Ohio Administrative Code
Title 3364 - University of Toledo
Chapter 3364-90 - Guidelines for Protected Health Information
Section 3364-90-08 - Patient directory

Universal Citation: OH Admin Code 3364-90-08

Current through all regulations passed and filed through September 16, 2024

(A) Policy statement

The university of Toledo maintains a patient directory using protected health information "PHI" to facilitate locating patients for family, friends, and the clergy, provided the patient was given the opportunity to prohibit or restrict use or disclosure of directory information.

(B) Purpose of policy

In accordance with the health information portability and accountability act "HIPAA,"45 C.F.R. 164.510 A(a), patients must be informed of the PHI that will be included in the hospital directory and provide for an opportunity to restrict the use and disclosure of this information.

(C) Procedure

(1) The following PHI may be included in the hospital directory:
(a) Individual's name.

(b) Individual's location in the facility

(c) Individual's condition described in general terms that does not communicate specific medical information about the individual.

(d) Individual's religious affiliation.

(2) Individuals have the right to prohibit or restrict the use or disclosure of directory information. The individual must be informed of the PHI that may be included in the hospital directory and the person(s) to whom the hospital may disclose the information, including disclosure to clergy of information regarding religious affiliation. The individual must be provided with the opportunity to restrict or prohibit some or all of the uses or disclosures as stipulated in request for restriction of health information (3364-100-90-03).

The decision to prohibit some or all of the uses or disclosures will be entered into the star system. The information desk, operators, nursing units and the marketing department will be provided a printout of the updated directory report. The patient's medical record will reflect the patient's request for restrictions.

(3) Levels of privacy

The university of Toledo medical center has implemented three levels of privacy. The patient has the right to request the level of privacy and it can be changed at any time during their stay. In emergency situations if there is no one to speak on behalf of the patient, the patient should automatically be listed as a level four.

If the patient has not designated a level of privacy or it is not an emergency situation the patient should be considered a level one.

(a) Level one

When a person asked for a patient by name the directory information may be disclosed, except for religious affiliation.

Religious affiliation may only be disclosed to members of the clergy.

(b) Level two

When a person asks for a patient by name no information may be disclosed except that the patient is currently a patient of the institution.

(c) Level three

When a person asked for a patient by name we must state: "We have no current information on this patient in our system". No information may be disclosed. Only those individuals the patient has specifically designated and provided with a code will be provided information. The code will be provided by a staff member. Codes also will be provided to patients at their request when it is necessary to protect the privacy of the patient.

(4) Patients can obtain a code at pre-registration to provide to those who the patient would like to have access to the information about their healthcare.

(5) Emergency

If the opportunity to object to uses or disclosures required cannot practically be provided because of the individual's incapacity or an emergency treatment circumstance, the regulations permit use or disclosure of some or all of the PHI from the hospital, if such disclosure is:

(a) Consistent with a prior expressed preference of the individual, if any, that is known to the hospital.

(b) In the best interest of the individual as determined by the hospital, in the exercise of professional judgment.

(c) Registration will follow up with emergent admits to provide the individual with the opportunity to object to uses or disclosures for directory purposes.

(6) Kobacker

Information regarding a patient in kobacker will not be released to anyone. The patient's custodial parent or guardian must provide a visitation list of those who can receive communication regarding the patient. The parents also may choose to use a code when calling to discuss the child's condition with the clinical staff. Information will only be released with a signed release statement.

Disclaimer: These regulations may not be the most recent version. Ohio may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.