Indiana Policyholders: Notice to policyholders recently affected by severe weather. 

Photo of a round secuirty camera hanging from a ceiling.

Security Cameras and HIPAA

What You Should Know

Security surveillance cameras are in many practices these days, offering patients and staff an added safety measure. But when it comes to healthcare, there are extra HIPAA considerations to be aware of if you opt to use these cameras.

Posted in Risk Management on Tuesday, October 12, 2021

Chances are, your practice has a security camera or two somewhere on the premises. When they're in public areas such as front and back entrances, they are generally accepted by patients and staff alike. Still, even these cameras should be accompanied by a highly visible notice that the areas are being monitored by video surveillance.

When using security cameras, it is vital that they don’t compromise patients’ protected health information (PHI). Keep in mind that PHI not only includes information in the clinical records, but also biometric identifiers such as voice prints and full-face photographic images.

Steps to Reduce Risk

Safe Camera Locations

To mitigate a HIPAA violation or allegation of a PHI breach, make sure that cameras are not installed in private areas such as exam rooms. You should also ensure that there is no possibility that the public could view any recorded footage or information.

Create Policies

Create a policy and procedure for your staff regarding the use of, management and disposal of the cameras/recordings. It also can be beneficial to identify:

  • Who will have access to the recordings
  • How long the recordings will be saved
  • Where the recordings will be saved
  • How the recordings will be disposed of (disposal must be consistent with disposing other PHI, if present)
  • How recordings will be released (if there is a request) in a manner that prevents the unintentional release of other PHI
  • How to prevent or minimize the potential for hacking
  • What encryption is used if video is stored electronically
  • When to obtain a business associate agreement If cameras will be monitored by a third party
  • The necessary HIPAA training for staff who has access to PHI in the recordings

Risk Versus Reward

Although security cameras must be used with caution to avoid compromising patient privacy, they likely are here for the long haul. As you put security measures in place at your practice, make sure PHI confidentiality remains a priority. 

Resources by Profession

Knowledge to keep you sharp

The articles, videos, webinars, tools and resources you need to do your job.

Managing Rising Costs and Coverage Changes Managing Rising Costs and Coverage Changes Article | Risk Management Costs are rising at home and at work. How can you manage the costs and benefits of your malpractice coverage? When Your Patient Wants to Leave Against Medical Advice (AMA) When Your Patient Wants to Leave Against Medical Advice (AMA) Article | Risk Management When a patient wants to leave against medical advice, what are your responsibilities? Informed Consent: More Than Just a Form Informed Consent: More Than Just a Form Article | Risk Management Informed consent is more than asking the patient to sign a form. The foundation of a good informed consent process begins with a discussion between th... Take a Take a "Time Out" for Verbal Acknowledgment Article | Risk Management A time out, usually associated with surgery, can be a tool used prior to any invasive procedure performed in any setting. Documentation is important ...

Read more articles

This website uses first party and third party cookies to improve your experience and anonymously track site visits. By visiting this website, you opt-in to the use of cookies. OK