BiNA Office Furniture • Call: 516-248-5858
How to Become a HIPAA Compliant Medical Office
This article describe how to become HIPAA compliant for medical offices and handlers of patient health informationThis article provided as a public service. Bina Office Furniture is not responsible for its contents or your results.
- Follow phone protocols. A medical offices must have specific guidelines for what information is given over the phone. Certain individuals like health insurance reps or family members might have clearance to be told patient information, but other callers should be given only basic information that does not violate HIPAA.
- Protect workstations. A computer should always be locked when the person who uses it is away from the desk. This is to prevent unauthorized use.
- Protect papers. Documents like medical claims and bills should be turned face down when the person who is responsible for them is away from the desk. The files must be kept in secure containers where they can't be read by someone passing by.
- Use HIPAA compliant waste baskets and shredders. Some offices have color-coded trash bins, one set for regular trash like apple cores and gum wrappers, and another covered set of bins for documents. The documents that go in the secure bins get shredded every day. The other trash bins get emptied by cleaning people at night.
- Educate. A well-informed staff will be more adept at following HIPAA regulations, and they'll know why they're doing it. Conversations about the laws are good, and help to get everybody on the same page.
- HIPAA will affect the way that your organization handles health care records, information, and transactions. Your organization will need to comply with the HIPAA security, privacy, and management requirements for electronic healthcare information. Healthcare organizations will be required to address the following four areas as defined by the Department of Health and Human Services (DHHS):
- Administrative procedures — Procedures for establishing and enforcing security policies
- Physical safeguards — Safeguards that protect physical computer and network facilities
- Technical security services — Services that protect,control, and monitor access to health care information
- Technical security mechanisms — Mechanisms for protecting information and restricting access to data transmitted over networks
- The entire service and product delivery cycle must become HIPAA aware and where needed, brought into compliance. Information and data security will need to become a priority throughout your organization. In order to satisfactorily comply with this Act, your organization will need to assess which areas are susceptible to electronic vulnerabilities and identify where your information management practices are inadequate. Your network, systems, procedures and appropriate personnel will require a comprehensive review. Your operation will need to undergo a thorough risk assessment. Although such a thorough analysis may seem extreme, it is necessary to establish a strong foundation from which your operation will be able to build areliable information security posture. Your management and technical teams will need to develop a comprehensive plan to become HIPAA compliant. In particular your organization will need to:
- Develop a course of action outlining detailed roles, responsibilities and time frames for HIPAA compliancy
- Determine the impact of the electronic healthcare information transactions and identifier standards on your organization
- Enable and adjust your organization's current environment to support standard HIPAA electronic transactions
This article provided as a public service. Bina Office Furniture is not responsible for its contents or your results. Article adapted from wikiHow
BiNA Discount Office Furniture Online: HIPAA Compliant Medical Filing
Discount Office Furniture Specials
'Best of Long Island' Best Home/Office Furniture