Skip to main content
HHS
.gov
Health Information Privacy
Search
U.S. Department of Health & Human Services
Search
Close
A-Z Index
HIPAA for Individuals
Filing a Complaint
HIPAA for Professionals
Newsroom
Breadcrumb
HHS
>
HIPAA Home
>
For Professionals
>
FAQ
> Safeguards
Text Resize
A
A
A
Print
Share
Authorizations (30)
Business Associates (41)
Compliance Dates (2)
Covered Entities (14)
Decedents (9)
Disclosures for Law Enforcement Purposes (5)
Disclosures for Rule Enforcement (1)
Disclosures in Emergency Situations (2)
Disclosures Required by Law (6)
Disclosures to Family and Friends (28)
Disposal of Protected Health Information (6)
Facility Directories (7)
Family Medical History Information (3)
FERPA and HIPAA (10)
Group Health Plans (3)
Health Information Technology (41)
Incidental Uses and Disclosures (10)
Judicial and Administrative Proceedings (8)
Limited Data Set (6)
Marketing (18)
Marketing - Refill Reminders (16)
Mental Health (35)
Minimum Necessary (14)
Notice of Privacy Practice (20)
Personal Representatives and Minors (12)
Preemption of State Law (10)
Privacy Rule: General Topics (12)
Protected Health Information (2)
Public Health Uses and Disclosures (13)
Research Uses and Disclosures (20)
Right to Access and Research (58)
Right to an Accounting of Disclosures (8)
Right to File a Complaint (1)
Right to Request a Restriction (3)
Safeguards (13)
Security Rule (24)
Smaller Providers and Businesses (145)
Student Immunizations (8)
Telehealth (11)
Transition Provisions (3)
Treatment, Payment, and Health Care Operations Disclosures (30)
Workers Compensation Disclosures (5)
Safeguards
Does the HIPAA Privacy Rule require hospitals and doctors' offices to be retrofitted, to provide private rooms, and soundproof walls to avoid any possibility that a conversation is overheard?
May physician's offices or pharmacists leave messages for patients at their homes, either on an answering machine or with a family member, to remind them of appointments or to inform them that a prescription is ready? May providers continue to mail appointment or prescription refill reminders to patients' homes?
May physician's offices use patient sign-in sheets or call out the names of their patients in their waiting rooms?
Are physicians and doctor's offices prohibited from maintaining patient medical charts at bedside or outside of exam rooms, or from engaging in other customary practices where the potential exists for patient information to be incidentally disclosed to others?
A clinic customarily places patient charts in the plastic box outside an exam room. It does not want the record left unattended with the patient, and physicians want the record close by for fast review right before they walk into the exam room. Will the HIPAA Privacy Rule allow the clinic to continue this practice?
A hospital customarily displays patients' names next to the door of the hospital rooms that they occupy. Will the HIPAA Privacy Rule allow the hospital to continue this practice?
In limiting access, are covered entities required to completely restructure existing workflow systems, including redesigning office space and upgrading computer systems, in order to comply with the HIPAA Privacy Rule's minimum necessary requirements?
What do the HIPAA Privacy and Security Rules require of covered entities when they dispose of protected health information?
May a covered entity dispose of protected health information in dumpsters accessible by the public?
May a covered entity hire a business associate to dispose of protected health information?
May a covered entity reuse or dispose of computers or other electronic media that store electronic protected health information?
How should home health workers or other workforce members of a covered entity dispose of protected health information that they use off of the covered entity’s premises?
Does the HIPAA Privacy Rule require covered entities to keep patients’ medical records for any period of time?
Back to
T
op