Chiropractors count as “covered entities” under HIPAA. That means you must comply with a mandated annual training schedule to make sure you’re HIPAA compliant, protecting both your patients’ personal health information (PHI) and your own business.
What is HIPAA?
The Health Insurance Portability and Accountability Act (HIPAA) of 1996 addresses patients’ rights when it comes to the protection of their personal health information. Patients’ personal health information is now protected by privacy laws, so that “covered entities” can’t release their medical records or other information without the patient’s prior written approval.
In order for businesses that keep personal health information to be compliant with HIPAA, employees must receive ongoing training in HIPAA rules, policies, and practices. The rules must then be followed and policies and practices must be performed as per the training. As well, any of the required training subjects, that address needed policies or practices not yet in effect, must have a plan to be implemented, followed through, documented and recorded in your HIPAA compliance manual. This training is part of HIPAA compliance but it’s also a protective mechanism for your business. If you or your employees don’t understand, and abide by all the details of HIPAA compliance and your chiropractic practice inadvertently violates the law, you may face any or all of the following: $50,000 fines, lawsuits, audits, costly interruptions to the normal flow of your business, being reported to your Board of Examiners, or being reported to third party payers including PPO’s/MCO’s in which you participate.
How to Comply with HIPAA Training Requirements
Comprehensive HIPAA training can help prevent any of those consequences from occurring. There are no specifications on how the training must be completed, but there are requirements relative to the topics that must be covered and there is a mandate that training be done (and documented) for ALL staff members annually.
Training methods can and should include:
- Educational courses: Whether in person or online, make sure the courses you pick cover topics that directly relate to the way you do business. Choose courses that include hands-on examples of particular situations, so that you and your staff become versed in handling actual compliance situations before you do it “live.” Something that sounds easy on paper can become deceptively difficult once you’re tied up in the red tape of actual compliance management.
- Computer HIPAA training: Computerized storage and transfer of patient records creates all-new potential hazards when it comes to accidental breaches of patient security. If you store PHI online, you’ll need to undergo specific HIPAA training designed to help you avoid those instances and ameliorate the damage if they do occur.
- Ongoing training: The best HIPAA compliance firms won’t simply teach a class or two when you ask, but will help you plan for your training needs and help you implement concerted training efforts over time. Set up a long-term plan to keep up with HIPAA compliance training, and you’ll be on track to protect your patients, your practice and yourself.
- Coverage of Every Requirement: There are multiple training requirements necessary for full HIPAA compliance. Written policies, workforce training, and how to manage complaints–among other things–must be covered in your training. You can read Laura Barten’s article on training requirements for more general overview information.
Make sure you choose a reputable company that specializes in HIPAA compliance and that has consultants with a long track record, so you know you’re receiving comprehensive training that accounts for all eventualities. Even with the best you cannot be 100% covered or safe. Laws and rules are constantly changing. You need a relationship with advisors who can maximize your protection. You don’t want to get caught out on a technicality.
Fill out our online form for more information on how to make your chiropractic office HIPAA compliant. We’ll help you from start to finish, so you know you’re covered every single day.