Understanding HIPAA Identity Verification Requirements

hipaa identity verification requirements

In most situations, the patient has sole access to their medical records. Your records might even specify a few individuals with permission to access those records. However, some circumstances require that you grant an unlisted person access.

 In such cases, you should apply HIPAA identity verification requirements before providing an unknown party access. HIPAA in medical billing especially requires careful handling as billing formation contains both medical and sensitive financial information. PracticeForces details how to use the verification requirements below.

What the Privacy Rule Says

The HIPAA Privacy Rule states that you must verify a person or organization’s identity and authority before allowing them to access a patient’s information. Some entities beyond the individual’s close circle may require access, often for legal or employment purposes.

  •  Examples of such entities include:
  • Governmental agencies
  • Employers
  • Legal representatives, such as an attorney
  • Power of attorney or guardian

Who Else Can Request a Patient’s Information?

Typically, a patient will make you aware of any parties who have permission to access their information. These parties typically include immediate family members, spouses, or friends. Under some circumstances, the patient needs access but cannot be physically present to receive to do so.

As covered entities, medical practices can ensure HIPAA compliance by requesting and receiving certain pieces of information or proof of identity before relinquishing access.

Identity Verification

You can perform identity verification through the following means:

  • Email: Using a HIPAA-compliant email server, the requesting party communicates with your practice and provides necessary documentation.
  • Phone call: Via phone call, the requesting party converses with your practice and provides information such as first and last name, social security number, and birth date.
  • Face-to-face interaction: The requesting party visits your practice through an in-person representative. This representative brings all necessary documents.
  • Fax: The requesting party uses official government letterhead to fax documents that confirm the party’s identification.

Document Verification

HIPAA identity verification requirements list the following items as acceptable forms of authorized proof:

  • Proof of government status
  • Photo ID
  • A phone number for further contact
  • Social security number or card
  • Birth certificate

If a patient requests their information over the phone or by email, they should provide their birth date, current physical address, emergency contact information, and the last four numbers of their social security identification.

When Is HIPAA Identity Verification Not Necessary?

Verification is unnecessary when:

  • The patient requests information in person
  • Spouses, family, and friends identified by the patient as able to access
  • Staff members involved with the patient’s medical treatment
  • Any requesting parties asking in the presence of the patient and engaged in the conversation

The U.S. Department of Health and Human Services offers more information about HIPAA compliance for small practices.

Keep Up with HIPAA Identity Verification Requirements with PracticeForces

Stay on top of HIPAA identity verification requirements and breach notification rule requirements with solutions from PracticeForces. Our services extend beyond the average billing solutions. We can also assist you in staying HIPAA-compliant in all areas. Call 727-291-9217 with any service inquiries.

Parul Garg, CEO and co-founder of PracticeForces, has significantly contributed to the growth of over 1,000 U.S. medical practices through her expertise in medical billing and coding since the company’s inception in 2003. With a background in Computer Science and an MBA in Human Resources, her leadership and AAPC-certified coding skills have been pivotal in managing the company’s operations effectively.

Related Posts

11 Key Trends and Insights in Healthcare Billing

In today’s healthcare landscape, efficient billing processes are crucial for financial stability and patient care. Healthcare billing ensures providers receive timely reimbursement for services rendered,

3 Key Tips to Enhance Revenue Cycle Efficiency

Revenue Cycle Management (RCM) is a cornerstone for financial stability and operational efficiency within healthcare organizations in today’s healthcare landscape. At its core, RCM encompasses


Do you want to streamline your reimbursements?

Subscribe for actionable tips and insights to grow your medical practice >

Call Now Button