HIPAA Compliance Introduced.
“Hip…what?” That was my reaction when I first encountered HIPAA. I was working at a dental office while home from college for the summer. I had worked at that office part time while in high school and was now receiving instruction about the “new way” to do things around the office. I had been away at college making new friends, attending all the sporting events (as any loyal student would, of course), eating late-night pizza, and doing my school work somewhere in there. I admit that staying on top of the happenings in the healthcare industry were not at the top of my priority list. In my neglect, I had missed one of the biggest moments in healthcare legislative history—in all of healthcare history maybe. The HIPAA Privacy Act compliance deadline. In my time away from the dental office, the compliance date for HIPAA had come and gone. From what I could gather it was some messy law passed to protect patients. It sounded like it had been (and still was) quite the headache for practitioners and their staff.
So, I listened patiently to some of the new policies and procedures. It all started at the time of check-in. It was a violation of HIPAA policy for patients to know who else had signed in—to know who else was a patient there. It seemed lame to me, but I understood it was the law—and I wanted to keep my job—so I paid attention to the rules of blacking out and covering up patients who had already signed in. This involved quickly attending to each patient as soon as they signed in so you could get anything else you needed from them and their name covered up before anyone else signed in. It seemed easy enough. Next I listened to the other receptionist point out the specific direction that folders were turned whether they were in a cubby on her desk or outside the exam areas. Basically this precaution kept us from flashing the names of patients around for all the world to see. It sounded pretty similar to the issues with the sign-in sheet. And honestly, equally silly at first. As I learned some of the other rules around the office I understood that the essence of the law was to each patient’s PHI confidential. Yes, I had to ask what PHI stood for, but I know now—Personal Health Information.
As the summer progressed I gradually learned more about HIPAA, PHI, and some of the other ins and outs of the legislation and how it affected a small healthcare provider like our dental office. I can’t say that in that summer I came to a good understanding of all the intricacies, underpinnings, and logic involved in HIPAA. As a patient and as an employee in a healthcare provider’s office, I still felt a little naïve. I followed the procedures as best I could but sometimes wished that I could have a better understanding of the bigger picture and how the little details of what I did to basically protect our patients’ identities fit into that bigger picture. Something tells me I’m not the only one out there who still feels a little lost sometimes when it comes to HIPAA and what exactly is involved in compliance to it.