With the government promising vigorous auditing to ensure compliance with new revisions to the Health Insurance Portability and Accountability Act (HIPAA), physician practices and medical clinics are reviewing their information security policies and procedures to ensure that they meet the new requirements.
As we noted in our previous post, at the annual Medical Group Management Association (MGMA) conference held earlier this month, attorney Susan Miller and MGMA Government Affairs representatives Robert Tennant and Amy Nordeng presented a 12-step plan to HIPAA Omnibus compliance which was summarized on Healthcare Informatics. Today, we continue our review of that 12-step plan:
5. Review policies for medical record retention and destruction and confirm
that procedures are being property followed.
6. Create and initiate a cost-effective plan to mitigate information security risks, particularly to mobile devices such as physician laptops, tablets and smart phones. MedConnectUSA’s new HIPAA Hitech Secure Messaging App for smart phones is 100% compliant with HIPAA Hitech, protecting your messages and patient information even if your phone is lost or stolen. Our miSecureMessages solution also guarantees confidential message delivery even if your phone battery dies or you are in an area with poor coverage.
7. Review contracts with business associates and service providers such as your medical call answering service. Under the new regulations, associates and service providers must also meet HIPAA compliance regulations. At MedConnectUSA we have anticipated the HIPAA compliance needs of our clients. Not only are all of our operators HIPAA trained, but we utilize a secure message app and secure message delivery system that is 100% HIPAA compliant.
Additional tips next time