Thank you for sharing!

Your article was successfully shared with the contacts you provided.
What should health care providers do differently now that the HIPAA privacy rule has taken effect? Here’s a quick cheat sheet to help you make sure that HIPAA has been implemented in the health care facility in question: � Post Notice of Privacy Practices in a clear, prominent location. � Give patients copies of your Notice of Privacy Practices � and make good-faith efforts to obtain written evidence of their receipt of them. � Avoid verbal discussions of protected health information (PHI) on the phone or in reception/waiting areas that are within earshot of people who do not have a need to know. � Do not leave PHI on telephone answering machines. � Do not include PHI in announcements made in your waiting rooms. � Try to get some sense of whether your patients want you discussing their PHI with their family and friends, and restrict info if not. � Limit (or to the extent possible eliminate) patient information on whiteboards, X-ray boxes, computer screens and other areas that may be visible to the public and those who do not need access to PHI. � Follow safeguards for PHI that is transmitted by fax or e-mail (or prohibit these activities until prudent safeguards can be put in place). � File away promptly (and lock at night) folders that contain patient medical records. � Make sure that computer/network security measures are in place (eg, that screensavers kick in quickly, passwords are not taped to the monitor, machines are turned off at night, and access from off site is carefully restricted). � Make sure the physical plant is locked down at night, with windows closed and doors locked. � Remove signage that would help an ill-intentioned person find PHI (eg, a sign on the patient’s records department that reads “Confidential Patient Information”). � Remind people that only the “minimum necessary” PHI should be disclosed to anyone. � Make sure all work-force members who leave your employment turn in their keys and building cards and lose their network access. � Make sure written authorizations to use and disclose PHI are received except for treatment, payment, operations and exceptions permitted in sec.164.510-512. � Make sure new and existing employees are aware of your schedule for ongoing HIPAA privacy training. � Whatever records you decide to keep to manage (and as evidence of) your privacy compliance, they should have begun April 14. � Make sure everyone is aware of the rights patients have to review and to get copies of their records, and what procedures will be followed. � Make sure everyone knows who patients should speak with if they have questions about their HIPAA privacy rights. � Be sure everyone in your work force knows who your privacy officer is and who they should contact with patient privacy questions or problems, or if someone has a complaint or wants to report a violation of your organization’s privacy policies. Elliot B. Oppenheim, MD, JD, LLM Health Law, is CEO and president of coMEDco Inc.�, a national medical-legal consultation corporation. Phone: 800-416-1192. E-mail: [email protected] . To subscribe to the newsletter, “Medical Malpractice Law & Stratgey,” click here .

This content has been archived. It is available exclusively through our partner LexisNexis®.

To view this content, please continue to Lexis Advance®.

Not a Lexis Advance® Subscriber? Subscribe Now

Why am I seeing this?

LexisNexis® is now the exclusive third party online distributor of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® customers will be able to access and use ALM's content by subscribing to the LexisNexis® services via Lexis Advance®. This includes content from the National Law Journal®, The American Lawyer®, Law Technology News®, The New York Law Journal® and Corporate Counsel®, as well as ALM's other newspapers, directories, legal treatises, published and unpublished court opinions, and other sources of legal information.

ALM's content plays a significant role in your work and research, and now through this alliance LexisNexis® will bring you access to an even more comprehensive collection of legal content.

For questions call 1-877-256-2472 or contact us at [email protected]


ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2020 ALM Media Properties, LLC. All Rights Reserved.