patient or authorized representative should verify two (2) items of personal private information from patient demographics prior to disclosing patient information.

II. Purpose

This Policy provides for the security of patient information and protects against disclosure of information to an unauthorized caller.

III. Procedure

  1. All individuals not known to the office as members of the patient care team requesting patient information must verify their identity.
  2. Patients (or authorized representatives) will be asked to verify two (2) items of personal private information correctly before a disclosure of information is made over the phone.
    • Home phone number of patient, last 4 numbers of social security number, birth date, etc.
  3. Verification is not required in an emergency situation when negative health consequences would arise from refusal to assist the caller.

 Back to Top