HIPAA Compliance – Signing a Business Contract with Vendor to Ensure Safe Disposal of Medical Records
HIPAA compliance makes it mandatory for the covered entities like healthcare clinics, doctors, clearing houses, health plan providers, hospitals and billing companies to take complete responsibility of the protection of patient health information. The HIPAA law makes them accountable for any lapse, which results into unauthorized display of the protected information. The covered entities have their business associates who provide variety of services to them. The waste paper recycler is one such business associate who takes care of waste paper disposal.
HIPAA compliance regulations put emphasis on conversion of patient health records from paper to electronic format. For medical records which are still in paper format, the covered entities need to develop an effective disposal strategy so that unneeded patient health information can be safely shredded or disposed off, without exposing it. The covered entity is accountable for the protected health information, it important that it enters signs a business contract with professional and certified paper recycler or shredder. As per contract the vendor should perform following tasks:
- Provide complete details on how the waste paper will be disposed off, safely.
- Indicate the time taken towards disposal. It should clearly point out the time lapsed between collection and its destruction.
- Ensure availability of specific sum of liability insurance, which provides risk coverage risk to the covered entity. This is because the covered entity is ultimately responsible for privacy of patient health records.
- Provide complete information on all the safeguards placed in waste paper management plan so that covered entity can rest assured of no safety breaches, from collection to disposal of the paper records.
- Provide proof of record destruction, whether it is by shredding, paper recycling or burning.
The vendor is also responsible for patient health privacy. To develop long term business relations with covered entity it is essential that the vendor should practice safe disposal of medical records The covered entity should get a written commitment in form of a signed contract to ensure HIPAA compliance during waste paper disposal.
A signed agreement with a business associate protects covered entity from penalties and persecution.
Read more on HIPAA compliance at, www.empowerbpo.com