Securing Your Practice's Private Health Information

The U.S. Department of Health and Human Service’s Office of Civil Rights, which is responsible for enforcing privacy and security rules, suggests that practices implement the following steps to stay on the right side of HIPAA:

  • Designate a privacy and security officialwhose responsibilities include developing, documenting and maintaining privacy and security practices, and making sure staff understand their responsibilities.
  • Disseminate privacy and security policies among staffand continue communicating how your practice is integrating privacy and security measures into its operations.
  • Develop an action planto manage risk and minimize the vulnerability of ePHI. Risk management should address the security settings of the Electronic Health Record (EHR), IT network, hard drives, and other devices where ePHI may be stored. There are industry best practices for these settings.
  • Communicate with patients.Create policies and procedures for communicating with patients about your privacy and security plan and especially ones that address what to do if your practice experiences a security breach.
  • Make sure business associates have provided you with written agreementsoutlining their privacy and security measures before your practice shares protected health information with them. Business associates include billing companies, EHR vendors, and storage companies.
Share on Facebook

New: Advertise With MMS

Increase your brand awareness and visibility to physicians and the general public through advertising space on the MMS website and several MMS email newsletters.

Read More »

Subscribe to e-Newsletters

Stay on the cutting edge of medicine by subscribing to free MMS e-newsletters. Choose from up to ten subject areas including physician and patient advocacy, public health, CME, daily health care news, and more. 

Sign Up »

NEJM Resident 360  Ad

MMSMediaWatch

FacebookTwitterLinkedInYouTube

Copyright © 2017. Massachusetts Medical Society, 860 Winter Street, Waltham Woods Corporate Center, Waltham, MA 02451-1411

(781) 893-4610 | (781) 893-3800 | Member Information Hotline: (800) 322-2303 x7311