HIPAA Compliance within Optometry
Running a successful practice in today’s competitive eye care industry requires you to be up to date and aware of everything that happens under your roof. From overseeing personnel to payroll and bookkeeping, an owner/practitioner or office manager wears many hats. One of the key areas of practice management that cannot be compromised is HIPAA compliance within Optometry. Any missteps can create a headache for everyone involved and can lead to fines and the potential for lawsuits. We’ve uncovered three ways that many practices are out of HIPAA compliance within Optometry and probably don’t even know it.
#1 – Improper Disposal of Patient Records
Healthcare providers are still in a bit of a transition period when it comes to document management after the inception of EHR systems nationwide. It’s not uncommon to see paper charts lying around an office as the task of scanning and converting records to a digital form is time-consuming.
As an example, more often than not, new patients are asked to fill out their demographics and health history on several paper forms at check-in. Time and time again, these documents are put into a bin to be shredded later down the line. Depending on the size of the practice, some offices utilize a shredding service and the records pile up until their weekly scheduled pick-up. This situation makes it far too easy for these papers to get lost, stolen, or even placed in the trash can by accident. In addition, if you are on top of it and scanning the documentation into your EHR right away, another major area of HIPAA compliance within Optometry is then forgetting to delete the scanned file from your desktop once uploaded into your EHR system.
#2 – Disclosure Of Protected Health Information During the Optical Hand-off
In order to convert patients into customers at the optical shop, it’s important that your opticians have a clear understanding of the visual needs and recommendations you’ve discussed with the patient in the exam room. How many times is this information reviewed in a crowded waiting room, allowing everyone to hear that Mrs. Jones needs an appointment for retinal photos and that she’s going to be a first-time progressive wearer?
It can be a complex situation, as you want to maintain the integrity of your hand-off to the optician, yet can’t really disclose the amount of information you need to. More often than not, practitioners end up using hushed voices to tell their staff the important details and hope that they are not overheard by other patients in the reception area.
#3 – Unprotected Storage Solutions for HIPAA Compliance within Optometry
Some EHR systems allow for cloud-based storage, and this is an effective solution when you can scan directly into the system. However, think about the times outside of your practice management software that you might use patient information. Many practitioners are still turning to Word or Google Docs documents to generate documents like referral letters for their patients. These methods are neither secure on in HIPAA Compliance within Optometry.
Any patient information stored on a hard drive that isn’t password protected and has little in the way of encryption is a huge violation of HIPAA compliance within Optometry. Some types of copy and fax machines can even store your data, making it a nightmare if it isn’t completely wiped before your lease is up and the machine is returned.
How Can You Be More Compliant?
If you have no practical way to manage these challenges, EyePegasus can help. We offer the ease of a fully digital iPad check-in application and/or the ability for the patient to fill out their information online in their patient portal. Thereby, allowing patient data to be stored directly in the cloud eliminating the possibility of improper records disposal for paper forms. And if you do have the need to scan, our advanced scanning solution uploads documents directly into EyePegasus never creating a folder on your desktop.
We utilize an integrated care coordination referral system within your customizable charting template. You can even send the referral directly via e-fax, eliminating the need to print a paper record. Also, remember your patient optical recommendations and diagnoses follow up tasks that you need to communicate to your optician during the hand-off? Each patient’s chart features a specific area where you along with the system create both manual and automated tasks for your staff during the exam process. Thereby, eliminating the need to whisper in front of the patient and/or the reception area. See EHR example below:
HIPAA Compliance within Optometry can be very stressful, take some time to evaluate your processes and procedures that are commonplace in your office, and ask yourself, how HIPAA compliant is my office currently? If you find that you could use a better solution to eliminate the potential of violations, contact us today to request a demo.