Are My Scanned Documents HIPAA Compliant?

Maintaining an office is never easy. There are a lot of things to keep track of, from day to day operations to personnel and tax issues. All of the things that go into running a business or an organization tend to generate a lot of documents. Some of those documents need to be maintained for legal purposes like tax law compliance. And sometimes documents need to be maintained privately, and confidentially.

One category of information that has strong protections against being made public involves health records. And the law that protects the confidentiality of patient health records is the Health Insurance Portability and Accountability Act (HIPAA). At Storage Quarters, many of our document services customers have a major obligation to comply with HIPAA. One of our most popular services is document scanning. And if you handle a lot of documents, you want to make certain your scanned documents are HIPAA compliant. So we want to take a look at the law and important issues related to scanned documents and HIPAA.

The Basics of HIPAA

HIPAA was originally passed in 1996 and amended in 2013. Key provisions of the law have to do with disclosure of personal health information. According to the US Department of Health and Human Services (HHS), HIPAA “gives you rights over your health information and sets rules and limits on who can look at and receive your health information.”  The law contains a privacy rule which establishes a safeguard to protect personal health information and sets the limits and conditions under which the information may be disclosed without a patient’s authorization. HIPAA also establishes a security rule which lays out national standards to protect individuals’ electronic personal health information.

Among those who are obligated to follow HIPAA are:

•        Health plans such as HMOs, company health plans and government programs such as Medicare and Medicaid.

•        Health care providers that conduct business electronically (eg. they electronically bill health insurance). This category includes doctors, hospitals, nursing homes, pharmacies and specialist like psychologists or dentists.

•        Health care clearinghouses which process nonstandard health information they receive from another entity into a standard information such as a standard electronic format or data content, or vice versa.

•        Business associates of covered entities must also follow some HIPAA entities. These include contractors, subcontractors, companies that help administer health plans, billing companies, companies that process health care claims and companies that destroy medical records.

HIPAA and Your Document Scanning Company

If your company organization handles documents and records that must be compliant you must be extremely careful with electronically scanned documents. According to the website HIPAA Journal, a good place to start is to do a risk analysis to figure out potential risks to your organization. They usually involve unauthorized disclosure modifications or deletions of protected information. Disruptions to your IT system can also create noncompliance as can a failure of a business associate to properly comply with the law. Once you’ve assessed the risks, you should assess your organizations security measures to be certain they will help you maintain compliance.

Storage Quarters Will Help You Remain HIPAA Compliant

If you’re looking for document management services and you want to make sure your scanned documents remain secure and HIPAA compliant, Storage Quarters can help. We won’t outsource your document scanning. Everything will be done in-house by our staff, which has been trained in HIPAA compliance. They’ve also passed a background check.

Storage Quarters also provides important document security measures. We’ll encrypt your electronic documents. We’ll set up firewalls and strong disaster recovery programs. Storage Quarters can help you go paperless without compromising document security. Contact us today.