Before Recording, Protect Private Patient Information
November 2019
In our digital world, it seems as though we are inundated with video recordings at every turn. Our every move is being observed, whether via our smartphones, our doorbells or even satellites miles above the earth. But what does this mean for the dental office?
Surveillance cameras in dental offices are becoming more and more common. The driving force behind them is typically security, as cameras can aid in loss control, deter theft and discourage other criminal activity.
But cameras are not without their drawbacks. Prior to hitting the record button, practice owners should be aware of the laws and regulations surrounding their use. While laws vary from state to state, some basic guidelines include the following:
- Only record video, not audio. Many states, including California, have strict laws against eavesdropping.
- Do not place cameras in areas where there is a reasonable expectation of privacy, such as restrooms or changing rooms.
- Inform all employees, in writing, that cameras are in use. You do not need their permission, but you do need a signed acknowledgment, which should be kept in their employee file.
- Inform patients that cameras are in use. If used in the reception area, this can be done with a simple sign. If used in operatories, have patients sign an acknowledgment and release form.
- Have a consistent policy in place on how recordings may be used and how long to keep them.
Most important, dental practice owners should consider HIPAA and privacy rules when installing cameras. Ensure that cameras are not able to capture a computer screen with a patient’s private information. Patients can often feel uncomfortable being recorded, so be prepared to turn off the camera if requested to do so. Be sure to document this in the patient’s chart.
If using cameras, it is also crucial for practice owners to consider who has access to the recordings. This is true for recordings taken both inside and outside of the practice. If an exterior camera captures a patient entering the office, that alone is considered private health information and must be protected.
In one case reported to The Dentists Insurance Company’s Risk Management Advice Line, a patient backed into a parked car in the parking lot after leaving her appointment. She drove off without leaving a note, as required in California, which is a misdemeanor hit-and-run. Because the dental office’s windows faced the parking lot, the car’s owner came into the office and inquired if they witnessed who had hit his car.
Upon reviewing the surveillance footage, the dentist saw that the incident occurred and confirmed that it involved one of his patients. The owner of the damaged vehicle requested to view the footage and asked for the patient’s contact number. The dentist called the Advice Line seeking guidance on how to handle the situation.
The Risk Management analyst reminded the dentist of his obligation to report the incident to law enforcement. She also advised that he should reach out to the patient, inform her of the footage and suggest that she contact the damaged vehicle’s owner. Additionally, he was advised to let the patient know that should law enforcement ask to view the footage, he must comply.
“In an effort to protect privacy, it is not a good idea to universally allow someone to view footage when asked. There are precautions to consider, such as other patients who may be visible in the footage or staff who may not have consented to release footage containing their images,” said Risk Management analyst Trina Cervantes.
In another case reported to the Advice Line, an 8-year-old autistic patient was seen for fillings. The dentist used a papoose board to stabilize the child. The child’s mother was not in the operatory during treatment. The patient became uncooperative and the assistant began to tap the patient’s head, a successful technique they had used in the past to calm autistic patients.
The dentist was able to complete the treatment. Upon dismissing the patient to his mother, she explained to her that though the child was uncooperative, they were able to complete the scheduled treatment. A few hours later, the patient’s father showed up to the office with pictures of his child on his cell phone, furious because the child had a bruise under his eye. He noticed that the office had a surveillance camera. The father demanded to see the footage. The dentist allowed him to view it. He became even more upset when he saw that the assistant was tapping his child’s head and felt that this may have contributed to the child’s anxiety levels increasing. He expressed that the office should be familiar with and have the skills to manage autistic patients appropriately. He told the dentist that she would be hearing from his attorney and stormed out of the office.
The dentist called the Advice Line to ask whether she was required to turn over the footage to the patient’s father. The analyst advised the dentist that the video is part of the patient record; therefore, she must ensure that it does not include information pertaining to other patients or staff.
Similarly, there are situations that patients may request to record treatment. TDIC advises against allowing patients to record treatment as other patients or employees could inadvertently be recorded without consent.
“A video of a patient undergoing an exam or treatment is considered protected health information under HIPAA, and under the law it must be treated as such,” Cervantes said.
Video surveillance can be a proactive way for practice owners to protect their patients and themselves. They can also pose unexpected risks if used without caution. By following a few basic guidelines, it is possible to benefit from video cameras while at the same time keeping the private health information of patients and employees just that — private.
3872