Jul 26, 2012

10 HIPAA Questions Every Staff Member Should be Able to Answer

Thank you to all of our readers! Even though HIPAA has been around since 1996, we still see costly mistakes being made involving the most basic HIPAA policies. The maximum HIPAA fines are now 1.5 million, which does not include any civil lawsuits.  Your staff should be able to easily answer the following HIPAA Questions.

10 HIPAA Questions

1. Q: Is it a HIPAA Violation to call out a patient’s FULL name into the waiting room?
    A: While it is recommended to only call out a patient’s first name, it is NOT a violation to call out a patient’s FULL name into the waiting room.

2. Q: Do ALL emails and faxes sent from our practice need to contain a Privacy Warning?
    A: YES! All emails and faxes must contain a Privacy Warning. Example:

Privileged and Confidential: This document and the information contained herein are confidential and protected from disclosure pursuant to Federal Law. This message is intended only for the use of the Addressee(s). If you are not the intended recipient, you are hereby notified that the use, dissemination, or copying of this information is strictly prohibited. If you have received this communication in error, please erase all copies of the message and its attachments and notify the sender immediately.

3. Q: Does HIPAA allow our practice to disclose a deceased person’s information to a funeral home?
    A: HIPAA protects an individual’s protected health information (PHI) whether they are alive or deceased. If the funeral home requests PHI needed to perform services, then it is permissible to disclose. However, if the funeral home is requesting information such as a SSN or other personal information, it is appropriate to have the funeral home contact the deceased individual’s designated representative. This individual can then provide the necessary information.

4. Q: Can I leave the following message on a patient’s answering machine? Our records indicate that you have a $200 account balance that is 60 days past due. Failure to provide payment by the end of the month will result in your account going to collections.
    A: NO! No financial information may be left on a patient’s answering machine. You may only leave a message with the following information: Practice Name, Practice Phone Number, and a request for a return call.

5. Q: Does HIPAA allow us to charge a patient when making a copy of requested Medical Records?
    A: YES. HIPAA allows for a “reasonable” fee to cover your costs associated with the copying of a patient’s medical record. You may not charge a fee to retrieve the record.  

6.  Q: What are HIPAA’s regulations when using an interpreter?
      A: When the use of an interpreter is required, first clarify with the patient that they approve of any PHI disclosure made through the interpreting services. Interpreters may be used in person, or over the phone.

7. Q: Can a patient change their Medical Record?
    A: Patients have the right to request an amendment to their medical record, but they DO NOT have the right to change their medical record. Patients may submit a written request for an amendment. The practice should carefully consider the amendment, but does not have to accept it.

8. Q: Can we display patient photographs in our waiting room?
    A: HIPAA allows for a practice to take a photograph to maintain in the patient’s file. All photographs of a patient must first have the written authorization from the patient prior to public display

9. Q: If a couple is divorced, and a child has been living with their mother, is the father allowed to view the child’s medical record?
    A: Unless otherwise ordered by a court, the father has the right to view their child’s medical record.

10. Q: Can I disclose a patient’s Health Information to law enforcement?
       A: HIPAA allows covered entities to disclose PHI without the prior authorization of a patient in order to comply with a court order, a warrant, a subpoena, a grand jury subpoena, or a summons by a judicial officer. PHI may also be disclosed to law enforcement to maintain public safety, to identify a missing person, or in cases of abuse or neglect.

We have created a quiz, which we recommend giving at your next staff meeting to help evaluate the level of understanding of your staff.  This quiz is NOT designed to replace your mandatory annual HIPAA training and should be used for evaluation purposes only.

Comprehensive HIPAA training should be conducted at least every 12 months.

To download a copy of this quiz, click HERE.

If it’s been a while since you’ve conducted HIPAA or any other compliance related training (OSHA, FWA, etc.), or if you need help getting started, please contact us.

Phone: 720-475-0134
Web:    www.CompliancePhD.com 
Email:  help@CompliancePhD.com
Twitter: @CompliancePhD

Jul 12, 2012

Working Environment free of Sexual Harassment

It is estimated that the average cost for a practice to defend against a Sexual Harassment claim is $100,000. Because of the high costs, many choose to settle out of court at an average cost of $40,000.

The best way to save your practice money, and to protect all of your staff is to create a working environment free of Sexual Harassment. It is estimated that only 67% of businesses have a Sexual Harassment Policy.

Members of Compliance PhD now have access to not only a "Sexual Harassment for Employees" training, but also recently added, a "Sexual Harassment for Managers" training. Together these trainings will ensure your entire staff is aware of the policies and procedures needed for a Sexual Harassment free working environment.

As part of the Compliance PhD management training, we recommend all Managers login to the system and download a sign we have created to post around the practice. This sign re-enforces the practice's policy on Sexual Harassment.

Compliance PhD is pleased to offer this sign, FREE of charge to the readers of our blog.

To download the sign, click HERE.

If you have additional questions about Sexual Harassment Training for your office, or to see how Compliance PhD can help; visit http://www.compliancephd.com/ or call us at 720-475-0134.