Remaining HIPAA compliant: How to protect
patient records
Probably the least understood and greatest exposure
and risk for practices attesting to Meaningful Use (MU) is the need to
complete a security risk analysis. When it comes to the
technical concepts like firewalls, routers, and security protocols, most offices
just do not know where to begin. You trust your vendors and business associates
to keep you compliant, but what if they do not?
The use of health information technology continues to expand in healthcare.
Although these new technologies provide many opportunities and benefits for
consumers, they also pose new risks to consumer privacy.
Because of these increased risks, the Health Insurance Portability and Accountability Act (HIPAA)
and the Health Information Technology for Economic and Clinical Health Act
(HITECH) include national standards for the privacy of protected health
information, the security of electronic protected health information, and for
breach notification to consumers. HITECH also requires Health and Human Services
(HHS) to perform periodic audits of covered entity and business associate
compliance with the HIPAA Privacy, Security, and Breach Notification
Rules.
Many of the MU measures are already familiar to
practices. Actions such as gathering vitals, demographic documentation, and
medication histories physicians can perform in their sleep. While learning the
interface of their new Electronic Health Record (EHR) system is a very real obstacle, in time, staff learn what
button to push and box to click to be compliant.
But the technical issues can be much trickier for
physicians, who aren’t necessarily IT experts.
An example: In a recent visit at a rural practice,
a national telecommunications provider had been onsite to upgrade the practice’s
broadband connection. In the process, they disconnected the firewall because
they could not configure it correctly, and left it unplugged. They did
not notify the practice of their actions and left after assuming
completion of the job.
Continue article HERE
Comments
Post a Comment