Ensuring HIPAA compliance with employees working from home will require a systematic approach. Robert K. Neiman, JD, principal with Much Shelist in Chicago, offers seven steps for better compliance:
- Hold a Zoom call for all employees reminding them of the company’s HIPPA policy and their obligations. Ensure the policy states employees working remotely and accessing protected health information (PHI) use company-owned, encrypted, password-protected, and VPN-equipped devices. Prohibit employees from using personal devices to store or access PHI. Direct all employees accessing PHI remotely to e-sign their understanding and agreement.
- Allow employees to access only the PHI they need to handle their job. Limit access accordingly.
- Prohibit any use of the company-owned device by any third party, including friends and family.
- Make sure employees’ passwords for their company device and wireless router are sufficient. They should be long and complicated enough, using a combination of letters, numbers, and symbols, to minimize the risk of hacking.
- Limit PHI printing. If any employee must print any documents containing PHI, then require he or she shred printed documents before disposing them.
- Require employees working remotely to disconnect from the company system when their work is finished for the day.
- Prohibit employees from leaving their company device in their personal vehicles at any time to avoid the risk of device theft via a break-in.
Leaders can use this checklist to help remote workers comply with regulations.
Article Limit Reached
You have reached your article limit for the month. Subscribe now to access this article plus other member-only content.
- Award-winning Medical Content
- Latest Advances & Development in Medicine
- Unbiased Content