Storing medical records is an emerging trend in healthcare systems around the world. With it, healthcare workers, such as your physicians, caregivers; medical facilities such as hospitals and clinics; even your health insurance providers, will have access to a continuous, comprehensive, and reliable data on your medical history with which they can use to keep track of your health, diagnose your conditions, and monitor your treatment.
In the United States, more than 90% of all types of hospitals already use Health IT by 2015, with 74% of Americans confident of the security of these IT systems. However, 66% of them have apprehensions with what exactly happens when their records change hands, with ten percent even refusing to provide certain information about themselves for fear it being opened up to the public.
Exeter Studios, in its aim to provide quality software solutions, including its developing Electronic Medical Record (EMR) and (Electronic Health Record) systems, have made it a point to ensure its clients with a secure and advanced software to keep their EMRs and EHRs, following the Health Insurance Portability and Accountability Act (HIPAA), as well as working towards reaching Health Level-7 and Fast Healthcare Interoperability Resources (FHIR) standards.
As such, with Exeter Studios, any medical firm can be reassured of the following things that any competent and quality Health IT program should guarantee.
All records will be kept private
Considering its your medical information that we’re talking about, all aspects of it should be kept confidential and be open only to those necessary for your treatment. Also, not only is your Electronic Protected Health Information (ePHI), your medical record in electronic form, itself protected, but these information should also be kept secret:
- All geographical data smaller than a state
- Dates (other than year) directly related to an individual
- Telephone numbers
- Fax numbers
- Email addresses
- Social Security numbers
- Medical record numbers
- Health insurance plan beneficiary numbers
- Account numbers
- Certificate/license numbers
- Vehicle identifiers and serial numbers including license plates
- Device identifiers and serial numbers
- Web URLs
- Internet protocol (IP) addresses
- Biometric identifiers (i.e. retinal scan, fingerprints, Etc.)
- Full face photos and comparable images
- Any unique identifying number, characteristic or code
Everyone involved should protect your ePHI
There are basically three types of persons who are involved–––and therefore responsible for–––your ePHI: your healthcare providers, your health plans, and your healthcare clearinghouses.
Healthcare providers are the people and institutions who attend to the patient: doctors, medical staff, clinics and hospitals: essentially anyone and everyone directly involved in the treatment of the patient, and who get paid for the treatment, belong in this category.
Health plans are your HMOs, Medicare, and any other individual or group health plan that will pay for your medical bills. Considering they require access to your records to determine the extent of their coverage, they are privy to its contents, as well as responsible for its security.
Healthcare clearinghouses are the institutions that take care of the finance aspect of your treatment: billing, refinancing, etc.
You have access to your ePHI
Being the patient, you have the right to know the contents of your ePHI. According to the HIPAA, you have 30 days upon request to be given access or a copy of your medical record. However, in the event that your records are not kept in the facility, another 60-day grace period is given to them to provide you with your records. Of course, you can be charged with a fee, although it should be reasonable and should only cost the labor and supplies needed to provide you with your record.
You know how your ePHI is being protected
Usually, we gloss over the forms that we’re usually asked to read, like in Notices of Agreement, instead just scrolling over to click the “I Agree” button. Be it as it may, you really are supposed to read it carefully.
In any case, your are also to be informed of how your ePHI is being protected by the software that keeps your EMR and EHR. Aside from that, every client and patient should also be informed of any changes in its security protocol, as well as when these changes will take effect.
Sharing your ePHI is on a need-to-know basis
In the course of your treatment, medical staff may need to have access to certain medical information. In light of this, the HIPAA enumerates a detailed and specific list of guidelines of what can and cannot be given to anyone concerning your ePHI. What’s important to remember is that you, as the patient, should give permission first to giving access, with the caveat that you are in a cognizant mental state to make the decision. Also, the only medical information that should be given are those that have a related to the treatment you’re undertaking.
For more information about the HIPAA and their guidelines, you may visit their website at https://www.hhs.gov/hipaa/index.html.
If you have any Healthcare Software design and Development requirement, please reach out to us at [email protected] or call us at 1-(877) 393-8370.
Edwin Oscar Gutierrez, Jr.//Exeter Studios, LLC