You have requested access to member-only content.

Breach notifications, granting access to providers, and disclosing pediatric patient information


by Mary D. Brandt, MBA, RHIA, CHE, CHPS

Q: Is it permissible to take pictures of patients for identification purposes as a part of the registration process? Do the patients need to sign a consent form before their picture can be taken?


A: It is permissible to take pictures of patients for identification purposes if the patient agrees to it. Since the Privacy Rule considers full-face photographs to be a patient identifier, it is a good practice to get the patient's written consent to take a photograph and file it with the patient's electronic record. The patient should be allowed to opt out of the photograph if he or she chooses.

Editor's note

Brandt is a healthcare consultant specializing in healthcare regulatory compliance and operations improvement. She is also an advisory board member for BOH. This information does not constitute legal advice. Consult legal counsel for answers to specific privacy and security questions. Opinions expressed are those of the author and do not represent HCPro or ACDIS. Email your HIPAA questions to Associate Editor Nicole Votta at

This is an excerpt from member-only content. Please log in or become a member.

Not a member? Join now!

Revenue Cycle Advisor is the key to your organization's Medicare regulatory news and education. It combines all of HCPro's Medicare regulatory and reimbursement resources into one handy and easy-to-access portal. News is not just repeated from other sources. It is analyzed by our Medicare experts so professionals can comprehend any new rule updates thoroughly.

For questions and support, please call customer service: 800-650-6787.