HIPAA info protection - phone calls

Started by Jim Jensen, December 02, 2011, 10:17:38 AM

Previous topic - Next topic

0 Members and 3 Guests are viewing this topic.

Jim Jensen

Just clicked an issue this morning to figure out the best way to handle. I talked to a client about their med issues that arose in a life app. No email or document to attach - just documenting the info from the phone call. I started to enter an Activity, like normal, but realized this info is HIPAA restricted. How are you documenting such a transaction and applying the proper security - email to self, then attached? I could do that or put it into a Word document - both with the proper attachment categories.
Jim Jensen
CIC, CEO, CIO, COO, CFO, Producer, CSR, Claims Handler, janitor....whatever else.
Jensen Ford Insurance
Indianapolis

Lance Bateman

I believe the easiest way is to have those sorts of things in a separate branch or department that is limited by security to those needing to see.  So Life for instance, would be in a different department or branch from personal or commercial.

Jim Jensen

Acitivities don't have a branch connection, at least not on the activity detail. I don't know if tying it to a policy that's in the L&H branch applies that department's security or not.
Jim Jensen
CIC, CEO, CIO, COO, CFO, Producer, CSR, Claims Handler, janitor....whatever else.
Jensen Ford Insurance
Indianapolis

brinkerdana

Couldn't you create an attachment category for HIPPA and secure it through Security Manager?
Dana Brinkerhoff
Retired

Jim Jensen

Quote from: brinkerdana on December 02, 2011, 01:52:51 PM
Couldn't you create an attachment category for HIPPA and secure it through Security Manager?

Yes, I have those, but what attachment might you use for a phone call? An activity isn't an attachment, so the categories don't apply. I decided to send myself and email, which I attached using a category and sub-category which are set for life business so that security can be applied. Just wondering if there are other ways that people have thought of.
Jim Jensen
CIC, CEO, CIO, COO, CFO, Producer, CSR, Claims Handler, janitor....whatever else.
Jensen Ford Insurance
Indianapolis

brinkerdana

I come from the old days when we created a document for phone call documention, so I went straight for attachments rather than activities.

Dana Brinkerhoff
Retired

Jim Jensen

I used to use memos, but they have the same problem as activities. Activities are long enough now that this could easily have fit in one, but doesn't seem to have the same level of security options.
Jim Jensen
CIC, CEO, CIO, COO, CFO, Producer, CSR, Claims Handler, janitor....whatever else.
Jensen Ford Insurance
Indianapolis

Sherry Burrell

Use a blank document - save in a HIPAA restricted folder and don't let it drilldown from an activity.  I would add an activity referencing the document, but unless it was corrected in a later version of TAM you could drilldown from an actiivity to a restricted attachement - with or without security.

Or - you could convert Epic - you can secure activity notes and attachments at different security levels (HIPAA, Management, etc).   ;D
Sherry Burrell
Oakbridge Insurance Agency-Duluth GA
Epic Online w/CSR24, +500 users