This document explains how medical practitioners and healthcare entities such as doctor’s offices, clinics, hospitals, HMOs and pharmacies can take the help of a document management software such as Globodox to achieve compliance with HIPAA (Health Insurance Portability and Accountability Act).
What is HIPAA?
HIPAA stands for the Health Insurance Portability and Accountability Act. HIPAA is a federal guideline that aims to ensure that patient information and records are protected and maintain their integrity.
The US government passed the act on August 21, 1996. President Bush decided to allow the rule to take effect on April 14, 2001. HIPAA required effected entities to comply within two years i.e. by April 14, 2003.
Under HIPAA a patient has the right to access his or her own medical records. Patients can request to view or get copies of their records, request modifications to the records and request a listing of disclosures of their protected information.
In addition to this HIPAA privacy regulations control how and when protected patient information can be shared by physicians and administrative staff.
HIPAA will also help bring down medical administrative costs and improve the healthcare delivery effectiveness.
What is Globodox?
Globodox is a document management software which allows an organization to…
- Create a secure, centralized and searchable repository of all it’s paper and electronic documents.
- Selectively control a user’s access to the repository
- Record details about a user’s access to the repository
Is Globodox HIPAA compliant?
The covered organization is responsible for HIPAA compliance and not the vendor. In fact there is no such thing as a HIPAA compliant software or hardware (despite the claims of some companies). To be compliant organizations must satisfy the intent of the law. They must have the mechanism in place that guarantees safe electronic storage, access and transmission of patient records.
It is organizations not technology that must be HIPAA compliant. However technology can be used to help the organization in it’s efforts to be HIPAA compliant.
How does Globodox help with HIPAA compliance?
The use of Globodox itself will not be enough for an organization to be HIPAA compliant. Globodox as a document management software helps with the management and security of patient records – which is a big component of HIPAA. However it is important to note that there are aspects of HIPAA which are beyond the scope of a document management software (for e.g. having a dedicated employee as the “HIPAA compliance officer”).
Organizations who wish to be HIPAA compliant can use Globodox to take important steps towards that goal.
Globodox Enterprise Edition has all the tools & features you will need to.
- Capture patients records (both stored on paper and those stored in electronic files)
- Set up a access control mechanism for these records
- Quickly search and find these records
The section below briefly describes Globodox features and how they help an organization take important steps towards HIPAA compliance.
Globodox provide easy to use tools to scan in paper based patient records. Records can be scanned in individually or in batch mode. Similarly electronic documents such as MS Word files,MS Excel files, PDF files, e-mail messages can be added to Globodox individually or in batch mode.
Globodox lets you store indexing information along with each document or for a set of documents. Indexing information is stored in data fields. You can create up to 200 data fields for storing indexing information. Data fields can store text, numeric, date, time and Boolean (Yes/No) values. You can create fields such Patient Name, Address etc.
This indexing information can later be used to quickly find and retrieve records for a patient or a group of patients.
Globodox Enterprise Edition features a powerful and flexible multi-level security framework. Globodox requires the user to login before he or she can get access to the documents and their indexing data. This ensures that only authenticated users known to the system get access to patient records.
Globodox lets you specify access permissions on a user by user basis. For example you can decide that.
John, Tim and Mary are allowed to view records
However only Tim and Mary are allowed to modify records
While only Mary can also delete records
Globodox security is so flexible that you can even specify that a user can only view particular records, documents or particular indexing fields!
Documents added to Globodox can be optionally stored in encrypted form for additional security. Any of the industry standard encryption algorithms supported by Globodox can be used to encrypt the documents.
The security features help you comply with HIPAA rules which state that an organization must protect patients records against unauthorized access or modifications.
Using this feature an organization can keep track of every action a user perform with Globodox. For example you can find out.
When a particular user logged in?
What records/documents were viewed by the user?
When was a particular document added and by whom?
This feature helps you comply with HIPAA rules which state that information about each disclosure of a patient record must be available.
Check In/Check Out
This feature is designed to prevent two users from simultaneously modifying the same document. If a document is checked out for modification by a user then another user cannot open it for modification unless the document checked back in by the earlier user.
Globodox can store and provide access to several versions of the same document. It can create a copy of the earlier version of a document whenever new changes are made to the document. You can therefore easily access an older version of a document at any time. You can even decide the number of versions to be saved for each document.
Globodox helps organizations take important steps towards HIPAA compliance. Moreover using Globodox to manage your patient records also results in reduced costs and increased efficiency.
If you have any questions or need additional information, please contact us at [email protected]