• E-mail
• Print
• RSS

Ask these questions when conducting departmental privacy self-assessments

HIPAA Weekly Advisor, July 28, 2002

Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!

A privacy gap analysis should be one of the first steps every privacy officer takes on the road to HIPAA compliance. Your gap analysis should compare where your privacy practices, policies, and procedures are versus where they need to be.

Use the gap analysis results to develop a "to-do list," to include in your work plan/budget for HIPAA compliance.

Almost every department uses information. Even though the health information management department is probably your largest site for information disclosure activities, it's not the only one.

Ask the following question when conducting a gap analysis, or privacy self-assessment, for all of your facility's various departments:

Staff compliance
1. Have you trained staff who have access to personally identifiable health information on your organization's policies and procedures?

2. Are staff careful not to leave patient-identifiable health information face-up or otherwise unattended in publicly accessible areas?

3. Do staff keep their voices low when communicating to or about patients in waiting areas, hallways, and other publicly accessible locations?

4. Do staff know how to get in touch with your organization's privacy official?

5. Do staff immediately retrieve papers that contain confidential information from printers and fax and copy machines?

6. Do staff routinely log-off computers before leaving terminals?

Go to http://www.himinfo.com/news/feature.cfm?content_id=22807 for more questions to ask about keeping electronic sources and paper files confidential and other departmental security.

Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!

• E-mail to a Colleague
• Print
• RSS
• Archive