Welcome to the
St. Joseph's Family!

Everything You Need To Start Your Job

New Hire Onboarding

Corporate Compliance: Understanding Patient Privacy

HIPAA is the Health Insurance Portability and Accountability Act. The HIPAA Privacy Rule along with HITECH protects a patient’s right to privacy of health information.

Protected Health Information (PHI)is any information that could reveal the identity of, or link to, a patient. PHI can be written, spoken or electronic (e-PHI).

Examples of PHI:


•All geographic identifiers

•All elements of dates

•Telephone numbers

•Fax numbers

•Electronic mail (e-mail) addresses

•Social Security numbers

•Medical record numbers

•Health plan beneficiary numbers

•Account numbers

HIPAA states that a patient’s PHI may only be accessed or used on a need-to-know basis. You may only access or use PHI if you are engaged in one of three allowable purposes:

1.A patient’s medical treatment or care

2.Patient billing, coding, insurance, or finances

3.Hospital operations (e.g. transferring a patient from one unit to the next).

Accessing a patient record or PHI for any other use or reason is strictly prohibited

Click the download button below to review the HIPAA Policy.