HIPAA privacy compliance explicitly requires your business to protect patients’ medical records. In order to maintain effective internal controls, HIPAA compliance training must be held on a regular basis. Understanding roles, responsibilities and document shredding procedures will keep your company HIPAA compliant.
Covered Entities & Associates
According to the U.S. Department of Health & Human Services (HHS), “If an entity does not meet the definition of a covered entity or business associate, it does not have to comply with the HIPAA Rules.” If your company is a healthcare provider, health plan or healthcare clearinghouse, it must comply with HIPAA privacy rules. Associates must sign contracts attesting to their responsibilities, and they must have a firm understanding of what information is to be safeguarded. Compliance training varies in scope depending on the size of your organization. However, there is common data that’s protected.
HHS notes that HIPAA protects the following information:
- Patients’ past, present or future mental or physical condition
- Healthcare treatments or regimens
- Payment methods of past, present or future health care
HIPAA Privacy & Shredding Sensitive Information
Shredding procedures are an essential part of HIPAA compliance programs. As a leader in on-site shredding services, we provide a reliable solution for document disposal and data protection. Whether documents are stored electronically or in paper form, we can dispose of your records with minimal disruptions to ongoing operations. Our highly trained and vetted staff members come from ex-law enforcement or ex-military backgrounds, which helps keep your HIPAA information safe.
For your business and employees to remain compliant with HIPAA privacy rules, it is important to conduct regular training. Periodic shredding of sensitive documents is an integral part of your company’s compliance efforts. We provide you with peace-of-mind when it comes to document disposal and recycling.