Here Are Your Articles for Tuesday, January 17, 2017
Is this email not displaying correctly?
View it in your browser .
Website Services Industries Resources About Us Contact Us
Share Save

Data Management: Keeping Patient Information Secure

 

We've all heard of HIPAA, the Health Insurance Portability and Accountability Act, which was established in 1996 to help people keep their health insurance, standardize billing processes and protect patient information. HIPAA has expanded to include subsets of rules that define the standards for securing patient medical records. The HIPAA Privacy Rule and the HIPAA Security Rule both place national regulations on the ways that patient information is handled. As a health professional, you must keep yourself abreast of these laws and adhere to them if you want to keep patient information secure.

HIPAA Privacy Rule

The Privacy Rule was issued in order to standardize the protection of patient medical records nationally. As a medical professional, it is your duty to adhere to these regulations and protect your patients' information from being breached. Under the Privacy Rule, patients have the right to know how their medical information is being used and shared. It is also the goal of the Privacy Rule to make sure that patient information is being protected when it comes to covered entities, which the National Institutes of Health describes as health plans, health care clearinghouses and medical providers that electronically transmit any health information in connection with transactions for which the U.S. Department of Health and Human Services has adopted standards.

HIPAA Security Rule

The Security Rule protects patient records as they relate to electronic documents. The development of the Security Rule came in the wake of increased health care technology and the fact that many doctors' offices and hospitals were going paperless. However, there were no national standards in which to protect patients' electronic records. The Security Rule is in place to allow covered entities access to electronic health information while also maintaining a standard of protection for the patient. Especially given the rapid pace at which the health industry has adopted new technologies such as electronic health records and eRx, the Security Rule has become essential to allowing technological progress to flourish without breaching patient privacy.

Data Security Plan

How can you, on a daily basis, protect your patients' information and records? It's a task that everyone has to be involved in, which is why any doctor's office or hospital must have a security plan in place. Only authorized personnel may have access to patient medical information. Paper documentation should be destroyed once it's no longer needed. That goes for electronic personal information as well — it must be deleted if no longer in use. It's a good idea to implement an encryption system to place extra protection on electronic files. Also, make sure that this is a staff-wide effort and, more important, that everyone is aware of the penalties of not adhering to these standards.  

Breach Notification Rule

Breaches can happen, and if they do, you want to be sure that you follow the national breach reporting guidelines as set out by HIPAA's Breach Notification Rule. The breakdown of the Breach Notification Rule is as follows: If there is a suspected breach, HIPAA-covered health providers must notify affected patients of the breach of protected health information. The Secretary of HHS must be notified as well. If the breach affects 500 or more individuals, the media must be notified.

Keep your patients' records secure by staying up to date on these laws and regulations, and be sure that it is a staff-wide effort to maintain good patient security practices.

 

 
Share Save

Your Comments

Nelda Fields | Debra Turner
Nelda Fields | Debra Turner
Healthcare Services Group | Partners
(843) 577-5843
healthcare@websterrogers.com
40 Calhoun Street, Suite 320
Charleston, SC 29401
Friend Me on Facebook
Follow Me on Twitter
Connect with me on LinkedIn
Saved Articles
Comments and Feedback
Refer A Friend
Your Privacy
Our firm provides the information in this e-newsletter for general guidance only, and does not constitute the provision of legal advice, tax advice, accounting services, investment advice, or professional consulting of any kind. The information provided herein should not be used as a substitute for consultation with professional tax, accounting, legal, or other competent advisers. Before making any decision or taking any action, you should consult a professional adviser who has been provided with all pertinent facts relevant to your particular situation. Tax articles in this e-newsletter are not intended to be used, and cannot be used by any taxpayer, for the purpose of avoiding accuracy-related penalties that may be imposed on the taxpayer. The information is provided "as is," with no assurance or guarantee of completeness, accuracy, or timeliness of the information, and without warranty of any kind, express or implied, including but not limited to warranties of performance, merchantability, and fitness for a particular purpose.
Powered by
Copyright © IndustryNewsletters All rights reserved.

This email was sent to: rhowell@websterrogers.com

Mailing address: 40 Calhoun Street, Suite 320, Charleston, SC 29401