The Health Insurance Portability and Accountability Act was put into law in 1996. However, healthcare employees are not always as careful at protecting private information as they should be. Gossip, rumors, and sharing information inappropriately may be rampant in the workplace. Help protect your patient's rights to privacy by properly enforcing HIPAA compliance in the workplace.
Every employee in a healthcare setting should be educated on what the HIPAA laws mean and what possible violations may be before they are allowed to access any electronic health records or billing software. Having your employees review this information will ensure that they have been educated in the subject of HIPAA and if they are caught violating it in any way, you as the employer have done your part in informing them beforehand. This means no employee can claim that they "didn't know."
The saying, "Out of sight, out of mind," can hold incredibly true. In the day to day hustle and bustle of working, regular employees may be forgetting how important it is to continue to follow current privacy laws. Print, laminate, and even frame notices that remind your employees that they have to be in compliance with these laws. Seeing these notices frequently enough may remind employees of the importance of these laws.
Make sure your EHR and billing software are secured, as well as any computers that may have access to contain sensitive information are password protected and only accessible to the employees that need to access that particular information. If an employee does not need to know that information in order to do their jobs, they should not be accessing it. Also, do not leave paper notes or any physical print-outs laying around, since someone unauthorized could come around and read this information. Encourage your employees to never share their computer passwords.
If an employee is caught violating HIPAA policy, do not let it slip through the cracks. You as the employer may be in a lot of trouble if you do not take proper disciplinary action. A proper business model imposes strict action against employees who violate a patient's privacy, up to and including termination. Lack of proper discipline may not discourage other employees from violating HIPAA in the future.
Whatever policies and procedures your company imposes, make sure they are in compliance with federal law and that you make the privacy of your patient's information a top priority.