Find the Right Medical Software for HIPAA Protection (Christine Harrell)
Sep 2, 2009
The privacy protections guaranteed to patients under HIPAA put a great deal of responsibility on medical providers. As more practices adopt free EMR systems they need to ask if the free medical software they are using is providing the privacy protection they need.
The Necessity of Privacy Protection
Most providers understand the need for HIPAA protection. While the regulations may seem onerous at times, it's easy for any of us to relate to the problem by putting ourselves or our loved ones in the patient's shoes. Medical procedures are by their very definition intensely private matters and not something for public discourse.
In the past, a journalist looking for a story could publish information about anyone's medical history without consent. An ambulance-chasing lawyer could troll for clients among injury claims. A private investigator could examine a woman's OB/GYN records to try to prove infidelity. Some offices had policies restricting access but others would provide information to anyone who seemed official. Patients could complain but had no legal recourse.
The Burden of Protection
HIPAA has been a great victory for patient rights but can be difficult for medical providers. They are ultimately responsible for any breaches of patient privacy regardless of the cause. This means if they use free medical software that doesn't protect patient data, it is the medical provider and not the software manufacturer who will be held liable.
This does not mean free medical software is a bad choice for EMR. The key is to find software that provides the protection patients deserve and medical practices require. It must limit access to authorized users and provide at least some protection against deliberate attempts at data theft. There is free medical software which offers solid protection, but how is a provider going to find it?
How To Find HIPAA Compliant Software
It would be easier for providers if there were a formal, HIPAA-approved certification system for free medical software. Then they could look for the HIPAA stamp and be assured they were safe. However there is no such program and practices must turn to third parties.
Although there is no official program of certification, software that has been reviewed by an unbiased organization and found to be compliant is likely to provide the protection providers need. EDIFECS is the leading organization that reviews software for HIPAA compliance. Their approval may not carry any legal weight, but it does provide guidance for medical offices as to which free medical software offers privacy protection.
Of course, full HIPAA compliance is more than a matter of which free medical software you choose. A comprehensive program of employee training, patient education, administrative policies, physical security and more are necessary for today's medical providers. It protects both the patients and the practice from the threat of data theft and privacy intrusion.
About the AuthorAuthor is a freelance copywriter. For more information on free medical software, visit http://www.freedommd.com/..