Stay HIPAA compliant wherever your staff toils. Remote and hybrid work that ramped up during the pandemic seems here to stay in some form or another. If your lab has some personnel working off-site at least some of the time, you could use technology that grants secure accessibility to online resources and communications. Use the following three tips to improve your lab’s communication and security for remote work. Consider a Shared Drive A shared drive is an organization and storage system where folders and files are stored in a central network that allows access by team members on different devices. Depending on the permission settings configured for each file, team members are able to view, edit, and collaboratively work on files. The person who creates the system can designate an individual as a manager, and that person can organize files into folders, make sure the appropriate team members have the access they need (or don’t need), and add or delete information, as necessary.
“A shared drive is a resource available for anyone who needs it, regardless of location. It can be updated in real time, so no one is ever using outdated resources,” says Christine Speroni, CPC, administrative office manager at NHPP Gynecologic Oncology in Ronkonkoma, New York. Options: Large companies offer different shared drive options; you may have heard of Google Drive, Sharepoint, OneDrive, and Dropbox. There are also smaller companies that offer more niche products (and more hands-on tech support). Decide How to Use a Shared Drive A shared drive can be the perfect way to connect team members and keep them up to date with the information they need without overwhelming them with email. This can include reference materials and other files that don’t involve protected health information (PHI). For instance: If you work with remote coders, think of a shared drive as an ideal place to keep cheat sheets, tips, lists of most-used codes, or notes that you want people to have while working. For employees involved in any external-facing writing, consider adding a “house style” document to your shared drive so everyone knows which persnickety grammar or punctuation or formatting guidelines to keep consistent across the team. You can also add preferred office email signatures, practice-logo video meeting backgrounds, and other resources that help maintain a sense of consistent professionalism, regardless of whether a team member is physically in the office. Continuing education: You might also add a folder for educational materials. If your practice uses continuing education, you may have electronic resources hosted on specialized websites or platforms or through professional associations, but “back to basics” kind of stuff may be well-suited to an always accessible folder on a shared drive. Manage version control: Because files on a shared drive may be editable, you need to ensure that you have backups of original files and changes, as well as a way to document current version status. Use the following tips to ensure accurate, timely information on your shared drive: Ensure HIPAA Compliance If your lab intends to use a shared drive for any files that include PHI, you need to make sure that you use a system that is HIPAA compliant. For instance: Labs might want to host patient PHI such as lab test results or pathology images on their drive to make it easier for team members to review or reference diagnostic tests and share the data to enhance patient outcomes. “A major theme in the current healthcare environment is the use of information systems and technologies to enhance the quality and safety of patient care,” says Gabriela Mustata Wilson, PhD, MSc, FHIMSS, SNAI, co-director at the Multi-Interprofessional Center for Health Informatics, professor of kinesiology at the College of Nursing and Health Innovation, The University of Texas at Arlington. Although cybersecurity is a priority for setting up and facilitating any shared drive, that’s especially true if you plan to host PHI on the drive. You’ll need to use only a HIPAA-compliant shared drive if you’re using the drive in this manner. BAA: Remember, if you need a shared drive that is HIPAA-compliant, you also need the hosting service to sign a business associate agreement (BAA) contract.