Ringing in the New Year with Proven Medical Records Management Tips
Tue, Jan 10, 2023
By: Steve Clopton
Nurses are tasked with gathering patient information; thus, they are at the front of patient privacy and information security. Even with the extensive safety protocols in place in most doctors’ offices, hospitals, and other medical establishments, the staff must stay on top of information security to guard against the identity theft of medical records. It is doubly important for those working in smaller medical establishments, as many identity thieves believe – and hope – that information security is not as strong as in larger medical establishments.
Passwords and Authentication
When creating passwords for access to computers, be sure to choose strong passwords that are complex. Not only does it help keep other employees from logging in under your name and doing something that might get you in trouble, but it also significantly decreases the risk of someone hacking into your account to steal patient information.
A complex password that is hard to hack and for others to remember has at least 10 characters. The password should also include symbols, lower and upper case letters, and numbers.
Additionally, if your employer offers it, you should always use multi-factor authentication – preferably through a text or third-party authenticator.
Regular Shredding to Minimize Identity Theft
As part of medical records management, you must know how long to retain each record. You should have a retention schedule for every type of document in the office, including patient records.
Once the retention period has expired, you should place the document or file in a locked shred box like the ones you can get from Gilmore. Our truck comes to your office for a scheduled appointment and shreds everything in the bin. You can even watch us shred the documents. The bins stay locked – they are dumped into the shredder by a machine, so our techs don’t even see the documents.
Once we shred everything in the locked shred bins, we return them to you to fill again.
Create a Work-from-Home Policy
Many medical establishments have people who work from home to help with medical records, including entering data for various insurance companies and transcribing medical records. If you have independent contractors or employees who work from home, you should implement a security policy if you already haven’t.
The policy should include the following:
- The requirement for robust, complex passwords.
- The employee must not use the computer for personal use.
- Rules for accessing your data and systems while the employee is working remotely.
- Regular regulatory compliance with HIPAA and NAID-certified companies.
In addition to the above, medical establishments should have a plan to dispose of medical records so that identity thieves cannot steal or recreate those records. Shredding them with just any shredder is not enough. The shred trucks at Gilmore have shredders that demolish the documents into pieces so small that it is nearly impossible to put them back together.
Furthermore, we bale your documents with other businesses’ documents and ship them to a NAID-compliant recycler. The recycler follows the same strict protocols that we do for document security.
Contact Gilmore today to discuss your shredding needs and to learn more about how our shredding and other services can help you significantly minimize the risk of identity theft from your medical establishment.