Running an effective business and maintaining HIPAA compliance can sometimes be challenging at best.
On one hand, technology has made it easier than ever to get things done at the office. With a quick email, a text message, and sharing a few images, you can take action and get the best response for a patient in a very fast manner.
On the other hand, are you ensuring safe practices every time you hit the send button on that text or email?
Worrying about the implications of bringing the two together can often keep you up at night. But what else can you do?
One recent study showed that nurses waste as much as 60 minutes each work day tracking down physicians for responses. And this isn’t an isolated problem. In fact, I’m willing to bet it occurs in most medical practices around the world.
So in many cases, office staff start taking matters into their own hands. It starts out innocently with a simple text; and before you know it, that one simple text turns into an office wide practice.
Therein lies one of the problems. Have you ever sent or received a text message to/from the wrong person? Up to forty percent of text users have.
Which is part of why HIPAA laws were enacted in the first place. A person’s private, personal health information must be protected from non-secure eyes. And if communication practices – email, texts, etc – aren’t secure, they shouldn’t be used to carry on conversations about individual results. A single violation for an unsecured communication can result in a fine of $50,000; repeated violations can jump that figure up to $1.5 million in fines in a year. And that doesn’t take into account the publicity and the reputational damage that will follow.
There are actually two parts of the problem that you, as a medical practice, need to contend with.
- Client communication
- Internal communication
On the client side, you as the medical practice must maintain full compliance regardless of how your patients choose to communicate. Email is prevalent for communication – many patients don’t understand the vulnerability of email, and will send personal information without a second thought. While you can’t control how information comes in to you from a patient, you can take full control over how its handled the moment it reaches you, how its stored, and how it is communicated back out to patients or other referral physicians or practices.
Internally, all communications must remain secure, and meet several guidelines in order to maintain compliancy. Commuications must be stored in secured data centers, must be encrypted both in transit and at rest, must be delivered only to its intended recipient, and must have the ability to create and record an audit trail of all activity that pertains to the transport of personal records.
Because this is a new and growing field, your options are growing and changing all the time. The key is to look for applications that can provide you with both security and with enough options that make communication inside your practice and as you make referrals to the rest of the medical community a snap.
Like Mediprocity. They are a web based app that works just like texting; but it has the flexibility to also be used from a desktop or laptop, giving your entire office staff ease of use. And what I like about a system like this is it offers a simple solution that you can use through Internet access, without having to download software or worry about integrating with other programs you may already use. It takes control over security and compliance, which means you don’t have to think about it; its done for you.
In today’s increasingly mobile world, technology will continue to be the key to efficiency. Used properly, it has the potential to revolutionize not only the way we communicate in the moment, but also how we think of health and wellness and communicate that with patients.
