When patients come to your practice, they expect their medical information to remain private, and it’s your job to make sure that happens. To stay on top of your HIPAA requirements, your best bet is to create ongoing, weekly and quarterly checklists that can help you remain on track with every responsibility.
As a best practice, you should consider adding these weekly HIPAA tasks to your calendar so you continue to keep patient data private.
What to Include on Your Weekly HIPAA Analysis
The best way to track HIPAA compliance is to analyze your progress on a weekly basis and put this information into a report. You can share the report with staff members, or simply store it somewhere on your internal drive so your colleagues can check in on it whenever they are inclined to do so.
You should create this report in a way that suits you, but you’ll want to track the essential HIPAA benchmarks as often as possible. For instance, the report each week might say:
Average time to record receipt: 9 hours (This line item would reveal how long it took, on average, to give patients their records after they request them).
Number of HIPAA errors seen: 2: One medical record lying on a table in an exam room, and one fax sent to the wrong practice. (This line item simply lists HIPAA issues that you see at your practice).
Training conducted: 3: Talked to the front office team for one hour about how to best utilize the sign-in sheet in a HIPAA-compliant way. Conducted a lunch and learn about the week’s HIPAA incidents, sharing information about fax best practices so no additional fax errors occur. Talked to staff before work on 12/1 to share information about a misplaced medical record and indicate the best ways to avoid this in the future. (This line item shows the trainings you performed to support ongoing HIPAA compliance).
Risk reviews performed: 2: Confirmed which employees have medical record access on their phones and double checked encryption and password protection on those devices. Also audited our front desk policies and found no violations of patient privacy during the check-in or check-out processes. (This line item allows you to indicate how many different areas you evaluated to ensure you weren’t taking any unnecessary risks).
Physical safeguard confirmation: Confirmed that storage facilities were locked during six spot checks, and checked the sign-out sheet for the key to ensure that only authorized individuals checked it out. (This line item gives you a chance to confirm that you’re fulfilling all physical safeguard requirements, and you can mention any outliers you come across).
Outstanding items: New billing vendor has not yet signed our Business Associate agreement. If they don’t respond by the deadline, we will not move forward with them. (This line item lists anything you need to follow up on in the future).
By compiling a weekly HIPAA report, you can ensure that you’re on top of everything and you’re able to refer back to it in the future. It’s also helpful for anyone reviewing your privacy compliance so they can see you’re making every effort to stay on top of your HIPAA responsibilities.
Get more HIPAA tips during the online training session, “Comply With HIPAA Compliance Officer Practice Mandates.” During this 60-minute webinar, privacy expert Jay Hodes will walk you through every aspect of HIPAA compliance, so you leave nothing to chance.
 |
Subscribe to Healthcare Practice Advisor |
| Get actionable advice to help improve your practice’s reimbursement, compliance, and success in this weekly eNewsletter. |
|
|
|