Submit your HIPAA questions to Editor Jaclyn Fitzgerald at firstname.lastname@example.org  and we will work with our experts to provide the information you need.
Q: You are reviewing a computer-generated insurance claim before it is sent to the insurance carrier, and you notice the patient’s name on the claim—it’s an old friend of yours. You quickly read the claim for the diagnosis. Is this a breach of confidentiality?
A: Yes, it is, unless you need to know that information to do your job. HIPAA requires us to access only the minimum we need to know to do our jobs. If you don’t need to know your friend’s diagnosis, you shouldn’t look at it.
If you do see it, remember that you may never share with anyone, including your friend, what you have seen. This knowledge can be a heavy burden, but it is our ethical and legal obligation not to share any information we obtain in the course of doing our work in healthcare.
Editor’s note: Chris Simons, MS, RHIA, director of health information and privacy officer at Cheshire Medical Center/Dartmouth-Hitchcock in Keene, New Hampshire, answered this question for HCPro’s Medical Records Briefing.  This information does not constitute legal advice. Consult legal counsel for answers to specific privacy and security questions.