www.medicaltranscriptionservicecompany.com
HIPAA Compliance Checklist for Medical Practices
www.medicaltranscriptionservicecompany.com HIPAA is an extensive set of rules and regulations that govern the privacy, security, and portability of patient health information in a medical practice. Confidentiality and security are extremely significant in healthcare services and all procedures and policies within the practice need to strictly adhere to HIPAA rules. Maintaining a checklist can ensure that all the necessary security rules and guidelines are met.
Is Your Practice HIPAA Compliant? Certain important points need to be considered when a HIPAA compliance checklist is prepared. Practices can measure their compliance by using a checklist which includes the following elements:
Organizational requirements include designating a HIPAA compliance officer, conducting risk analysis and document results, Notice of Privacy Practices, business associate agreements, and record retention
Uses and disclosure include policy for uses and disclosures of protected health information,
mitigation
policy,
and
policies
for
marketing
uses
and
disclosures, research uses and disclosures, uses and disclosures required by law
Safeguards
include
policies
for
visitors,
oral
communications,
correspondence, fax and email, and destruction of PHI.
Patient rights such as policies for patient access to medical records, confidential communications, patient requests to amend medical records, and patient representatives.
Measures pertaining to the workforce include annual HIPAA training for entire workforce, employee sanctions policy for non-compliance, confidentiality agreements signed by all employees, and policy for medical information in personnel files
Complaints and incidents include HIPAA incident reporting process, breach notification process, and process to handle HIPAA-related complaints.
Administrative
safeguards
include
Review
information
system
activity
periodically, Unique user IDs and secure passwords, Periodic evaluation/audit of risk analysis and policies and procedures
Physical safeguard include physical access controls, policy for workstation use, media disposal and reuse policy, document maintenance records
www.medicaltranscriptionservicecompany.com
Technical
safeguard
include
data
backup
and
storage,
automatic
logoff/workstation lock policy, and encryption and decryption of ePHI.
HIPAA Compliance in Medical Transcription Busy medical practitioners usually rely on medical transcription services for their documentation needs. When outsourcing, it’s critical that they choose a HIPAA compliant
company.
HIPAA-compliant
service
ensures
that
health
care
information is handled in a safe and confidential manner.
How Transcription Companies Ensure HIPAA Compliance
Password protection for all computer systems
Regular Windows update and monthly backups for security of computers
Screening of employees during entry and exit
CD drives, USB and floppy disks are disabled on computers to prevent copying
Secure FTP for upload and download of audio files
Minimum 128 bit encryption for transfer of medical records
Firewall protection and file encryption software
Staffs fully trained in privacy matters, security measures, and HIPAA guidelines
By tracking the results of their compliance processes, medical practices can ensure that they meet the necessary HIPAA standards. This can be effectively accomplished with HIPAA compliant software. When it comes to transcription, care must be taken to find a service provider that strictly adheres to HIPAA rules.