Running a successful practice in today’s competitive eye care industry requires you to be up to date and aware of everything that happens under your roof. One of the key areas of practice management that cannot be compromised is HIPAA compliance within Optometry. Any missteps can create a headache for everyone involved and can lead to fines and the potential for lawsuits.
The Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules are federal law. The Privacy Rule gives individuals rights over their health information and sets rules and limits on who can look at and receive health information. The Security Rule delineates safeguards to protect health information in electronic form and helps to ensure that electronically protected health information is secure. We’ve uncovered three areas that many practices are out of HIPAA compliance within Optometry and probably don’t even know it.
Improper Document Management
Healthcare providers are still in a bit of a transition period when it comes to document management after the inception of EHR systems nationwide. It’s not uncommon to see paper charts lying around an office as the task of scanning and converting records to a digital form is time-consuming.
As an example, more often than not, new patients are asked to fill out their demographics and health history on several paper forms at check-in. Time and time again, these documents are put into a bin to be shredded later down the line. Depending on the size of the practice, some offices utilize a shredding service and the records pile up until their weekly scheduled pick-up. This situation makes it far too easy for these papers to get lost, stolen, or even placed in the trash can by accident. In addition, if you are on top of it and scanning the documentation into your EHR right away, another major area of HIPAA compliance within Optometry is then forgetting to delete the scanned file from your desktop once uploaded into your EHR system.
Disclosure of PHI
In order to convert patients into customers at the optical shop, it’s important that your opticians have a clear understanding of the visual needs and recommendations you’ve discussed with the patient in the exam room. How many times is this information reviewed in a crowded waiting room, allowing everyone to hear that Mr. J needs an appointment for retinal photos and that he’s going to be a first-time progressive wearer?
It can be a complex situation, as you want to maintain the integrity of your hand-off to the optician, yet can’t really disclose the amount of information you need to. More often than not, practitioners end up using hushed voices to tell their staff the important details and hope that they are not overheard by other patients in the reception area.
Unprotected Storage Solutions
Some EHR systems allow for cloud-based storage, and this is an effective solution when you can scan directly into the system. However, think about the times outside of your practice management software that you might use patient information. Many practitioners are still turning to Word or Google Docs documents to generate documents like referral letters for their patients. These methods are neither secure in HIPAA Compliance within Optometry.
Any patient information stored on a hard drive that isn’t password protected and has little in the way of encryption is a huge violation of HIPAA compliance within Optometry. Some types of copy and fax machines can even store your data, making it a nightmare if it isn’t completely wiped before your lease is up and the machine is returned.
If you need to bring your medical practice up to HIPAA’s standards, please contact MedicalBillersandCoders.com today through email: email@example.com or reach us at our toll-free number: (888) 357 3226 and we’ll ensure that your medical practice is HIPAA compliant.