Known as the “Cures Rule,” this national policy requires healthcare providers to give patients access to all of the health information in their electronic medical records “without delay” and without charge. It mandates that patients have rapid, free, and full access upon request to test results, medication lists, referral information, and clinical notes, all in electronic formats. Some refer to the Cures Act Final Rule as the “Open Notes Rule.” This “Final” Rule supports seamless and secure access, exchange, and use of electronic health information. The rule is designed to give patients and their healthcare providers secure access to health information.
Keeping data secure is a top priority for non-profits and there are several reasons for this.
Non-profits are usually associated with various donors, and the relationship a non-profit has with them is a sensitive one. Protecting their personal information therefore is a priority for any organization.
Additionally, and most important, many non-profits in the human services field handle adults and juveniles in very vulnerable situations. Therefore, their personal information getting compromised or stolen is simply not acceptable. A breach of data would directly contradict the primary purpose of the non-profit, which is to protect the vulnerable.
Here are a few simple ways non-profits can secure their data.
One way for a software solution to help you be HIPAA compliant is to offer you HIPAA encryption as part of the package. But is that something you need to be HIPAA compliant? Technically, no, it’s not mandatory.
The rules state you should use encryption if it would be needed to safeguard electronic Protected Health Information (PHI). But, they do say if you don’t use encryption, you need to have an alternative to encryption that will safeguard as well as encrypting would. Or you need to have documentation with justifiable cause, as to why have taken a different tact with regard to safeguarding PHI.
Government agencies in general tend to stay in their own siloes and be reluctant to share information. Some of it is agency caseworkers being too busy. Some of it is concerns about being HIPAA compliant. And some of it is a healthy paranoia about data security. The right government software solutions can alleviate much of those concerns.
The things you do as a caseworker can have a great impact on the lives of those in your care. You are both the lead investigator and client advocate. You recommend what social services would best fit their needs. You give support and referrals, then follow up on each client’s progress. It is a demanding, but rewarding job. You're helping people improve their situations and create a better life in the long run.
When you operate a non-profit that deals with clients’ health information, you need to be careful to keep your organization HIPAA compliant. You might follow computer etiquette and train your employees well, but in the middle of a hectic day, one of your caseworkers could inadvertently create a HIPAA violation, if they’re not careful.
I recently read an article in Forbes about how Electronic Health Records (EHRs) are broken. And while some of the points they made were appalling, they weren’t surprising – at least, not to me. We’ve known about the limitations of the government approved EHRs for some time now.
In previous posts we’ve talked about different ways to make sure your case workers are HIPAA compliant, whether it’s through training, proper computer etiquette or what they do in the office. But even if you do all you can to keep your case workers HIPAA compliant, violations sometimes happen. If someone files a complaint, what do you need to do? Here are some answers.
I have seen first hand how having the right human services software can really make a difference in kids’ lives. How kids that are in the system, for whatever reason, can get better treatment, better understanding and a chance to just be kids.
This is the third in our series of posts outlining ways to make sure your caseworkers keep HIPAA compliant. Previously we talked about the training and the computer etiquette needed for being HIPAA compliant. Today we look at the things you need to do within your office environment to remain compliant.
When you have a client’s medical records, keeping them private is essential to ensuring you keep the trust of the people you work with. But breaking that trust has financial consequences as well.