With Proper Care and Planning, Compliance Becomes Less Complicated
Achieving compliance with mandates like the Health Insurance Portability Accountability Act (HIPAA) and HITECH is just the beginning. But, if you are vigilant, it is attainable and manageable. Think of compliance as an ongoing process that is integral to everything from new-hire training to high-level IT decision making.
Many healthcare providers mistakenly operate under the assumption that because they meet HIPAA privacy and security rules, they are in the clear. HIPAA is currently complaint-driven; just because you haven’t had a grievance filed against you doesn’t mean you are in compliance.
Instead, be proactive! Consider this list of questions to determine if your organization is as compliant as it could be:
- Is employee computer access limited by job description?
- Are information system security and privacy tools, such as password changes and login timeouts, fully utilized?
- Do all new hires receive HIPAA training? Is it documented?
- Are all providers with access to protected health information required to sign a confidentiality agreement that includes individual accountability?
- Do you maintain and review audit trails of patient record access?
- Have your HIPAA policies and procedures been reviewed, and has compliance with them been monitored?
- Is verbal proof of identity required from callers before protected information is provided?
- Do you have a program to spot the warning signs of identity theft (FTC’s Red Flag Rule)?
- Can you provide patients with an audit trail of all disclosures of their protected health information made through an electronic record?
- Do you have a policy for breach notification?
These questions can help evaluate where you stand. An effective way to gauge your level of compliance is to physically follow the path of a medical record from patient registration through discharge. Your patients aren't the only ones who need preventative care; take the time to evaluate your organization's compliance level.
HealthConnection can assess your situation and offer privacy and security solutions both you and your patients can trust. Call 1-800-395-8685 for more information.