HIPAA Compliance and Medical Records

HIPAA Compliance and Medical Records

Stage 2 Meaningful Use, HIPAA Compliance and EHRs

Stage 2 Meaningful Use raises the bar on the conditions that have to be fulfilled in terms of HIPAA compliance and medical records security. In order to qualify for Medicare and/or Electronic Health Record (EHR) incentive payments, eligible healthcare organizations must now meet a new range of demands.

This article discusses the primary changes to Stage 1 Meaningful Use and the new demands introduced in Stage 2. It also suggests how integrating a secure texting solution with an EHR can ensure HIPAA compliance and medical records security, while meeting the demands of both Stage 1 and Stage 2 Meaningful Use.

The Primary Changes to Stage 1 Meaningful Use

There are three primary changes to Stage 1 Meaningful Use and four new demands to be met by eligible healthcare organizations under Stage 2 Meaningful Use. The three primary changes are:

  • Rather than recording more detailed demographics of 50 percent of patients, healthcare organizations now have to record more detailed demographics of 80 percent of patients.
  • A deadline of thirty-six hours now exists for providing a patient with an electronic copy of their medical records. Previously there was no time limit.
  • Whereas under Stage 1 Meaningful Use the storage of electronic health records had to be secure, this now applies to electronic document sharing.

These changes can all be accommodated with help from a secure texting solution. Medical professionals can record patient data on their mobile devices, print off an electronic record of a medical record from an integrated EHR and use secure texting to share documents, images and videos containing ePHI.

The New Demands Under Stage 2 Meaningful Use

The new demands under Stage 2 Meaningful Use tie in closely with HIPAA compliance and medical records security. Similarly to Stage 1, the demands can be accommodated with the integration of a secure texting solution with an EHR:

  • Healthcare organizations now have to document patient health behavior electronically.
  • Images – including x-rays, scans and wound images – must be accessible by EHRs.
  • The passage of medications must be monitored from clinician to administrator.
  • Prescription handoffs must be conducted electronically.

When using secure texting for HIPAA compliance and medical records security, documenting patient behavior and adding images to an EHR is straightforward. Medical professionals can write patient notes on their mobile device and send them to the EHR. Images can also be saved directly into the EHR.

The passage of medications and prescription handoffs can also be monitored with a secure messaging platform. This is the platform through which all ePHI travels when it is sent via secure texting. The platform also produces audit reports to help administrators determine how processes can be improved.

Achieving HIPAA Compliance and Medical Records Security with Secure Texting

Secure texting helps healthcare organizations maintain HIPAA compliance and medical records security, keep patient data up to date in real time, and securely share documents and images – particularly important when a patient attached to a different healthcare organization is receiving treatment at your medical facility, and medical records need to be exchanged quickly and securely.

When healthcare organizations use secure texting to keep patient´s EHRs up-to-date, supplying a copy of the treatment a patient has received on discharge is as easy as pushing a button. This ease of use can significantly reduce patient wait times while paper records are being collated. Furthermore, the reporting of Clinical Quality Measures will also be much quicker when the data is maintained on one secure database.

Prescriptions can be monitored and forwarded securely with secure text messaging – eliminating patient waiting time while their orders are being confirmed – and, as all access to patient´s medical records is monitored in accordance with the HIPAA technical safeguards, there is no risk of medical records being compromised during any of these secure texting operations.

Further Benefits of Secure Texting for Healthcare Organizations

As well as helping to meet the demands of Stage 1 and Stage 2 Meaningful Use, and ensure HIPAA compliance and medical records security, the implementation of a secure texting solution can streamline workflows, increase efficiency and enhance the standard of healthcare received by patients in a cost-effective manner:

  • Discussions relating to a patient´s healthcare can be directly added to their EHR to eliminate the manual input of treatments and medications.
  • Delivery notifications and read receipts reduce how much time medical professionals waste playing phone tag and enable them to use their resources more productively.
  • Physicians can collaborate securely to determine patient diagnoses, arrange for the administration of appropriate treatments and accelerate patients´ recoveries.
  • Emergency services personnel, on-call physicians, and home healthcare professionals can securely receive patient data “on the go” with secure texting.
  • Administrators can manage accessibility settings when a secure texting solution is integrated with a corporate directory to assist with HIPAA-required risk assessments.
  • Administrative controls can also reduce the risk of patient data being compromised if a message is sent to the wrong person or if an authorized user loses their personal mobile device.

HIPAA Guidelines for Medical Records

The HIPAA guidelines for medical records do not exclusively apply to medical records that are created, stored or transmitted electronically. All medical records are subject to the HIPAA Privacy Rule and the same considerations should be given to maintaining the integrity of paper medical records and preventing the unauthorized disclosure of PHI.

Although the HIPAA guidelines for medical records maintained on paper are not as comprehensive as those for electronically-maintained medical records, many of the same standards still apply. Covered Entities and Business Associates should implement a process for logging records and tracking their location while in transit. They should be stored in areas where there is controlled access and only be used in areas that have safeguards in place to minimize accidental disclosure of PHI.

Further HIPAA guidelines for medical records maintained on paper can be found under the “General Principles for Uses and Disclosures” section of the OCR´s Summary of the HIPAA Privacy Rule.

One Final Thought about Secure Texting Solutions

One final reason why healthcare organizations might wish to implement a secure texting solution (ahead of any other solution) to ensure HIPAA compliance and medical records security is that, in 2012, a survey of business mobile device users found that 92% preferred to use text messaging above other channels of communication because it was their belief that text communications require an immediate response.

This perception not only exists in the business community, but has been shown to be true in the healthcare industry. Medical professionals, used to looking at pagers whenever they bleep, tend to regard text messages as something that require their urgent attention. Consequently, healthcare organizations implementing a secure texting solution for HIPAA compliance and medical records security also benefit from an accelerated communications cycle.

This in turn results in streamlined workflows, increased efficiency and a higher level of healthcare delivered to patients.