• E-mail
• Print
• RSS

Tip: Use simple, affordable solutions to help protect patient privacy

EHR Connection, September 10, 2007

HIPAA doesn't require you to go bankrupt," says Norbert Kugele, JD, a partner at Warner, Norcross & Judd, LLP, in Grand Rapids, MI. Emphasizing that the rule allows much flexibility, Kugele recommends thinking about what makes sense for your organization. "Privacy should be on the agenda and it should be driving decisions," he says.

Mary Brandt, MBA, RHIA, CHE, CHPS, president of Brandt & Associates, Inc., in Bellaire, TX, says there are "reasonable steps that don't have to cost anything."

Brandt offers some very inexpensive solutions to some very common problems:

• Ensure that computer screens are not visible to passersby. If a ledge or physical barrier is not a viable option, consider privacy filters.
• Use an automatic logoff system that signs users off of computers after a few minutes of inactivity.
• Use software that routes faxes to individual staff members' e-mail accounts.
• Store computer servers and other equipment with large amounts of data in a room with limited staff access.
• Finally, remember to destroy any data on the hard drive of a fax machine or copier before disposing of it or returning it to the vendor from which it was leased. Vendors have been known to resell equipment without destroying data beforehand.

None of these measures are expensive, and HIPAA allows you to consider cost when determining how your facility will comply, says Kugele. "The privacy rules don't really set forth any specific requirements about the physical safeguards you need to have in place," he says. "They leave it up to you to decide what works best for your office." This tip is brought to you from the August issue of Briefings on HIPAA.

• E-mail to a Colleague
• Print
• RSS
• Archive