Health Information Management

Tip: Get the HIPAA job done, even if you're a solo act

HIM-HIPAA Insider, August 31, 2010

Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!

How can privacy and security officers perform their jobs when they don’t have enough hours in the day to accomplish everything they need to do? The following tips can help them get the job done: 

  • Automate systems if funds are available. The need to conduct audits without staff prompted St. Dominic Jackson Memorial Hospital to automate its process for auditing patient records. Manual audits are a time-consuming process. An automated process helps Dena Boggan, CPC, CMC, CCP, HIPAA privacy/security officer at the hospital. save time and accomplish the task at hand—keeping track of who accesses patient records. “I’ll tell you straight up, there’s no way to get it all done unless you automate your auditing processes like we have,” she says. “And even in doing that, you still struggle just to make sure all the bases are covered.”
  • Find support in unlikely places.Department managers aren’t the only staff members who can help ensure protection of protected health information (PHI), says Brandon Ho, CIPP, HIPAA compliance specialist for the Pacific Regional Medical Command at Tripler Army Medical Center in Honolulu. For example, housekeeping staff are key players. “The housekeepers are the eyes and ears of the HIPAA privacy and security officer,” he says. “They are the ones who see whether the doors are closed and the records are locked.” Housekeeping staff know whether easy access exists to information that should be confidential. They empty trash receptacles and can notify privacy and security officers when documents that should be shredded have been discarded inappropriately. They see evidence of violations such as papers left in the cafeteria or in reception areas. “They find all the stuff people are negligent with. If you have 100 housekeepers, you have 100 pairs of eyes,” Ho says.
  • “Be flexible and wear running shoes,” says Judi Hofman, CAP, CHP, CHSS, privacy/information security officer at St. Charles Health System in Bend, OR.
Editor’s note: This tip was adapted from an article in the September issue of Briefings on HIPAA. Subscribers have access to the full article in their newsletter.



Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!

Most Popular