Recently our management team traveled to Las Vegas to update their Compliance and Privacy\u00a0certifications. Upon their return we reviewed our processes and the privacy requirements for data\u00a0and procedures. Most of the requirements involved a strong technical support team. After the\u00a0meeting I wondered how well others in the industry implement these processes. In thinking back\u00a0over the last seven years of working with providers of varying sizes it occurred to me that few\u00a0really truly meet the requirements completely and took it to the highest level. Not everyone has\u00a0their data protected both electronically and physically (locked doors\/cabinets, employee and\u00a0visitor entry logs, screen protectors, etc.).<\/p>\n
Electronic safeguards are the ones I think people often do not address adequately, if at all. Items like database and file system\u00a0encryption, email encryption or secure messaging, encrypting data in transit, role-based\u00a0permissions with need to know access, secure remote backups, multiple backups with tested\u00a0recovery plans, automatic session log-off or locking, remote wipe and theft protection. While\u00a0nothing is full proof in this world today, making use of the many tools to protect your data and to\u00a0eliminate or minimize the damage from a breach seems well worth the time.<\/p>\n
I would think any provider that truly has a long term approach to their business would want to\u00a0know what your vendor is doing to protect your data. I suggest that anyone with HIPAA data\u00a0have this discussion with their vendors, especially their billing company. \u00a0And if you have your own technical resources, internal or external get them involved in the conversation also. \u00a0There is never too much protection, but there is a point where it is too little.<\/p>\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
Recently our management team traveled to Las Vegas to update their Compliance and Privacy\u00a0certifications. Upon their return we reviewed our processes and the privacy requirements for data\u00a0and procedures. Most of the requirements involved a strong technical support team. After the\u00a0meeting I wondered how well others in the industry implement these processes. In thinking back\u00a0over the … Continue reading Privacy Requirements (HIPAA) in Ambulance Billing and EMS Billing<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-27","post","type-post","status-publish","format-standard","hentry","category-general"],"_links":{"self":[{"href":"https:\/\/www.sharpab.com\/Blog\/wp-json\/wp\/v2\/posts\/27","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.sharpab.com\/Blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.sharpab.com\/Blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.sharpab.com\/Blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.sharpab.com\/Blog\/wp-json\/wp\/v2\/comments?post=27"}],"version-history":[{"count":8,"href":"https:\/\/www.sharpab.com\/Blog\/wp-json\/wp\/v2\/posts\/27\/revisions"}],"predecessor-version":[{"id":38,"href":"https:\/\/www.sharpab.com\/Blog\/wp-json\/wp\/v2\/posts\/27\/revisions\/38"}],"wp:attachment":[{"href":"https:\/\/www.sharpab.com\/Blog\/wp-json\/wp\/v2\/media?parent=27"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.sharpab.com\/Blog\/wp-json\/wp\/v2\/categories?post=27"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.sharpab.com\/Blog\/wp-json\/wp\/v2\/tags?post=27"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}