Charlotte Beck, Assistant Director and HIPAA Compliance Officer, reviewed Health Services HIPAA policies and procedures for compliance. Several updates were immediately made and a plan was developed to revise the remainder, and add new guidelines as required, by the end of fiscal year 2015-2016. Keeping current with HIPAA regulations is an on-going process.
As part of the latest HIPAA risk assessment, Beck and the Director, Marie Sandusky, met twice with members of UALR’s IT Services Department to discuss potential threats associated with housing the electronic health records server (Medicat) in IT Services. As a result of these meetings and the assessment outcome, the Medicat server is being moved from IT Services to off-site hosting. This move ensures total HIPAA compliance and is scheduled for completion by the end of 2015.
Encrypted email service was purchased for Health Services staff. Encrypted email ensures HIPAA compliance, mitigates the risk of a breach of privacy of personal health information, permits Health Services staff to securely communicate with patients, other health practitioners, insurance companies, and third-party billing vendors. Encrypted email also will allow Health Services to conduct patient satisfaction surveys on a more consistent basis.
This year, Health Services staff completed their annual HIPAA training on an interactive website instead of taking a written test. Each employee passed the final exam and was able to print a certificate of completion.