HIPAA_ScreenshotThough running a successful healthcare organization is a team effort, the responsibility of complying with the Health Insurance Portability and Accountability Act (HIPAA) rests largely, if not entirely on the practicing physician. A HIPAA violation can carry hefty fines and it may even result in losing the license to practice medicine. Avoiding common mistakes can go a long way.

Medical records. This is perhaps the most obvious and easiest to avoid. Any documents with patient health information (PHI) must be kept in a secure location, regardless of whether that PHI is tangible or electronic. On that note, staff should never leave patient charts anywhere they don’t belong, such as an exam room for instance. The same idea applies to electronic devices with PHI stored on them. Always make sure they are secure, encrypted, and/or password protected.

Training. It is imperative that any and all employees that have to manage PHI understand the HIPAA requirements and proper safeguards. This includes knowing that they are not allowed to discuss PHI with their friends, family, or a coworker unless the person is the appropriate staff. Staff are also prohibited from accessing files without the proper authorization or sharing the information, even if it’s just out of curiosity or if the person requesting the PHI is related to the patient.

Disposing of records. Improperly disposing of PHI could result in someone obtaining the records, which is a HIPAA violation. For physical records, healthcare organizations should always shred or destroy records when they are no longer necessary. For electronic PHI, the hard drive where the PHI is located should be wiped.

This update is by Medical Accounts Systems, a full-service healthcare revenue cycle management company providing a number of services including insurance follow up and managed care disputes, physician reimbursement, extended business office services, and more. For additional information on our services or for any questions you may have on topics such as medical revenue cycle consulting, please call 877-759-6315.