Follow these tips to protect Phi You can be sure you've dotted all your I and crossed all your 's, but if you miss even a small pie of the puzzle of privacy, you can compromise your entire system. Here are three reminders to make sure you have started the year with your program privacy on a good note:
1. Do not let the paper get lost in the shuffle. You can think of the privacy of patients, especially in terms of protection of electronic patient data, but the paper records are equally likely to be compromised. According to Gregory Michaels, director of security solutions and compliance to Healthcare IT BluePrint in Cranbury, NJ "With the onset of changes Hitech, violations that occur with paper documents will be treated the same way as electronic data."
Michaels advises, "Physicians can take the paper records at home as opposed to USB, or may take paper documents in their car with them at the office or hospital, and obviously things have the same value in terms of information they contain. "
Even in facilities that housed the paper safely, there is still a chance that the information on them could be exposed.
He said: "In some hospitals, the main medical record area is secure, but other departments can access files, make room, and store them temporarily, while using them, and can not be ensure their safety. "
"Even if we can go 50 or 60 percent of medical practices become fully electronic in years to come, we are still a long time before paper is removed, so that any PHI stored on paper Secure in your office. "
Practices have been advised to treat ISPs safely if paper or electronically even before the Act came into HITECH.
"It has been the case long ago and is still the case that health care providers should not throw thrash in the GPA," said Michelle Wilcox DeBarge, Esq., Wiggin and Dana LLP With Hartford, Connecticut
"Good disposal practices should be in place (eg, grinding)," she added. She also advises, "And now, under HiTech, requirements for reporting violations just does not apply to breaches of electronic information - oral or paper communication governed by the Act as well."
2. Knowing that patients are aware. You may be asked patients to sign a HIPAA confidentiality. But are they content? Not necessarily. DeBarge says, "The Act HITECH imposed a positive obligation on the government agency overseeing the HIPAA Compliance program to investigate violations of compliance. "" Previously, it was driven by complaints, but they now have an obligation to check and monitor the affirmative. "
The government has been hiring people to ensure compliance and provide public education programs and "we expect a lot of awareness, and for patients to ask more questions about the use of their Medicare private in the future, "says Peter Courtway, director of information systems for health Danbury, Connecticut.
DeBarge adds: "There is also a provision under HITECH it will enable people who have been affected by a violation to have a share in the proceeds of sanctions." "We have no details yet, but it is Another factor that patients are advised to be careful. "
3. Remember forward. You may be compromising patient data by other means outside of violations and electronic paper. Conduct a walkthrough in your organization or practice to ensure that no leakage others are there.
For example: A compliance officer walked through his practice and was pleased to see that the computer monitors at the reception was.
Posted on February 20, 2010.
