Features

Your Brother's Keeper

The No. 1 rule when learning to drive is to watch out for the other driver. No matter how well versed you may be in the rules of the road, you will only

by Neil Caesar

The No. 1 rule when learning to drive is to watch out for the other driver. No matter how well versed you may be in the rules of the road, you will only be as safe as other drivers allow you to be.

The same principle applies to your HIPAA privacy efforts. Sure, you have done your best to establish safeguards to protect patient health information (PHI). You have set up guidelines to handle medical records, claims submissions and all of the other forms of communication within your control. But have you also taken steps to protect yourself against HIPAA problems caused by your customers?

E-mail communications in particular can create substantial problems for suppliers. Carelessness by your personnel or customers can cause medical records privacy breaches, landing you in hot water with your peers — or the government.

Even the most secure communication system, even the most encrypted network, loses control of medical data any time anyone in your company sends an e-mail message to a customer. There are many ways patients can compromise confidentiality. They may forward the e-mail to others, for example. “But,” you say, “isn't this the patient's own decision? How does this implicate me?”

Well, suppose one of your staffers sent an e-mail to a large number of your customers, alerting them to a follow-up service, maintenance needs, special pricing on supplies or some other “harmless” communication. Suppose one of your customers then wanted to ask you a confidential medical question, perhaps in response to the e-mail. Suppose, in his confusion, the patient hit the “reply all” button on his e-mail. In that event, the patient's confidential communication might well be broadcast to everyone who received the group e-mail.

Still believe this is entirely the patient's fault?

Nor do e-mail problems occur only because of customer actions. Your staff knows not to leave electronic medical records up on the screen where casual passersby can spot the information. But what about customer e-mails? What about the inquiry from Mary Jones asking about a different brand of CPAP masks? Is that information as carefully guarded? Where is the e-mail stored? In a secured or unsecured file? Your records may be secure, but are your communications?

Continue Reading...

Topic:

Features

Issue:

March 2006

HomeCare Experts

Mary Ellen Conway
Accreditation Now
Time to Renew
Many providers are due for accreditation renewal
Miriam Lieber
The Bottom Line
Coping with Change
Automation, setting goals and accountability are keys to survival
Louis Feuer
Sales Notebook
Meeting Season
How to get the most out of your meeting and show budget
Cara C. Bachenheimer
Washington Wit & Wisdom
A Blueprint for Success
Replacing competitive bidding is a real possibility if we all work together
Tyler J. Wilson
AAHomeCare Update
Congress Cracks Down on Fraud
AAHomecare's new provider requirements established
Sarah Hanna
Working Down Denials
Working Down Denials
Don't forget the DIF when filing enteral pump claims
Jack Evans
Retail 101
After Medicare
The future of HME lies in cash products
Kelly J. Riley, CRT, RCP
All Things Respiratory
More RAD Requests
As the sleep community becomes more aware of the incidence of complex sleep apnea, HME providers are...
Neil Caesar
Compliance University
No More Whistleblowers
"The 21 Benefits of an Effective Compliance Program" series continues
Jeffrey S. Baird
Law School
Payment Sources Above and Beyond Competitive Bidding
Jeffrey S. Baird is chairman of the Health Care Group of Brown & Fortunato, a law firm based in...
Colette A. Weil
Marketing Matters
HME Under Siege
Six marketing lessons for survival
Seth Johnson
Washington Outlook
The Rush Is On
HME advocates target efforts in 2012 compressed Congress