Finish your 2025 Security Risk Analysis, HIPAA/OSHA training, and policy updates — and lock in year-end pricing for 2026 readiness when you start implementation before Dec 31.

Sign-in Sheets

Sign-in Sheets

Q. Do patient sign-in sheets violate the HIPAA Privacy Rule? If they do not, does a recommended format exist?

A. Covered entities are responsible for limiting incidental disclosures. Using a patient sign-in sheet is allowed but can be perceived as not taking the necessary steps to limit incidental disclosure and a violation of the HIPAA Privacy Rule.

If you use a sign-in sheet, the information on the sheet should be kept to a minimum.

No preferred format exists, however, covered entities that use a sign-in sheet should very strictly limit the PHI to the following:

  • the patient's name;
  • the provider being seen;
  • the arrival time; and
  • the appointment time.