Cerbo EHR · Experience
Patient Identification & Consent for Cerbo
Identity verification scripts aligned with HIPAA for cash-pay and DPC practices.
Section 1
Identity verification is the first HIPAA control point
Before sharing any appointment details, lab information, or account information over the phone, HIPAA requires reasonable verification of the caller's identity. For cash-pay and DPC practices without insurance ID numbers, this typically means name, date of birth, and a secondary identifier.
AI handles verification in the first 30 seconds of every call — capturing identifiers and matching against Cerbo's patient list before any PHI is discussed.
Section 2
Consent capture for communication channels
HIPAA and applicable state laws require documented patient consent for SMS communication, call recording, and portal messaging. AI captures consent during the first call and logs it to Cerbo as a discrete field.
For DPC practices, membership agreement consent covers most communication channels — but AI still captures call-specific consent for recording when applicable.
- Identity verification: name + DOB + secondary identifier (address, last 4 SSN, membership number)
- SMS consent: explicit opt-in captured and logged to Cerbo
- Recording consent: applicable state laws followed, documented per encounter
- Third-party disclosure: AI flags calls from family members or caregivers for HIPAA authorization check
Ready to implement this for your Cerbo practice?
Book a demo and we'll walk through your specific Cerbo workflow — scheduling rules, Chart Parts templates, and after-hours coverage — and show you exactly how MedReception AI handles it.