Lee Slaton, Smart Training’s Vice President of Healthcare, writes that signed Employee Privacy Policies “can be get-out-of-jail-free cards in worst-case scenarios.”
What should come before the Employee Privacy Policies?
Employee Privacy Policies are one of the last elements in a chain of proactive processes that help ensure the security of patient information. Here’s the order of processes:
Most Practice Owners never conduct routine background checks on current or prospective employees. This is like letting the fox into the henhouse. Avoid assuming you “know” someone you hired. Play it safe instead.
The State Department of Public Safety has, for the past several years, offered $3 ‘arrest checks’ which don’t really probe too deeply into someone’s history, but they are better than nothing at all. I always recommend Sterling Check for background checks; their number is 800-899-2272.
A note on HIPAA employee training: One of the real steps forward with Texas House Bill 300 was the requirement that employees be trained at time of hire on patient privacy. Texas Senate Bill 1609 watered this down to within 90 days of hire.
A final word: There have been cases where hired healthcare employees turn out to be in a data theft ring. These employees get jobs solely to access and steal protected health information (PHI). PHI is extremely valuable, and Practice Owners aren’t immune to the threat of criminal employees.
What should I do with Employee Privacy Policies?
- Notice of Privacy Practices
- Assigning privacy and security responsibilities
- Deceased individuals
- Minimum necessary use and disclosure of PHI
- Marketing activities
- Privacy complaints
- Prohibited activities
- Verification of identity
- Business associates
- Training and awareness
- Material change
- Retention of records
- Regulatory currency
- Cooperation with regulatory agencies
- Investigation and enforcement
With these packages, you will also receive HIPAA-certified employee training modules. Our learning management system (LMS) automatically documents your employee HIPAA training and creates certifications. You can store these certifications with your Employee Privacy Policies.
If you don’t have either of these plans, request a demo with a Compliance Officer here.
Trusting Smart Training is like putting your HIPAA compliance on autopilot.