How Baby Pictures Pose the Latest Threat to Healthcare Entities

KANSAS CITY, Mo., Sept. 16, 2014 /PRNewswire/ -- While physicians for decades have proudly displayed pictures of infants and children, a recent New York Times article outlined why you may no longer see these the next time you visit your pediatric or obstetric clinic. The main cause: a change in the Health Insurance Portability and Accountability Act (HIPAA).

"What has changed is an increased level of HIPAA enforcement at the state and federal levels," explained Mike Egan, Senior Vice President with Lockton Companies, a risk management advisor and insurance broker. "While it appears that no clinic or healthcare organization has been fined over the unauthorized posting of patient photos, the increased enforcement concern has led many healthcare providers to be far more cautious."

Even if parents submit the photos on their own accord, that does not protect the healthcare entity. The posting of a picture identifies or potentially identifies an individual. The posting in a medical office implies the provision of healthcare to the individual. As a result, a picture––as cute as it may be––posted in a physician's office is "individually identifiable health information" that may not be disclosed under the Privacy Rule without specific patient consent.

However, in his recent white paper, "What, No More Baby Pictures?", Egan discusses this issue and provides three tips for implementing a HIPAA-compliant process that can help healthcare entities restore their baby boards:

• Obtain Consent: A HIPAA compliant consent form should be completed by the parent or legal decision-maker. The form should specifically authorize consent to the picture being placed on the display board.
• Create a log: The consent will have an expiration date, so create a log to track when the picture was placed on the board, when items are due for removal, and when they are removed.
• Create a proper destruction process: Treat the pictures like protected health information. The same precautions should be taken with the picture destruction as with the destruction of any other PHI.

By developing a HIPAA-compliant process including the elements above, this can cover any healthcare entity that wishes to continue displaying baby pictures, as opposed to taking the most conservative risk avoidance approach  of removing all patient pictures from public display, as many cited in the Times article have done.

"Pictures tell a story, inspire, create warm feelings, and personalize the often impersonal world of healthcare," said Egan. "Parents send pictures because they are proud of their children and grateful to their providers. Providers post pictures because they are proud of their patients and their work. It's a good thing, with the proper privacy precautions."

The opinions expressed in this release are not intended as legal advice and should not be relied upon as such. You should consult an attorney before making any decisions on HIPAA compliance or any other compliance issues.

About Lockton
More than 5,300 professionals at Lockton provide 41,000 clients around the world with risk management, insurance, and employee benefits consulting services that improve their businesses. From its founding in 1966 in Kansas City, Missouri, Lockton has attracted entrepreneurial professionals who have driven its growth to become the largest privately held, independent insurance broker in the world and 10^th largest overall. Independent researcher Greenwich Associates has awarded Lockton its Service Excellence Award for risk management for large companies. For six consecutive years, Business Insurance magazine has recognized Lockton as a "Best Place to Work in Insurance." To see the latest insights from Lockton's experts, check Lockton Market Update.

Logo - http://photos.prnewswire.com/prnh/20090415/CG99351LOGO

SOURCE Lockton

WANT YOUR COMPANY'S NEWS FEATURED ON PRNEWSWIRE.COM?

440k+
Newsrooms &
Influencers

9k+
Digital Media
Outlets

270k+
Journalists
Opted In

GET STARTED