Tip of the week: Adapt your policies to protect all confidential information
HIM Connection, October 9, 2007
Want to receive articles like this one in your inbox? Subscribe to HIM Connection!
For many healthcare providers, HIPAA provided the impetus to create information and security policies. However, in most cases, the policies and procedures you create for HIPAA compliance are reasonable to adapt for use in protecting the rest of your organization's confidential information. Although HIPAA doesn't cover your human resource records or your fiscal data, it only makes sense to protect this information while you are securing your patients' protected health information (PHI).
Adapt your policies relatively easily so that they protect all of your organization's confidential data and not just your PHI. "It's easy. Instead of saying 'All PHI will be protected,' you change your policies to state: 'All confidential information will be protected,' " suggests Kate Borten, CISSP, CISM, a Marblehead, MA-based HIPAA privacy and security consultant. Suddenly, your policies also cover not only your PHI, but also your financial data, your personnel records, and whatever other information your facility considers confidential.
This tip was adapted from the October 2007 issue of Health Information Compliance Insider. For more information, click here.
Want to receive articles like this one in your inbox? Subscribe to HIM Connection!
Related Products
Most Popular
- Articles
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- Catch up on what's new with injections and infusions
- Topic: CMS, OESS post new security compliance review information, checklist
- What does case-mix index mean to you?
- Capturing all necessary codes for IUD insertion and removal can be challenging
- QA:Coding multiple initial infusions
- News and briefs: Oklahoma Osteopathic Association against residency bill change
- HIPAA Q&A: Level of encryption needed for email
- OB services: Coding inside and outside of the package
- E-mailed
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- Catch up on what's new with injections and infusions
- New conflicts of interest create new challenges
- Q/A. One injection code or two?
- What does case-mix index mean to you?
- Q&A tackles coding questions about injections and infusions
- Joint Commission Center announces handoff communication solutions
- Inside best practice: Reduce patient falls with a stoplight
- Identify modifiable risk factors to prevent patient falls
- Searched