Discussing the patient's condition with someone not on the case

Discussing the patient's condition in the cafeteria using PHI

Discussing the patient's condition without the patient's consent

Discussing the patient's condition during one's break

Discussing the patient's condition using identifiable information

Sending the records via unsecured email

Sending the records via a secure, encrypted email

Handing the records to the patient to deliver

Posting the records on a public website

Discussing the records over the phone without verifying the recipient's identity

Leave the file open for easy access

Store the file in a locked cabinet when not in use

Place the file in a public area for convenience

Allow patients to access their own files without supervision

Share the file with other patients

Discussing the treatment plan with the spouse without consent

Discussing the treatment plan only with the patient

Discussing the treatment plan with the spouse if the patient is present

Discussing the treatment plan with the spouse if the patient has given written consent

Discussing the treatment plan with the spouse if the patient is unconscious

Access the record only if it is necessary for treatment

Access the record for personal interest

Share the record with friends

Post the record on social media

Leave the record open on a public computer

Ignore the mistake

Notify the patient and the HIPAA Privacy Officer immediately

Delete the email and hope no one notices

Send the information to the correct email address without addressing the mistake

Post the information on a secure website

Discuss the condition in a public hallway

Discuss the condition in a private, secure location

Discuss the condition with anyone who asks

Discuss the condition in a crowded elevator

Discuss the condition over an unsecured phone line