Maintaining HIPAA
compliance is not a complicated issue for physical therapists
in private practice. Listed below are the steps and tools
needed to become compliant.
A)
Designate a compliance officer and follow the Compliance Plan Elements
checklist:
1. Create
a folder recording all your compliance documentation
2. Develop
a "Code of Conduct" for company
3.
Identify your risk of exposure and vulnerable areas (see sample checklist)
4.
Establish a safe and convenient way for employees to report risk and
vulnerabilities.
5. Conduct
training sessions on HIPAA compliance
6. Monitor
and audit compliance with your "Code of Conduct"
7.
Establish a standardized disciplinary procedure for violation
8. Train
managers and officers to enforce your "Code of Conduct" in a
responsible and professional way.
Additional
Documents FYI:
Privacy Law
Security Law
Q & A (All you need to
know to disspell any myths and misconceptions)
B) Properly
inform* new patients of your privacy practices by using the following
forms:
1.
Notice of Privacy Practices
You
must have every new patient sign this form. They are not agreeing to or
authorizing anything by signing this form. They are merely
acknowledging you provided them with the policy on how you treat their
confidential information. View sample.
*You
should also display a copy of this form somewhere near your front
counter
2. Business Associates Agreement
Whenever sharing patient information with an
outside entity you do business with (ie. outside biller, orthotic lab,
etc.) you must have this entity sign this agreement and keep it in your
HIPAA folder. View sample.
3. Authorization to Disclose Protected Health
Information
This form should be used prior to sharing any
sensitive patient information with someone other than the referring MD
or their health insurance company. View sample.
All the essential tools and required forms
are included on CD of Tools. Easily customize all the required forms in
a snap!
