The Health Insurance Portability and Accountability Act of 1996, commonly known as HIPAA, calls for certain privacy and security measures and rules to be put into place for the protection of patientsâ health information. HIPAA requires that your patientsâ health information be kept and secured under certain safeguards, such as a qualified retention facility . This facility, and your practiceâs retention policy in New York City, should be protected against physical damage, digital hacking, and unauthorized access. Continue reading to learn more about your responsibilities regarding patient and client information.
Your retention policy for HIPAA information should include a secure facility that has limited access. There must also be a designated official who will develop and enforce the security policies and procedures for your retention policy. Ensure that all of your employees are trained and aware of the HIPAA policies, and ensure that those who work directly with patient and client information are fully trained in its management and retention. Work with your retention company to allow auditing controls whenever you need to examine the access records. This will help you maintain the integrity of your HIPAA information.