Podcast: Play in new window | Download (Duration: 15:21 — 14.1MB)
Subscribe: Apple Podcasts | Email | TuneIn | RSS
By Adam Turteltaub
adam.turteltaub@corporatecompliance.org
When it comes to HIPAA everyone knows about the risks of disclosing Personal Health Information (PHI) improperly. Also important, but often overlooked, is the need to ensure that when patients want access to their data that they get it in a timely way and in the format that they want.
Cristin Gardner, Director of Consumer Products & Markets at Life Image, warns that this is a significant risk area for healthcare providers. The regulations stipulate that entities may not require unreasonable measures of patients. Failing to meet consumer needs can be significant. As she explains in the podcast, the first settlement for a violation of the regulation came in September 2019, and it cost the hospital $85,000 for just one violation.
So, why aren’t providers meeting their obligations? Part of it is due to old policies that have not caught up with the time. Many still rely on faxed and in-person requests. In addition, they are behind the times in their use of technology, still burning CDs for patients. This fails to reflect, obviously, the way data is transferred and used. In addition, it greatly slows down the sharing of critical health information.
Listen in to learn more about the risk and how to help your organization start thinking differently about providing data to patients.
Interesting comments related to statistics on how many providers may have EHRs and how many are sharing electronic data by way of burning CDs and other techniques based on their what was described as “outdated” policies.
I think we have two processes that are not necessarily connected…but have the potential to be. One is whether a patient’s PHI is maintained electronically and the second is how this ePHI is shared among providers.
Maybe in the future, somewhat as we are seeing with the evolution of HIEs and HIOs…we will see more connectivity between providers when sharing some different data types or files to include radiological studies or other large sized file types.
We certainly already have some techno available that can send ePHI securely among providers using email for example.
Thanks for sharing Cristin.
Comments are closed.