Thank you for sharing!

Your article was successfully shared with the contacts you provided.
What should health care providers do differently now that the HIPAA privacy rule has taken effect? Here’s a quick cheat sheet to help you make sure that HIPAA has been implemented in the health care facility in question: � Post Notice of Privacy Practices in a clear, prominent location. � Give patients copies of your Notice of Privacy Practices � and make good-faith efforts to obtain written evidence of their receipt of them. � Avoid verbal discussions of protected health information (PHI) on the phone or in reception/waiting areas that are within earshot of people who do not have a need to know. � Do not leave PHI on telephone answering machines. � Do not include PHI in announcements made in your waiting rooms. � Try to get some sense of whether your patients want you discussing their PHI with their family and friends, and restrict info if not. � Limit (or to the extent possible eliminate) patient information on whiteboards, X-ray boxes, computer screens and other areas that may be visible to the public and those who do not need access to PHI. � Follow safeguards for PHI that is transmitted by fax or e-mail (or prohibit these activities until prudent safeguards can be put in place). � File away promptly (and lock at night) folders that contain patient medical records. � Make sure that computer/network security measures are in place (eg, that screensavers kick in quickly, passwords are not taped to the monitor, machines are turned off at night, and access from off site is carefully restricted). � Make sure the physical plant is locked down at night, with windows closed and doors locked. � Remove signage that would help an ill-intentioned person find PHI (eg, a sign on the patient’s records department that reads “Confidential Patient Information”). � Remind people that only the “minimum necessary” PHI should be disclosed to anyone. � Make sure all work-force members who leave your employment turn in their keys and building cards and lose their network access. � Make sure written authorizations to use and disclose PHI are received except for treatment, payment, operations and exceptions permitted in sec.164.510-512. � Make sure new and existing employees are aware of your schedule for ongoing HIPAA privacy training. � Whatever records you decide to keep to manage (and as evidence of) your privacy compliance, they should have begun April 14. � Make sure everyone is aware of the rights patients have to review and to get copies of their records, and what procedures will be followed. � Make sure everyone knows who patients should speak with if they have questions about their HIPAA privacy rights. � Be sure everyone in your work force knows who your privacy officer is and who they should contact with patient privacy questions or problems, or if someone has a complaint or wants to report a violation of your organization’s privacy policies. Elliot B. Oppenheim, MD, JD, LLM Health Law, is CEO and president of coMEDco Inc.�, a national medical-legal consultation corporation. Phone: 800-416-1192. E-mail: [email protected] . To subscribe to the newsletter, “Medical Malpractice Law & Stratgey,” click here .

This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.

To view this content, please continue to their sites.

Not a Lexis Advance® Subscriber?
Subscribe Now

Not a Bloomberg Law Subscriber?
Subscribe Now

Why am I seeing this?

LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.

For questions call 1-877-256-2472 or contact us at [email protected]

Reprints & Licensing
Mentioned in a Law.com story?

License our industry-leading legal content to extend your thought leadership and build your brand.


ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2021 ALM Media Properties, LLC. All Rights Reserved.