Compliance:
Protect Confidential Health Information In Patients' Homes
Published on Wed Dec 22, 2004
You must take your HIPAA compliance with you. Do you have the tools to guard protected health information when you provide treatment in your patients' homes? Use this expert advice to make sure no wrenches are thrown into your compliance plans. Educate Your Patients Take some time to give your patients suggestions for keeping their information secure. "We recommend that patients keep their files in a drawer or another place that's not open to everyone," shares Betty Bundul, corporate compliance director of HIPAA Security for Allina Hospitals & Clinics in Minneapolis.
Good idea: Use your notice of privacy practices to initiate a conversation on how to keep medical information out of unauthorized hands, advises Brian Gradle, an attorney with Washington, DC's Hogan & Hartson. Be Aware of the Ears in the Room You can't always clear the room of your patient's family members or visitors, but you can protect yourself if and when PHI is overheard, Bundul notes. Explain to your patient that by having other people milling around, his PHI could be overheard.
You should never discuss others' PHI in a patient's home, experts note. If you make or accept a phone call about another patient, "leave the room or limit what you say," stresses Lee Kelly, senior security consultant with Fortrex Technologies in Frederick, MD. "There's still a chance someone will overhear you, but you've done your best to protect the patient's PHI," he explains. Beware Computer Slips The only file you should have with you in a patient's home is the one you need to treat that patient, Bundle notes. Any other patient files should remain locked in a safe place like the trunk of your car, she says.
And if you're working from a laptop or other portable device, make sure you have only that patient's file open, Kelly concurs. That way, even in a worst-case scenario, the only information that can be spotted by anyone other than you will be that of the patient you're visiting, he notes.
Remember: When you use a laptop in patients' homes, take measures to keep the electronic PHI from inappropriate access. "Use password-protected screen savers," Kelly offers. And in the home environment, your screen saver should come on after five minutes at the most, he says.
Like your patients' paper files, when not in use, a laptop should be kept locked up - whether in the trunk of your car or a closet in your home, he advises. "You want to keep it someplace where someone can't look in a window and see it," he continues.
You can't control everything that happens in your patients' homes, but you can decrease the chances that your patients' PHI will be inappropriately disclosed, experts agree. Plan of Action [...]