HIPAA Compliance: A Printable Telephone Checklist

Complying with HIPAA can be painful, especially for a small medical office. It gets all the more painful when you have to make a phone call. Here is a quick checklist to print off and put by the phone when handling phone calls:

Do You Have Privacy?:
If there are patients or others hanging around who can overhear the conversation or possibly see the records on your computer screen, you should not be giving out private health information verbally over the phone. Make sure the office is set up to allow for phone call privacy when discussing HIPAA protected information.

Use Three Identifiers for Verification:
You need to verify three different identifiers as an ID check before giving out any information. In addition to the name, you can use identifiers such as address, phone number, last four numbers of the social security number or date of birth.

Minimum Necessary Rule:
Only give as much information as is absolutely necessary to handle the issue, such as giving the insurance company enough information to pay the claim. Do not volunteer additional information beyond that.

Last Four Only:
Do not give out the entire Social Security Number over the phone. Use the last four numbers only.

Make Sure You Log the Call:
Make a brief note in the records. List date and time, who called, why they called, and what information was given to them, if any, and who in the office handled the call.

It is legal to give out health information over the phone for purposes such as getting an insurance claim paid or collaborating with another health care provider to get the patient appropriate care. It is not unusual for insurance companies to need to verify a date of service or an exact procedure. Refusing to answer such questions by phone can unnecessarily delay payments.

Although it is legal to give information by phone to parties who have a legitimate right to it, phone calls still need to be handled in a HIPAA compliance checklist manner. Protect yourself: Print out the above checklist and stick it near the phone today.

HIPAA Regulations for Radiologists 101

HIPAA regulations are a complex set of rules and regulations that are designed to promote a more patient oriented medical system that enhances patient care. HIPAA regulations that promote the accessibility of medical records to patients and increase the security of electronic patient health information are also included in the HIPAA Omnibus Rule. Radiologists often receive patients through a referral system or send patient files to another medical doctor or facility after x-rays and other scans are interpreted. This constant sharing of sensitive patient information makes learning what are HIPAA regulations and how do they affect radiologists an important task for any radiologist.

HIPAA Omnibus Rule

The HIPAA Omnibus Rule has changed the way that patient information is collected, stored, transmitted and created in response to the HITECH Act. The HITECH Act offers organizations incentives for using electronic patient health information while improving the security of that data. When asking what are HIPAA regulations one of the most important things to consider is your organization’s privacy policy. New HIPAA regulations state that organizations and entities must update their privacy policies and business agreements to comply with the current standards.

Current HIPAA standards require that all businesses sharing patient information must be HIPAA compliant. For instance, if a radiologist receives referrals or bills insurance companies on behalf of clients, the insurance company and the organization referring clients should both be HIPAA compliant. Current business associate agreements will be allowed until late September of 2014, but after that date all business associates will need to comply with the HIPAA Security Rule to avoid penalties or fines.

What is affected by HIPAA?

Nearly every aspect of creating, sharing and transmitting electronic patient health information has been affected by new HIPAA regulations. In addition to revising and updating your organization’s privacy policies and business agreements, you will also need to look at your internal records storage and the accessibility of patient records. For instance, your internal computer systems must be secure and protected from data loss or third-party access. Data encryption is required anytime that you transmit electronic patient information. If your organization is using a third-party storage system for patient health information, the company providing web-based storage services will also need to be HIPAA compliant.

One of the areas that will be most affected for radiologists is how patient information is disclosed. Since radiology is a field where referrals are very common, care must be taken to ensure formal, written consent is provided each time you share patient health information. For example, a radiologist sending the results of an x-ray to a general practitioner will need to have written consent by the patient to do so. In order to understand and comply with current HIPAA regulations, it is best to use a HIPAA compliance checklist and HIPAA compliance software. HIPAA compliance software will walk you through the process of meeting current HIPAA regulations and help you avoid the confusion of updating and revising your current policies and practices on your own.

The Important of Risk Assessment Tracking and Proof of Efforts

Meaningful use stage two is an important way for healthcare providers too ensures patients receive the best care. Meaningful Use Stage 2 utilizes many of the healthcare initiatives beginning with stage one, but includes some important updates that you will want to know about. Tracking and recording are vital when you are want to provide proof of risk assessments in a hospital or other medical establishment in order to qualify for incentive payments.

Getting Started

You will need to develop a solid, clear plan for tracking and recording risk assessment in order to reach meaningful use standards. Your staff should be aware of any new processes that will be implemented, which processes will be stopped and how long the new practices will be used in the workplace. Offering a training seminar can be an ideal solution to training staff in new recording and tracking methods used by your organization.

Why is Tracking and Recording Important?

The goal of meaningful use stage two is to provide electronic medical records that are accurate, up to date and relevant to the care of patients. The ability to prove that you have use established risk assessment guidelines according to the meaningful use regulations is vital when working with Medicaid and Medicare clients. Your organization will need to use EHRs, or electronic health records, to meet specific goals in order to qualify for state funded incentives. You can satisfy the need for proof by using the EHRs according to regulations and working with your local Regional Extension Center.

The goals of meaningful use are designed to provide a more comprehensive health care system to the public. One of the goals is to share more information with patients to promote a better understanding of medical conditions and treatments. You will need to supply proof that you have been utilizing the EHRs to achieve meaningful use stage two guidelines. Your local Regional Extension Center representative can help you get started on implementing the guidelines in your organization and assist you with learning more about the measures that are used to prove that the guidelines have been used.