We do not see patients in our office, therefore we do not have a large
volume of people that have access to our information.
All visitors to the office are greeted at the entrance by an employee and escorted
to the proper location for their visit.
If an employee must leave their workstation, each computer has a password
protected screen saver that is set to activate in one minute. All screens are
minimized if a person enters the office.
Each employee is issued a user ID and unique password for their computer. This
information is known only to the employee and office manager.
If patient information is out on a desk and the employee leaves the area, it
is turned face-down or covered on the desk.
All patient information is kept behind locked doors at the end of the workday.
CLAIM HANDLING
We use a clearing house that is HIPAA compliant to send all electronic claims.
Our software vendor is also HIPAA compliant.
Some claims that must still go on paper are sent before normal office hours to limit access.
AUDITING CHARTS
We do not keep patient charts in the office, however we do internalize audits
of the records available to us.
We randomly select ten charts for each physician to be audited on a monthly basis.
CONFIDENTIALITY
Each employee signs a confidentiality agreement when hired. The procedure for violation
of this agreement is reprimand or dismissal, depending on the severity of the breach.
Each amployee undergoes a background check before the hiring process is completed.
We hold bi-weekly staff meetings and all staff are required to attend.
COMPUTER FAILURE
We do daily, monthly and yearly backups of our system. These backup tapes are
kept off the premises. If failure occurs, our software vendor can restore the
system from these tapes.