If you work in healthcare, anywhere from a small medical office to a big hospital to an insurance company, you need to be in compliance with HIPAA. This is a long, complicated document and even big insurance companies struggle to keep the rules fresh in everyone 's mind and everyone on top of the most critical functions. Here are a few things to make sure you are doing right:
1) Make sure Protected Health Information (PHI) is not casually observable. This means turning papers face down on your desk, not leaving charts visible on office doors, and making sure your computer screen cannot be readily seen by other people. This includes not only patients but other staff. If they are not directly involved in handling this specific case, they do not need the information in this file.
2) Make sure you verify a minimum of three pieces of
…show more content…
5) Make sure documentation is specific to the individual patient in question and does not contain information on other patients, not even other family members.
6) For young adults, check to see whether they are covered under their own policy or through their parents. Their parents do not have an automatic right to their records even though they provide the insurance coverage. Make sure you are not inadvertently giving out unauthorized access to medical records just because the parent is paying the bills. If there is no authorization on file granting them access, these records belong to the adult child and not the parent through whom insurance is being provided.
7) If you are giving out information by phone, you still need to verify that the person requesting it has authorization or is the actual patient in question. Make sure you either have authorization or verify three pieces of PHI. You also have an obligation to not let sensitive information be overheard by other patients or staff who are not involved in the