Ensure patients’ privacy before the disaster
Before a disaster strikes
Every disaster plan should include a strategy for coping with damaged records. It’s a crucial first step in the HIM department’s recovery.
If the facility contracts with a fire, flood, or storm damage restoration company, it’s a good idea to have a contract ready that would address various provisions for ensuring the privacy of the documentation.
According to a disaster planning practice brief written by Gwen Hughes, RHIA, a Belgrade, MT-based professional practice manager with the American Health Information Management Association (AHIMA) in Chicago, the damage restoration contract should stipulate that the restoration business will:
- Specify the method of recovery.
- Not use or further disclose the information other than as the contract permits or requires.
- Use appropriate safeguards to prevent use or disclosure of the information other than as provided for by the contract.
- Include the items required in business associate contracts in accordance with the Health Insurance Portability and Accountability Act privacy rule.
- Report to the contracting organization any inappropriate use or disclosure of the information of which it becomes aware.
- Ensure that any subcontractors or agents with access to the information agree to the same restrictions and conditions.
- Indemnify the health care facility from loss due to unauthorized disclosure.
- Upon termination of the contract, return or destroy all health information received from the contracting organization and retain no copies.
- Specify the time that will elapse between acquisition and return of information and equipment.
- Authorize the contracting entity to terminate the contract if the business partner violates any material term of the contract.
You have reached your article limit for the month. Subscribe now to access this article plus other member-only content.
- Award-winning Medical Content
- Latest Advances & Development in Medicine
- Unbiased Content