Tip of the Month

TIP:	Don’t Let Paper Get Lost in the Shuffle.
REASON:	You may think of patient privacy exclusively in terms of protecting electronic patient data, but paper files are just as likely to be compromised. “With the advent of the HITECH changes, breaches occurring with paper records will be treated the same way as electronic data.”
SOURCE:	Gregory Michaels, BluePrint Healthcare IT

TIP:	"Being able to recognize protected health information (PHI) in all its formats is essential to maintaining its confidentiality.”
REASON:	Individually identifiable health information has a two-part definition: 1. Information about an individual's past, present or future physical or mental health, the provision of health care for the individual, or the payment for health care for the individual, and 2. The information identifies the patient or could reasonably be expected to identify the patient. Simply put, PHI is any information that allows you to link a person with their health condition. For this reason, PHI is seldom just one piece of data: it usually takes two or more pieces of data to qualify as PHI. For example, a person's name by itself is not PHI; however, the person's name in a physician's appointment listing is PHI. Also, a diagnosis by itself is not PHI, but the diagnosis along with a clinic visit date is PHI. The federal government has defined 18 identifiers, any one of which, if present, will cause health information to be considered PHI. These include the following as they relate : Names not only the patient's name, but to the patient's family or household members, employers, and health care providers Dates (except year), including birth, death, admission, discharge, clinic dates of service, etc. Numbers: medical record, account, Social Security, device serial #, certificate/licensure, telephone, VIN, etc. Addresses: geographic subdivisions smaller than a state (i.e., city, county, zip), URLs, IP address numbers, and email addresses Graphics: photographs, video recordings, voice prints, finger prints Remember, PHI is not just in medical records!
SOURCE:	University of Florida

Royal Forms™

HIPAA Compliant Electronic Order Forms

Tips for HIPAA Compliance

Use only HIPAA-compliant computer billing software.

Ensure that all patient identifiable information is encrypted before transmittal over the Internet, including transmission via e-mail.

Use a computer program that automatically logs off when idle for a specified time.

Maintain physical safeguards for data protection in emergency or natural disaster and store backup data in a secure place.

Restrict access to patient information through passwords and personal identification.

Install a firewall on your computer system that provides strong, centralized security and restricts outside access.

Maintain an audit trail of all clinical information used on your computer.

Develop privacy procedures for your solo or group practice.

Provide written information to the patient about privacy rights and how his or her information may be used.

Secure patient information so that it is not available to those who do not need it.

Company

"A leader in Patient and Provider Engagement"
Royal, headquartered in White Plains, NY, is a leading provider of software and services to the health care industry. Together with its software firm, Royal Health, Inc. and its payments firm, RoyalPay, Inc., Royal delivers a seamless suite of solutions that is focused on patient, provider and operational workflows, optimizing engagement in all areas of a patient exam life cycle. Royal's leadership team is comprised of technology, business and clinical operations backgrounds with deep industry expertise in Healthcare, Data Security, Financial Services and Information Technology.

Solutions

Patient Engagement
Provider Engagement
Enterprise Care