HIPAA and Document Imaging

• Standards requirements – Electronic transactions and code sets standards will need to be in place.
• Privacy requirements – This portion of the law cover the disclosure of patient PHI.
• Security requirements - Protected Health Information (PHI) must be protected at all costs.
• National identifier requirements – Electronic transactions and codes sets standards requirements.

For each of the above requirements you must consider whether or not document scanning or forms processing will help you or hurt you as a covered entity of HIPAA. Secondly, you must make sure any vendors you contract with, also comply with each aspect of HIPAA.

Why might document imaging help me with HIPAA?

The security requirement of HIPAA states that any covered entity must ensure that all PHI is secure and protected. It is very difficult to protect paper documents. As you compile more paper the greater your exposure to violations will be. Paper is susceptible to fire, flood, theft, and miss-filing errors.

Scanning your paper to centralized digital databases will enable you to come into compliance in an efficient and credible way.

When documents are digital they can be encrypted and user rights can be assigned to restrict access. Software packages like Captaris’ Alchemy will allow you to track and audit files and users in your system. These functions will give you data such as who opened and emailed a particular file from your database. User tracking provides a great deterrent to anyone in your organization from stealing someone else’s Protected Health Information (PHI). Additionally, digital documents are easy to protect from fire, flood and other natural disasters.

Paper Claims Processing

By using a service bureau to process your paper claims electronically you can get all your paper claims back in an ANSI X12 EDI standard format. With advent of the National Provider Identifier (NPI) the provider selection will now be a much easier process to pass along to a data entry company.   

Along with the X12 837 file you will be able to receive digital images of the paper claims along with attachments in a fully searchable and HIPAA compliant database. This will result in faster payments of claims as well as better security for your claims.

Service bureaus - When contracting with any service bureau or clearinghouse to process claims or handle PHI, those organizations become covered entities of HIPAA as well. You must make sure that organization complies with HIPAA as well. Just because you contract with someone else to perform your business processes for you, does not relieve you of your obligation to under HIPAA. 

We as a service bureau take every precaution to ensure our clients PHI remains safe and secure.  Our systems are fully redundant and our facility is secure.  All of our employees are fully aware of the importance of protecting PHI and sign confidentiality agreements in support of that protection.  Please click here to see a copy of our employee confidential agreement. 

For more detailed information on HIPAA please click here.