It is Time to Clean-Up and Perform a HIPAA Walkthrough!
Did you know that November 15th is National Clean out Your Refrigerator Day? Which makes it a great opportunity to thoroughly clean out your refrigerator to prepare for upcoming holidays, but also to perform a HIPAA walk-through to clean-up your compliance! Here are our tips to complete both of these important tasks!
Empty Each Shelf - Perform Your HIPAA Walkthrough
One of the most important steps involved with cleaning out the refrigerator is to empty each shelf. You might be surprised by what you find on each shelf as you empty it. What may look like a science fair project may have really once upon a time, been a meal.
During a HIPAA Walkthrough, one of the questions that may be asked is, do you see documents containing PHI that might be visible to unauthorized individuals?
You might be surprised by what you find by taking a moment to look over your desks and shelves. Take a moment to look over desks, shelves, and other locations to ensure documents containing PHI are not visible to unauthorized individuals. Documents containing PHI (i.e. appointment scheduled, census lists, physician orders, EOB's, transcripts, superbills, etc.) should not be visible to unauthorized individuals - including staff members and the public.
Completely Wipe Down the Inside - Identifying Problem Areas
Another important step in cleaning out the refrigerator process is to completely wipe down the inside of the refrigerator. Wiping down the inside of a fridge is important for obvious reasons, clean it and sanitize it!
Think of a HIPAA Walkthrough as an opportunity to perform a "wipe down." During the walk-through, you may identify areas that need improvement. You might see things that are lacking, that may be unsecured, and that may lead to a breach. Identifying those areas is only part of the process. The actual "wipe down" occurs once those areas have been successfully addressed.
Throw Away All Expired Food - Updating Your NPP
When it comes to cleaning out the fridge, this is self-explanatory. We can safely assume nobody wants expired food. When food is expired, for health and safety reasons, it is best to throw it out.
What about expired forms and information?
Most likely, during a HIPAA Walkthrough, there will be a section that talks about your Notice of Privacy Practices (NPP). Is your NPP updated and posted in proper areas? If you are not using an NPP with the updated HIPAA Omnibus information, we recommend disposing of the expired NPP and using a revised version. If your state law requires other additional information on your NPP, that information should be added to the federally required information.
If your business associates have any sub-contractors that have access to your PHI, then they too must have signed business associate agreements in place with them.
Restock Shelves and Drawers with Good Food - Staying Compliant
Once again this is self-explanatory; however, we can safely assume food that isn't expired, or doesn't appear like a science fair project, is good food that is at the very least safe for consumption.
Performing a HIPAA Walkthrough annually is an opportunity to "restock" by ensuring your organization is up-to-date and in compliance with HIPAA Privacy and HIPAA Security standards. Restocking with current information that meets or exceeds HIPAA Privacy and Security standards is "good food" for your organization.
Another way to "restock" is to ensure annual refresher training is completed by all of your employees.
Enjoy your Nice Clean, Organized Refrigerator - Ensuring Compliance
While cleaning out the refrigerator is generally a dreaded task, it is a task that is important none the less. Once the task is complete, it feels good to enjoy having a nice clean, organized refrigerator. The same can be said for HIPAA Privacy and Security.
Conducting your HIPAA Walkthrough helps identify HIPAA Privacy and Security areas that require attention. At the discretion of your compliance officer, correcting problems that were encountered during the walkthrough can prevent violations and ensure compliance with HIPAA standards.
If you would like more information about performing a HIPAA Walkthrough or if you have any additional questions, please do not hesitate to contact one of our professional consultants.