If you have your own practice, there are certain areas that are pertinent to running your practice in an efficient manner. You should be aware of these areas and if not, you should be on the lookout for next year.
Now that hospitals and larger medical facilities are becoming more HIPAA compliant, the smaller facilities are now the focal point of the state and federal government. However, this means it is only a matter of time before the individual practitioners are on their radar. To no surprise, and as expected, HIPAA is on everyone’s mind.
A few points for solo practitioners to be aware of are as follows:
- If you are working with any type of third-party vendor, you must have a business associate agreement (BAA) in place pursuant to HIPAA.
- If you are utilizing any website to promote your practice, you must make sure that you have your HIPAA privacy notice either present on the website or have a link, clearly marked, in order for patients to get access to it.
- If you control any social media sites—for instance your LinkedIn page, your website, or your facebook page—and have patients’ testimonials on these media sites, you must have a HIPAA authorization. I cannot stress enough how important this is.
When you are buying a practice, expanding your practice by hiring new employees, leasing new equipment or moving into new space, the potential risk and liability increases accordingly. It is very important to ensure that you are protected with the proper contracts and clauses; otherwise—as great as the expansion and growth of your practice and everything that you have worked towards may be—you can be opening yourself and your practice up to unnecessary issues and risk it all.
Along with your practice growth always comes new patients. By opening your practice up to more patients, you are likely to have a higher percentage of patients who may no longer fit the mold of your practice, or something may happen where it is just not in the best interests of you or the patient to continue treatment. Even if your goal is to treat and assist as many people as possible, it may not be possible. What happens when you need to dismiss a patient from your practice? How do you actually let go of that patient without abandoning the patient, remaining ethical, and making sure you are doing everything required in order to move forward?
Copying of Records
How do you know when it is safe and legal to release copies of patients’ records to other practitioners or third parties? When a patient transfers or is referred to another practitioner and requires their records forwarded to that practitioner, you must make sure that there’s a proper HIPAA authorization. You also have to ensure that you are charging them the correct fee for the copies pursuant to New York Law, otherwise you may be facing legal consequences. Before copying any records, check that you have the proper HIPAA authorization to do so and that you are charging the recipient the correct fee for said copies.
If any of the above situations occurred this year or you are looking to expand your practice in the upcoming year, consider these issues to make sure you have everything in place so that you will have a smooth and easy expansion and transition. There is no need to create additional problems for yourself and your practice.
Contact me today with questions or comments.
Stephanie J. Rodin, Esq.
Rodin Legal, P.C.
Tel: (917) 345-8972
Fax: (917) 591-4428