Skip to table of contents

Skip to main content

5.1.4 - Contacting Patient by Phone or Electronic Devices Policy

Updated: 10/26/2023

The University of Oklahoma College of Dentistry will take all necessary steps to protect and safeguard patients’ Protected Health information (PHI). This policy is intended to provide direction to the College of Dentistry (COD) faculty, staff and students in regard to the protection of PHI when communicating by phone and/or other electronic devices.

   A.     For Appointment Confirmation – 

  1. Speaking Directly to Patient – You may provide detailed information about the appointment; i.e. time, place, provider and procedure.
  2. Leaving a Message – Identify only that you are calling from the COD and provide a return number for confirmation. DO NOT leave detailed information about the appointment. 
  3. Confirmation VIA Text or E-Mail – The patient must have a signed Consent for Electronic (text, e-mail) Communication in the electronic health record (EHR) before this method of contact can be used.

   B.     Obtain or Review Health/Dental Histories – 

It is the University’s policy that faculty, staff, and students shall not review documents containing PHI from the COD’s premises for their own convenience. Printing portions of the PHI is acceptable only if the documents containing PHI are stored or filed in such a way as to avoid access by unauthorized persons and do not leave the COD. Photographs of any portion of the patient’s record are prohibited.

  1. Faculty, Staff, and Students Reviewing Health Histories VIA Phone – Telephone conversations must be conducted away from public areas if possible and voices should be quiet. Speakerphones may not be used. Ideally, conversations should take place during regular business hours. The information collected must be directly entered into the EHR (axiUm) and not recorded on paper or any portable computer devices; i.e. Word, Notes. If it is necessary to contact a patient after business hours and off campus, then only questions about the patient’s health that could be a consideration for treatment can be asked; i.e. have you had a heart attack or stroke in the last six months, have you had any surgeries, been diagnosed with a disease or condition that may require special needs, etc.
  2. PHI via E-mail – Transmitting PHI via e-mail outside the University email address system for treatment, payment, or health care operations is prohibited unless the message is encrypted between sender and recipient in a manner that complies with HIPAA and the Emailing and Transmitting PHI policy or the patient has signed the Consent for Electronic Communication. Secure options include e-mailing through a secure patient portal or by typing [secure] in the subject line before the subject. Sending e-mails that contain PHI for treatment, payment, or health care operations between ouhsc.edu/ou.edu and oumedicine.com/ouhealth.com e-mail addresses is secure and acceptable as long as the recipient is authorized to receive the PHI. 

Return to top