When training new employees, make sure you thoroughly review patient privacy rights as mandated by the federal HIPAA regulations.
by Lori Holt in Practice Procedures on Wednesday, June 15, 2016
Ideally, this should be addressed in your office procedures manual.
What Is HIPAA?
HIPAA stands for the Health Insurance Portability and Accountability Act of 1996 and involves the protection of patient information - including privacy and security of that information.
To be HIPAA compliant you must:
- Develop policies and procedures addressing HIPAA's requirements
- Train all current and future employees on HIPAA-compliant policies and procedures
- Appoint a privacy officer to oversee the practice's compliance
- Develop a notice of privacy practices for distribution to all patients
- Enter into contracts with all business associates having access to patient information
Developing HIPAA Policies and Procedures
Your practice's HIPAA compliance manual should contain your HIPAA policies and procedures involving patient privacy and security. It should include copies of the forms, notices, and disclosures your practice utilizes for patient privacy notification and overall HIPAA compliance.
Your practice's policies and procedures should include information such as:
- use and disclosure of protected health information (PHI)
- patient rights in regards to PHI
- consent and authorization requirements
- notice of privacy practices
- and much more.
There are also a number of forms and notices that should be included in your HIPAA compliance manual such as:
- Notice of Privacy Practices
- Patient Acknowledgement/Receipt of the Notice
- Business Associate Agreement
- Consent Form
- Authorization Form
Training New Employees on HIPAA
Much of the training you do with a new employee involves simply reviewing your practice's manuals (e.g., the employee handbook and office procedures manual), but HIPAA training involves more than those basics.
HIPAA regulations include the following staff requirements:
- Training for all current and future staff on the HIPAA policies and procedures.
- Proof of the training - documenting what was included in the training and the date it was completed.
- Acknowledgement of review of your practice's HIPAA compliance policies and procedures. This is a form signed by employees that states they are aware of those policies and procedures.
For valuable information, visit the official HIPAA website.
HIPAA compliance training is offered to members of the National Business Association for Chiropractors (NBAC) at a discounted rate. For more information, visit www.nbac.com.