Do not talk about the patients you register, look at the files of patients you did not register, or leave your computer unattended with a patient’s registration file open. These are just some of the major rules that patient access representatives must follow to remain HIPAA-compliant and protect patients’ privacy.

“Your front desk staff touch with HIPAA at all different levels,” says Lisa Simmons, CHAM, manager of patient access at West Virginia University Hospitals, Inc., in Morgantown. “Obviously, the first part is the patient confidentiality part. The next part that they struggle with, that we have to spend a lot of time educating them on, is understanding when you can share information in the context of your job.”