Key Requirements for Storing Physical HIPAA Documents The HIPAA rule mandates that the PHI must be appropriately secured against theft, fire and water damage, and any erroneous destruction.
Medical records are confidential and should be protected from unauthorized disclosure. The HIPAA Privacy Rule establishes national standards for record keeping supporting digitization of patient records with the goal to ensure the privacy and integrity of PHI. Protected health information (PHI) and can be oral, digital, or on paper. Most physicians rely on medical transcription companies to turn audio records of physician dictation into easily accessible text. Medical records, both in digital and paper format, must be stored securely in compliance with the applicable law and the standards prescribed by HIPAA and the Joint Commission.
www.medicaltranscriptionservicecompany.com
918-221-7801
Key tips for storing and protecting physical HIPAA documents
Make sure that the paper records are not accessible to unauthorized individuals
Keep them safe in a storage room and locked cabinets
Allow only authorized individuals to access medical records and PHI
Medical files, folders or records should be secured at all times
Never discuss the medical record in an open setting
Do not separate individual documents from the medical record and PHI
Set up retention policies to identify how long certain records need to be retained
Apply these retention policies consistently so that records are not destroyed prematurely
Paper records can be destroyed after they are scanned/reviewed for a certain period of time
Avoid incidental disclosure of PHI during disposal
Consider shredding, an appropriate method for disposing both paper and electronic PHI
EMRs allow physicians to monitor and improve overall quality of care within the practice/organization. Unlike paper records, electronic medical records provide organizations with greater control over security as it allows them to control precisely who has access to patient information and when. Failing to comply with HIPAA requirements would lead to fines and in serious cases, imprisonment. Regular risk analysis would help all covered entities and business associates, including medical transcription companies to identify threats to PHI confidentiality. HIPAA covered entities and business associates have to implement measures to protect against the threats, or mitigate the consequences if the threats were to occur. Outsourcing transcription tasks to a HIPAA compliant medical transcription service provider will ensure that all patient information is kept private with robust encryption methods and strict security protocols.
www.medicaltranscriptionservicecompany.com
918-221-7801