March 1, 2017

Taking Patient Pictures with Your Mobile Device

By msequeira

From the HSC Chief Compliance Office:

We have received a number of insightful and helpful comments from you since our last memo on taking patient photographs. To clarify the position of the Compliance and Privacy Office in regards to photography and patient care we provide the following updated guidance:

  • Photos with no patient identifiers such as the admission wrist bracelet, body art, or pictures of a patient's face are permissible. Identifying body parts should not be part of the photograph; photos that can identify the patient are considered PHI, and subject to HIPAA Privacy and Security Rule restrictions and obligations and are NOT permitted.
  • Photos should only be securely shared with those “need to know individuals” (email: should include the word *secure* in the subject line, confidential communications);
  • Photos should be deleted as soon as possible; and
  • Photos should only be taken by the attending physician or under his/her direct instruction.

This clarification is for an interim period. The Health System is moving as quickly as possible to implement an enterprise solution that will include a policy that protects our patients and staff while maintaining the highest quality of care to our patients.

If you have any questions or concerns, please feel free to reach out to Stuart or Sarah at or

Tags: Clinic, News Features