Train patient access staff members on HIPAA

Your patient access staff members are your organization’s gatekeepers, often the first to greet your patients. They serve an important role in providing excellent customer service and ensuring patient satisfaction and repeat business. They are also often the first to encounter sensitive patient information, so educating them about HIPAA is essential.

 

“Your patient access staff at your front desk [touch] HIPAA at all different levels,” says Lisa Simmons, CHAM, manager of patient access at West Virginia University Hospitals in Morgantown. Teaching them how to protect patient confidentiality is part of that. Another major component is helping them understand how and when sharing information in the context of their jobs is appropriate, Simmons says.

 

Ensure that your training is easy and practical for staff members to increase its effectiveness, says Sandi Green, CHAM, system director of patient access at Christus Health in Houston. The jewel of any patient access training program is real-life scenarios and role-playing. So before you train your patient access staff, learn which privacy and security slipups are common occurrences.

 

One common problem area is computer placement. First and foremost, positioning computer monitors to prevent others from viewing information displayed on them is extremely important.

 

The problem is often geographical, says Joann Tomes, manager of admitting at Cincinnati Children’s Hospital Medical Center (CCHMC) “The biggest thing is the fact that they’re sitting out in the open,” she says. “It’s so easy just to get up and walk over to a printer thinking ‘I’ll be right back,’ and you’ve got all that paperwork lying on your desk. And it’s amazing how many people can read upside down.”

 

All patient access staff members at CCHMC have a cabinet in their work areas where they can file complete and incomplete paperwork. This approach eliminates the need for them to leave their work areas for any period of time. Every staff member also has a shredder near his or her work area, says Tomes, who considers shredders a necessity rather than a luxury.

 

Printouts containing PHI are also problematic. Emphasize the importance of tracking the location of every printout, says Green. Multiple staff members at multiple workstations printing multiple pages makes this a challenge, but monitoring printout locations is a manageable task for registration staff members.

 

Staff members should also keep their desks clear and exercise care not to unnecessarily take work away from their desks. For example, they may inadvertently set paperwork down while paying for snacks in the cafeteria, creating an opportunity for an unauthorized person to view the information.

 

In addition, most registrars have unlimited access to patient information. They need unlimited access to register patients under existing medical record numbers, so it’s difficult to monitor their access. Curiosity and temptation are a dangerous combination, particularly when a registration staff member knows a patient in the hospital and wants to know why he or she is there. Continually emphasize the potential repercussions of a privacy breach to employees and the hospital.