Think you’re an unlikely candidate for a HIPAA audit? Think again. Here are three things you can do to make sure it’s a snap.
THIS PAST NOVEMBER, perhaps around the time you were tucking in for an afternoon of turkey and football, a new wave of HIPAA Phase 1 and Phase 2 audits commenced, and they’ll continue to run strong throughout this year and beyond. Even many dentists who pride themselves on their facility with the law are unaware that these inspections are ongoing. They can really upset the apple cart, too, lasting in some cases up to 18 months and resulting in fines up to $1.5 million depending on the severity of the infraction.
However likely you think an inspection is, if you run a health-care facility in the United States, you’re in the dragnet — and ignoring this fact in the hope you won’t be ensnared will only make an audit more unpleasant if it occurs.
Preparation is key. Familiarizing yourself with (and then adhering to) HIPAA’s compliance protocols is essential to protect the health, both shortterm and long-term, of your practice. There are nearly four dozen problem areas to guard against — the infamous “Risk Assessments Required Privacy and Security Protocols” measured during a HIPAA inspection.
Over the years, I’ve developed a three-pronged approach to results-based HIPAA compliance to help dentists rest assured that they’ll pass any audit with flying curettes. (To receive a much more detailed copy of Dental Enhancements’ HIPAA Facility Compliance Checklist, contact me via the phone number or e-mail address at the end of this column.) Let’s look at the three key factors.
1. EMPLOYEE TRAINING. Everyone on your team at your practice must be trained to HIPAA Omnibus Rules Standards. That means every staffer: full- timers and part-timers, clinical and nonclinical alike. You can be certain that within five minutes of his arrival, your HIPAA auditor will request proof of training. Your entire staff must complete it before handling any Patient Protected Health Information, or PHI.
2. PAPERWORK. The lifeblood of bureaucracy! Current law mandates eight (count ’em) HIPAA forms that must be in use in your practice, among them patient, employee, office and business- vendor forms that spell out the legal particulars and inform patients about privacy as regards PHI. You’ll need the latest HIPAA manual on hand as well — guidelines written to current Omnibus Rules standards. Every health-care facility in America must have one.
3. FACILITY PROTOCOLS. It’s not enough just to follow these first two items, training your team and keeping all required paperwork within arm’s reach. You have to connect the dots thereafter by implementing all HIPAA “Facility Protocols.” These strictures run the gamut from patient check-in procedures to after-hours texting of patient information.
Keeping tabs on all this can be a challenge, especially given the rapid pace of technological change. Dentists don’t really have a choice, though. To stay current, partner with a trusted HIPAA resource, who will stay informed so you can focus on what you put in all those hours for in the first place: to provide excellent dental care to every patient who walks through your door
JILL OBROCHTA is the Floridabased founder of Dental Enhancements, an OSHA and HIPAA solutions company. She offers noobligation consultations and can be reached anytime at 9415872864 or jill@dentalenhancements.com.