Your Privacy Officer should be noting visitors to your office and ensuring that Visitor Privacy Policies are signed and retained. Business Associate Agreements are not the same thing as Visitor Privacy Policies, although many offices seem to use them interchangeably.
By reading this blog post, you will learn the difference between visitors and business associates. You will also learn more information about Business Associate Agreements and Visitor Privacy Policies.
What is a visitor?
A visitor is someone who has incidental access to patient information. For example, a technician repairing a chair may see protected health information (PHI) left on a workstation display or might have access to a chart left on a desktop.
What is a business associate?
A Business Associate, on the other hand, can have carte blanche (complete freedom) access to patient data. While many offices believe they have no Business Associates, this is seldom the case. Almost every IT provider is a Business Associate, as are most dental office software providers. Dental labs, despite their frequent protests to the contrary, are usually Business Associates, unless they are owned by a healthcare practitioner.
Cleaning services that have access to your office after hours may be considered Business Associates as well, especially if your practice still uses paper charts. If your landlord can enter your office whenever he or she wishes, the landlord may be a Business Associate as well.
Business Associate Agreements (BAAs)
HIPAA requires a Business Associate Agreement (BAA) if your practice works with business associates. Have a BAA ready for each business associate to sign. If you have further questions about BAAs, check out our blog post.
Visitor Privacy Policies (VPPs)
- Security responsibility
- Verification of identity
- Business associates
- Cooperation with regulatory agencies
- Investigation and enforcement
- Receipt and acknowledgment
Do you need help creating your HIPAA documents?
If you need help with providing the correct HIPAA documentation to your Business Associates or visitors, check out Smart Training’s Dental Platinum+, Dental Essentials, and Complete Medical Compliance packages. These packages provide you with all the HIPAA documents you need. We customize these documents for your practice. Request a free demo with a Compliance Officer here.