Your front desk team receives a call from a patient and instinctively jots down the caller’s information on a piece of paper. But wait – do they realize this could lead to serious penalties for HIPAA violation?
Your front desk could unwittingly be the source of a data breach. A patient or visitor gaining access to any identifier that’s labeled as Protected Health Information (PHI) by HIPAA could lead you into massive violation fines.
Training your front desk team to understand the potential risk and the steps they can take to mitigate it can protect your practice from a HIPAA violation.
Look Around – What Do You See?
Every day, your front desk team is busy juggling multiple lines of communication, challenging patients and staff needs. Although they’re doing their best, your team needs to remove common HIPAA violations that are likely strewn about their work area. This might include:
- Patient info or computer passwords written on sticky notes or loose paper
- Phone messages or faxes from patients, health insurance providers or other offices
- Patient charts or scripts waiting for pickup
- An open computer browser or keys to file cabinets
Not only does this pose a significant threat to your patients’ safety, but just one of these violations – documented and reported – by a patient or staff member, can leave you open for an audit by the Office for Civil Rights (OCR).
These Steps Can Protect You – NOW.
Given the right information, most employees will try to protect your patients’ safety and your practice from a HIPAA violation.
HHS mandates that covered entities (including your practice) engage in administrative safeguards to protect PHI – including workforce training and management.
According to HHS, a covered entity must train all workforce members regarding its security policies and procedures and must have and apply appropriate sanctions against workforce members who violate its policies and procedures.
While you create or refresh your practice’s policies to protect PHI, consider engaging in the following steps to ensure you remain compliant and avoid a HIPAA violation:
- Encourage your front desk staff to report risky activities: Create a clear line of communication for each member of your staff to disclose observations– no matter how harmless one may seem.
- See your practice through the eyes of a visitor: Walk the path your patients walk. Do you see something you shouldn’t?
- Enact a ‘no cell phone’ policy at your front desk: This lowers the risk that a patient or visitor will take a picture of protected information.
- Encourage paper shredding: Speedy shredding of paper will keep your surfaces clean and risk-free.
- Keep computers closed: Encourage your team to close out programs and browsers before leaving their desk.
A simple mistake on a busy day can unintentionally damage your practice’s reputation – and revenue. But by educating your front desk team, implementing easy-to-execute changes and continuously enforcing a culture of patient privacy within your practice, you can avoid the unwanted hassle that comes with a HIPAA violation.
Healthcare consultant and management expert, Tracy Bird, FACMPE, CPC, CPMA, CPC-I can help you understand avoidable front desk-related HIPAA violations and give you the tools you need to avoid an audit.
With her online training, Head Off Front Desk HIPAA Nightmares, you’ll learn how to train your front desk staff to identify violations before they get you in trouble. Sign up for this must-attend training now!
|Subscribe to Healthcare Practice Advisor|
|Get actionable advice to help improve your practice’s
reimbursement, compliance, and success in this weekly eNewsletter.