HIPAA authentication requirements
The Joint Commission requires HIPAA-compliant authentication for every patient interaction. Lincare uses a HIPAA two-factor authentication process to identify each patient before accessing their account information. We will ask you to confirm your Protected Health Information (PHI) when interacting with you. Your PHI consists of identifiers specific to you, such as:
- First and last name
- Date of birth
- Account number
- Prescribed equipment and services
- At no time will a Lincare representative ask for your Social Security Number when verifying your identity over the phone
When receiving or making calls regarding your account, we will always ask you to verify two of the above identifiers to protect your privacy. The most common identifiers are your date of birth and address. HIPAA requirements state that we can only discuss your account details once we have confirmed your identity.
We are only allowed to speak with you or an authorized HIPAA contact about your account unless you provide a one-time verbal authorization. When you first partner with Lincare, we will share a disclosure and consent form with you. That allows you to designate an authorized HIPAA contact, such as a spouse or caregiver, to speak on your behalf and access your medical records.
Why are HIPAA authentication requirements so important?
Confirming that a patient's medical information matches their identity when delivering medical service is critical to protecting their privacy and safety. If healthcare providers fail to guarantee that the information matches the patient, it can lead to potentially life-threatening scenarios. These include errors in administering medication, incorrect lab results, patients receiving the wrong treatment, and incompatible blood transfusions. That is why all healthcare providers need to follow the HIPAA two-factor authentication process.