HIPAA Compliance and Your Practice

By   |  May 26, 2014

Making sure that your medical, healthcare or alternative practice meets HIPAA regulations can be challenging, especially with current health reform regulations. However, there are certain important points that will help your practice as you transition to electronic records.

HIPAA (Health Insurance and Portability and Accountability Act) serves to ensure that patients' records are kept safe and secure. Transferring your current paper filing system to electronic health records (EHR) or electronic medical records (EMR) should be done in a way that turns your patients' health information digital while ensuring that each patient's privacy remains protected.

Tips for Safely Transitioning to Digital:

Mind your mobile devices. Electronic health records make it easy for doctors and medical staff to access important health information on devices such as smartphones and tablets. However, be sure that you carefully keep tabs on any mobile devices in your office that contain sensitive data. If needed, restrict access to certain devices so that only specific staff member will have access, and make sure that all your data is password-protected.

Safeguard your hard drives. Make sure that your office computers and other machines that record patient information are monitored and correctly disposed of when you upgrade to a new system. Getting rid of old desktop computers, for example, leaves the data on that hard drive vulnerable to theft.

Last year, health care coverage provider Affinity Health Plan, Inc. returned several photocopiers that they had leased, but the machines still contained patients' personal health information, which was stored on the copiers' hard drives.

This resulted in Affinity being out of compliance, which the organization realized and self-reported to the Department of Health and Human Services (HHS). They were fined, reached a settlement and followed a corrective action plan to retrieve the mishandled hard drives.

Mind patient communication. Your medical practice's website may have a patient form that visitors can fill out to contact you, but for the email exchange to be secure, it must be encrypted and protect the email's content. In accordance with HIPAA requirements, the Dr. Leonardo SecureForms Contact option uses Secure Socket Layer (SSL) encryption to send messages to your Dr. Leonardo Control Dashboard.

This lets you communicate with visitors safely and securely using a Contact Form where visitors and patients provide contact information and a message. Click here to learn more about how you can safely and efficiently communicate with your current and prospective patients online!

Dr. Leonardo Lets You Build an Effective Websites for Your Healthcare Practice

Create your own high quality, professional site in four incredibly easy steps using Dr. Leonardo, a convenient Internet Presence Management tool that also allows users to fill their practice's site with informative patient education and award-winning images. Click here to get started!