Risky Business with Paper Charts and Personal Health Information (PHI)
HIPAA Breaches are not just limited to computer theft and or hacking into the computer software system. If you have paper charts or other records like health history or patient questionnaires, letters from physicians or other professionals involved in patient care in unsecured locations within the practice you are just as vulnerable to theft of PHI.
Observing many practices with paper charts displayed on shelves in the front reception area is scary in today’s world of identity theft. These records must be securely locked in cabinets and or stored in locked storage areas. If the storage is off site what is the security system of the storage facility? Will the storage company sign a Business Associate Agreement?
What is your office security alarm system? If you have turnover, do you change the codes? You must have a designated code for each employee. One office experienced the theft of records because of a disgruntled staff member who had been discharged for inappropriate behavior.
If you now scan all paper records into the patient’s computer chart and then shred the documents are documents stacked on the shredder awaiting someone with spare time to shred them? They are vulnerable too.
Is your server locked in a secure room or a bolted down computer cage? Think of all the people that have access to your PHI and computers. Make a plan to eliminate your vulnerability now before it is too late.
eAssist contractors are all background checked and trained to secure your information when filing claims and appeals for your patients remotely. At eAssist we require an office be digital before we can help them because we know how vulnerable paper charts can be.