For HIPAA compliance purposes, in a process HIPAA calls de-identification, applying teams are required remove all patient identifying information before submitting an application. Identifying information for patients, relatives, and household members includes, but is not limited to the following:
- Names
- Geographic subdivisions smaller than a state (city, school, mailing address, etc)
- Telephone and Fax numbers
- Email addresses
- All birth dates, death dates, admission dates, and discharge dates. The year should remain unredacted.
- Full face photographs
- Social security numbers
- Medical record numbers
- Account numbers
- Any other unique numbers, codes, or characteristics that can be linked to an individual
Applications containing any patient identifying information will not be reviewed and will be returned for redactions. If an application is returned a second time, an additional US$125.00 fee will be due upon resubmission.
