Problem solve Get help with specific problems with your technologies, process and projects.

Is it against HIPAA regulations to print SSNs on an insurance card?

HIPPA regulations madate that patient data be kept secure, but how does that apply to Social Security numbers? Security management expert Mike Rothman gives advice.

Is it against HIPAA regulations to print a patient's Social Security number (SSN) on a prescription card and or insurance card?
The use of Social Security numbers is a gray area of HIPAA, as well as with the majority of all the other regulations. Without digging into the hundreds of pages of the HIPAA legislation, a lot of it depends on what practices are disclosed to the client in the "Notice of Privacy Practices" document the patient signs. It will also depend on how the Social Security number is used. For example, printing the SSN on a bill that is mailed directly to the patient is usually acceptable. Printing it on a card, which presumably will be used and shown to other parties, isn't.

As opposed to focusing on the audit and specifically on whether something is compliant, I tend to favor using a good dose of common sense. For better or worse, the SSN is a major piece of data used to perpetrate identity theft. Thus, even though it may not be specifically against the regulation, it doesn't make a lot of business sense to use the SSN in that context. Using Social Security numbers indicates a general disdain for patient privacy, one that may result in customers or patients taking their business elsewhere.

More information:

This was last published in March 2008

Dig Deeper on HIPAA

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.