drop us a line

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form


the latest insight

How Compliance Relates To PHI (Protected Health Information) In an Office Setting


What Everyone Should Know Regarding Protected Health Information (PHI)

Scott: Hey, TXCIN Nation. I'm Scott Bullington with IMS and thanks for joining us on today's edition of TXCIN TV. I've really been looking forward to interviewing this next person because every time I see her, I get a hug and a lot of good information. Today, we're gonna talk to Ruth Golden. Now, Ruth is a senior practice educator with the TXCIN Network. So when we come back, I'm gonna get that hug, and you're gonna get some information on compliance and how it applies to PHI.

All right. So I got the hug. Now, it's time for you to get some training on compliance and how it applies to PHI. Ruth, thanks for joining us today. And let's go ahead and dive right into the information that you have on compliance and how it applies to PHI in an office setting.

Ruth: Thanks, Scott, for having me here today. And I really would like to touch on a very important item that all offices should be aware of and that is the patient information is protected at all times within the office setting. And there are several of the most common violations for this. There's a list of them. And most offices don't realize that they may be out of compliance. So I wanna make sure that they're aware of the main ones that they work with on a daily basis, that they can protect and maintain that confidentiality of the patient information.

Common Violations for PHI

Scott: Okay. So there's, obviously, quite a few different violations that a office may encounter. And give us some examples of one or a couple are the most common and that we can act upon right now.

Ruth: Okay. I think probably the number one thing is patient information disclosure within the office setting. You may be talking to a fellow employee regarding a patient's care and you're not talking in a private area where that information may spillover into your waiting room. You have to use discretion when dealing with any patient information. Another one would be your computers. Are your computer screens protected? I would use a screen that protects that information where someone else cannot see it. And I think one of the most important ones would be the disposal of medical information. We all know we have to shred it. We can't just throw it in a trash can. It has to be taken care of properly. So you want to make sure your vendor that you're using, if you have an outside [SP] vendor, you've outsourced that, make sure they're in compliance, that they've signed a business associate agreement that they are going to protect that information, or get a vendor that will shred onsite. So you have to protect that information.

Scott: What is the one thing, though, that you think doctors can do to help their office be more compliant?

Top Issue For Compliance

Ruth: I think the number one thing to do, Scott, would be employee training. Most employees do not have an active role in HIPAA training and compliance training. And it's not of lack of information for them on their part, it was just not a policy or procedure that is documented and performed within that office. So I think every employee, every new employee, every staff member, every clinical administrative, clerical staff member within that office setting needs to go through a HIPAA security training. So I think the number one would be just to have a training session, and maybe make it an annual event where they have to sign off, and that goes into their employee record.

Scott: Okay. So if they need to do more training, are they gonna get the training through you or are there also outside resources that they can look for to utilize as well?

Ruth: There's outside resources. Most offices should already have a compliance policy already set within their office setting. And that's one of the guidelines for HIPAA compliance, is that every employee has that training and they're aware of how to protect that information.

Scott: Okay. So if they need to get a hold of you, what's the best way to get in touch with you? By email?

Ruth: Yeah, probably email. It's rgolden@txcin.org.

Scott: Okay. Good stuff. Well, thanks for sharing all that with us. And, folks, I hope you really understand the importance of compliance when it comes to protected health information. This isn't just something that we need to be doing every once in a while or maybe it's important, maybe it's not important, it is one of the number one things that offices need to focus on. And if you have more questions about it, get in touch with Ruth at the email that she just gave you or you can get in touch with me, info@imstx.net, and we'll get someone with you right away. Again, we wanna thank you so much for joining us today. We look forward to seeing you again and keep the mission rolling.

RElated posts
Value Based

Value-based Care vs Fee-for-Service

The healthcare industry is experiencing a transformation involving reimbursement payment models. The conventional fee-for-service (FFS) reimbursement model is slowly being replaced by the concept of value-based care, a reimbursement methodology that challenges the “volume-based care” associated with fee-for-service...


ACOs vs HMOs: Here’s How They’re Different

Health systems and managed health care are inventions of the early 20th century, but it wasn’t until the early 1970s that Health Maintenance Organizations (HMOs) were defined as such and considered solutions for dangerously high healthcare costs. Although prevalent throughout the 1980s and 90s, HMOs for various reasons...

Value Based

Quality Over Quantity: What Value-based Care Means for Providers

The age of value-based healthcare is here, and the Centers for Medicare and Medicaid Services (CMS) has taken the lead in healthcare delivery and reimbursement reform. The strategy is driven by a three-part aim to offer better quality health, to improve patient healthcare experiences, and to deliver services at lower costs. CMS has designed an array of care programs and payment models that are meant to shift the focus of healthcare from volume-based care to value-based care, to change the mindset of providers in today’s healthcare system to focus on quality over quantity. However, this change is not a “light switch” type of adjustment, where providers can...