What is HIPAA?
HIPAA is The Health Insurance Portability and Accountability Act of 1996.
HIPAA and PHI
Understanding HIPAA is an integral part of working in any medical setting. While HIPAA regulates virtually every aspect of the healthcare experience as a whole in America (health insurance coverage, paid/guaranteed leave, FMLA, etc.), the most relevant part of the Act for an interpreter or member of the public who frequently works with interpreters is the Privacy Rule.
According to the US Department of Health and Human Services, the Privacy Rule (also known as the Standards for Privacy of Individually Identifiable Health Information) sets national standards for the protection of health and patient information. The rule applies to anyone with access to Protected Health Information.
Protected Health Information (PHI) covers all details that could be used to identify a patient. In addition to the first name, last name, address, birth date, demographics, and social security number, PHI includes:
- An individual’s past, present, or future physical or mental health or condition
- Details about the provision of health care to the individual (appointment schedules, names of the patient’s providers, etc.)
- The past, present, or future payment for the provision of health care, including both paid and unpaid bills
So how does HIPAA affect a Medical Interpreter’s job on a daily basis?
The goal of the Privacy Rule is to protect patient information and confidentiality. To limit the risk of non-compliance, a medical interpreter should always avoid:
- Discussing patient details (PHI) with anyone other than the clinical staff directly involved with the patient. If the interpreter needs to disclose or discuss confidential information to one of these pre-approved individuals, the interpreter needs to be sure that there is no one else in the room and that the door is closed. All medical facilities are equipped with private spaces for this purpose.
- Using a patient’s full name in unprotected e-mails or public phone calls. Tip: If the Medical Interpreter is ever in doubt, we suggest using a patient’s initials or case number. The case number can be obtained from the Project Manager. Phone calls to the Project Manager or regarding patients are best made in private, but if that’s not possible, using patient initials is the next best course of action.
- Throwing away any paper that includes PHI (for example: work orders/contracts, as they contain the patient’s name). These documents should go into a secure, HIPAA compliant shredder. Furthermore, interpreters should destroy these documents in front of both the provider and patient at the end of each of their interpreting session.
If an interpreter has any questions about whether the information is protected under HIPAA or if the interpreter needs to report a significant detail and is not sure if it’s confidential, we recommend erring on the side of caution. The interpreter can speak with the clinician directly responsible for the patient’s case in a private room with a closed door. No information about any patient(s) should ever be discussed outside of their medical appointment. If an interpreter is concerned that he or she has accidentally violated HIPAA, they should contact their Interpreting Project Manager so the situation can be assessed to determine if any further actions are necessary.