Introduction
Purpose
It is the policy of the UNC Adams School of Dentistry (“ASOD”) to verify the identity and/or authority of the individual presenting for treatment and/or requesting disclosure of Protected Health Information (“PHI”) if the identity of the patient or authority of such person is not personally known and recognized by the ASOD workforce member.
Scope of Applicability
This policy applies to all ASOD Workforce Members.
Definitions
Individually Identifiable Health Information: Information that is a subset of health information, including demographic information collected from an individual, and:
- Is created or received by a health care provider, health plan, employer, or health care clearinghouse;
- Relates to the past, present, or future physical or mental health or condition of an individual; the provision of health care to an individual; or the past, present, or future payment for the provision of health care to the individual; and
- That identifies the individual; or
- With respect to which there is a reasonable basis to believe the information can be used to identify the individual.
Protected Health Information (“PHI”): Individually Identifiable Health Information in any form or medium (paper, electronic, oral) that is created, transmitted, maintained, or stored by the ASOD or a business associate and related to past, present, or future health of an individual, the provision of health care, or the payment for health care linked to a patient.
Personal Representative: A Personal Representative of a patient is a person who has the right to make decisions related to the exercise of the patient’s privacy rights as though they were the patient. Generally, a person qualifies as a Personal Representative if they have the right to make medical decisions for the patient (e.g., have healthcare power of attorney, is guardian, a parent of an un-emancipated minor, are executive of estate of a deceased patient, have documented authorization from the patient to discuss PHI).
Legal Guardian: A person that has been granted legal guardianship and documentation has been provided with court documentation that authorizes this person as the Legal Guardian.
ASOD Workforce Member: ASOD faculty, staff, students, trainees, interns and volunteers whether they are full-time, part-time, paid or unpaid, whose conduct, in the performance of work for ASOD, is subject to the control of ASOD.
Policy Statement
If the identity of a patient, Personal Representative, or Legal Guardian presenting for treatment or requesting the disclosure of PHI is not personally known and recognized by the ASOD Workforce Member, prior to modifying information in the patient’s electronic health and/or dental record or disclosing PHI, the ASOD workforce member must verify the identity of the patient (or authority of the individual if the individual is a Personal Representative or Legal Guardian of a patient).
Procedure
The identity of the individual must be verified by asking the individual to confirm his or her first name, last name, date of birth, and at least one of the following identifiers, including:
- Patient’s mailing address with city and zip code;
- Patient’s Medical Record Number;
- Patient’s phone number; or
- Last four digits of patient’s social security number (SSN should be the last method of patient identification).
ASOD Workforce Members may also request to view, but not copy or store, the individual’s driver’s license, health insurance card or other government issued identification to verify the identification of the patient.
If the request is received through a phone call, verbal authorization from a patient, Personal Representative, or Legal Guardian is only valid for that conversation. If the caller is not able to provide the correct verifying information, or it is determined that the caller is not an authorized person to receive PHI, then no PHI will be released to the caller.
Contact Information