affiliate program - pet memorials - chat - holidays - contests - ASLTC in the News  
Alternative Solutions in Long Term Care
Featured Products: 
books and videos from Alternative Solutions
Sensory Products

HIPAA Compliance Ideas for Healthcare Providers
The Health Insurance Portability and Accountability Act (HIPAA) will require health care faclities to use the same computer language industry-wide and to take reasonable measures to protect patient information.

Click here for HIPPA Links

If you are in the healthcare industry, you have probably heard some rumblings about the Health Insurance Portability and Accountability Act of 1996, coolly referred to as HIPAA. The word is your medical practice will have to be HIPAA compliant by April 2003, but you're not exactly sure what this act mandates or how to accomplish it.

HIPAA simplified
In very basic terms, HIPAA has two primary components to which hospitals, health plans, healthcare "clearinghouses," and healthcare providers must conform:

  • Administrative simplification, which calls for use of the same computer language industry-wide;

  • Privacy protection, which requires healthcare providers to take reasonable measures to protect patients’ written, oral, and electronic information.

Congress passed HIPAA in an effort "to protect the privacy and security of individually identifiable health information."1 Additionally, lawmakers "sought to reduce the administrative costs and burden associated with healthcare by standardizing data and facilitating transmission of many administrative and financial transactions." 1

HIPAA consultants say the new regulations should save the healthcare industry money in the long run, provide improved security of patient information, and allow patients to have better access to their own healthcare information.

Becoming compliant
While the HIPAA regulations call for the medical industry to reexamine how it protects patient information, the standards put in place by HIPAA do not provide any cookie-cutter answers, says Leah Hole-Curry, HIPAA legal counsel for FOX Systems, a HIPAA consulting firm. "HIPAA doesn’t necessarily prescribe the solutions, but it does require physicians to look at all of the ways that they use and access data today and determine whether that’s reasonable or not."

To help you begin your HIPAA compliance process, following are some practical ideas for rethinking how you maintain and use patient information in your office.

Dedicate a HIPAA officer
Appoint one or two staff members (depending on the size of your office) to review the HIPAA act, determine the changes your practice needs to make, and decide if you’ll need outside help.

To keep this project manageable, do not wait until the last minute. Remember: most of the healthcare industry will have to be HIPAA compliant by April 14, 2003.

Furthermore, compliance is not optional. Those found in violation of the act will be penalized:

  • "Civil penalties range up to $25,000 per violation of each standard.

  • Criminal penalties range up to $250,000 in fines and/or up to 10 years in prison."3

Dividing files
An important part of HIPAA is the minimum use standard, which mandates that healthcare providers use and disclose patient information in ways that are minimally necessary to accomplish the task.

For example, a billing clerk does not need access to a patient’s entire medical history to bill for a service rendered, says Hole-Curry. Therefore, you may want to divide patient files into sections, having an office policy that clearly states who may access each section.

Consider converting to pocket-style classification folders, which have two envelope-like pockets where classified information could be stored. General information could be attached to the folder using the built-in fasteners.

Labeling files
Take a look at the outside of your file folders. Do they possess identifiable patient information, such as the patient’s name, address, social security number, birth date, phone number, or specific information about a health condition? If so, you may need to re-label your files. Consider converting to a color-coded system that allows you to file alphabetically or numerically. Some label products will even permit you to print new labels right from your PC and personal printer.

Reviewing files
Patient files should not be reviewed in front of other patients. Accomplishing this task may become particularly tricky if the staff members who regularly review files also work at the reception desk.

You may want to partition off a small area of the reception desk with a panel system.

Locking files
When possible, files that are not in use should be locked. Locking the room where files are stored is a good start, but remember that cleaning, building, and other staff may enter your office while you are not there. According to Hole-Curry, "the less risk option would be to have a locking mechanism on your paper files, where you can have your staff lock them up at the end of the day" or when they are not in use.

You may want to take this opportunity to re-think how you file and purchase new filing cabinets – with locks. You may now choose from vertical, lateral, and open-shelf systems.

If a new filing system is not in the budget and your current cabinets do not have locks, it’s possible that they can be retrofitted with locks. For example, you can purchase a lock accessory for several Hon® file cabinets and easily install locks to select models.

Discussing patient information
To remind your staff not to discuss patient information in public areas, Hole-Curry recommends posting signs in elevators, hallways, reception areas, etc that say: ‘Remember your patients can hear you.’

Keep patients informed
Patients will gain new rights when HIPAA goes into full effect in April of 2003. Healthcare providers will have to notify patients of how patient information is used within the office and disclosed to outside sources.

Be prepared.
Type up a sheet explaining your use and disclosure procedures and have copies ready to present to patients who ask for this information. To make the document look more professional, consider using business stationery.

Assess your progress
Make your own checklist of tasks that must be completed – and when. Some questions to address are:

  • Have you trained your employees on the confidentiality of health information and their responsibilities?

  • Have you created formal, written security policies and shared them with your staff?

  • When employees leave, are their computer passwords immediately deleted or canceled?

  • For a complete list of questions, check out the Fox Systems HIPAA Readiness Assessment tool.

Check in with your state health department
Due to the complexity of HIPAA, many state health departments are offering help.

Visit to purchase items you may need to help you be compliant with HIPAA.

1Everything You Always Wanted to Know about HIPAA... but Were Afraid to Ask, Management Tools for Managed Care, Linnaeus, Inc.

The information contained in this article is for general guidance. Such information is provided on a blind-basis, without any knowledge as to your industry, identity, or specific circumstances. The application and impact of relevant laws will vary from jurisdiction to jurisdiction. There may also be delays, omissions, or inaccuracies in information contained in this site. The information on this site is provided with the understanding that and its affiliated entities, and various authors and publishers providing such information are not engaged in, and that providing such information does not constitute the rendering of, legal, accounting, tax, career, or other professional advice or services. As such, information on this site should not be relied upon or used as a substitute for direct consultation with professional advisors.

Article from



Study Guides
Alternative Solutions in Long Term Care, LLC provide resources and services for Health Care Professionals and Care Givers. Recreation Therapists, Activity Directors, Social Workers, Creative Arts Specialists, and other health care workers utilize this site to obtain information and purchase products for use in nursing homes and long term care facilities. Products and resources include sensory stimulation products, relaxation videos, party supplies, care plans, activity calendars, and more. For additional resources visit our associate site the Therapeutic Recreation Directory at To become certified in Dementia Care go to


Liberty Mutual

Dish Network - Free Installation

Finally Organized, Finally Free
An amazing collection of 1,300 organizing tips, ideas and techniques to help you organize your home, your office and your life!


Tell a Friend About This Page

Alternative Solutions in Long Term Care, LLC
Copyright 2001 to present.
Unauthorized duplication / distribution of material on this site is probhibited.
For permission to reprint materials on this web site in whole or in part, please contact webmaster.

Web site by compuTR Web Design and Hosting.