|
HIPPA
* The main purpose of the Health Insurance Portability
and Accountability Act (HIPAA) is to protect the privacy of patient health
information, and it covers all businesses, large and small, that offer group
health plans. The only businesses that are exempt from complying are those
with group health plans having fewer than 50 participants and are
self-insured and self-administered.
At the crux of the issues covered by HIPAA is
protected heath information (PHI). PHI is personal, private information
about employees’ health that is generated by the group health plan. HIPAA
compliance basically means taking steps to safeguard the privacy of that
information.
The following is a general checklist of HIPAA
compliance steps:
·
Designate a privacy officer.
·
Develop a privacy-training program.
·
Implement safeguards to protect PHI. This would include
physically securing filing cabinets, where employees’ PHI is kept, and
placing a firewall on access to computer records that contain protected
information.
·
Establish a complaint-resolution system to address issues when
PHI is mishandled.
·
Develop a progressive discipline system to address
inappropriate disclosures of PHI.
·
Set up a system to minimize the harm done from inappropriate
disclosures of PHI.
·
Develop written HIPAA procedures, documenting everything,
including HIPAA training that an employee has received.
Penalties for noncompliance range from fines to
imprisonment.* Boston Business Journal,
March 12, 2004.
VSS can provide businesses with assistance in this
area, by providing businesses with systems needed to meet HIPAA compliance.
This includes workflow analysis, electronic record collection, storage and
retrieval systems, complaint resolution systems, and maintenance-related
training and support.
Contact
VSS today via email at
b-continuity@vssiOnline.com or by telephone at 954-572-8538.
|
Business Continuity |
Regulatory & Compliance |
|
|
|
|
