Employee Access to Protected Health Information
Permitted Access to PHI:
Access to patient records is limited to authorized business purposes only. This means that access must be work-related and limited to the following purposes:
- Treatment
- Education
- Research (IRB approved)
- Health Care Operations (e.g., audit, compliance, quality)
Prohibited Access to PHI:
Accessing patient records outside of the above reasons is not permitted and will be considered a violation of patient privacy and of UNC Health privacy policies. Typical examples of accessing patient records for non-business reasons or personal reasons includes accessing records of:
- Family members and friends
- Co-workers
- Celebrities, athletes, public figures, or other VIPs
Using MyUNC Chart to Access your own Record and Those of Friends and Family:
MyUNC Chart offers patients secure online access to their medical records and lab test results. Employees who are involved in the care of a family member or friend are encouraged to have that family member/friend request MyUNC Chart proxy access for the employee. Proxy access allows authorized individuals to log into their own personal MyUNC Chart account and securely connect to information regarding their family member or friend. (Proxy access can be requested through the patient’s MyUNC Chart account settings, under preferences.)