For ambulance services, HIPAA compliance is a particularly sensitive issue. Because of the sensitive nature of the health data that EMS and EMT professionals deal with on a daily basis, HIPAA Privacy and Security standards must be carefully adhered to.
This issue becomes even more sensitive when you consider that most of the data collected during pre-hospital care will likely be collected, tracked, and documented on a mobile device. Laptops, smartphones, and tablets are indispensable tools for ambulance care. Most of these devices will have access to electronic health records (EHR) platforms, which will in turn be connected to the rest of a hospital’s EHR data.
While mobile devices can provide convenience in life-or-death situations, they are also particularly vulnerable to the risk of a data breach. A data breach of unsecured health information can lead to serious HIPAA violations and put patient privacy at risk.
The kind of health information that these devices have access to is called protected health information, or PHI. PHI is any demographic information that can be used to identify a patient. Common examples of PHI include names, dates of birth, medical information, insurance ID numbers, addresses, full facial photos, and telephone numbers, to name a few.
The HIPAA Rules set specific standards for maintaining the privacy, security, and integrity of PHI. Though the regulation can seem complex, the standards are in place to safeguard PHI. As per HIPAA, ambulance services necessarily fall under the category of Covered Entities, meaning that they are responsible for maintaining compliance with both the HIPAA Privacy Rule and the HIPAA Security Rule.
These two rules set limits for how and when PHI must be stored and accessed. Below, we list a few of the major components of the HIPAA Rules that all ambulance services can implement in order to keep PHI safe and secure on the go.
These are just a few of the ways that ambulance services can protect PHI and comply with HIPAA mobile device standards.
In addition to the actions listed above, a total compliance program that addresses the full extent of the law must be in place in order to prevent HIPAA violations and data breaches.
Addressing HIPAA compliance can help ambulance services confidently treat their patients without worrying about the risk of data breaches or government fines.
AAA provides ambulance services with expert advice on HIPAA, family leave, workplace injuries, wages and timekeeping, and more. Add your ambulance service’s HR or compliance professional to our email list to keep up-to-date.
The Office of the Inspector General of the Department of Health and Human Services (HHS-OIG) recently issued the “Measuring Compliance Program Effectiveness: A Resource Guide“. The Guide was developed by a group of HHS-OIG professionals who wanted to provide a set of metrics by which health care providers can measure the elements of their compliance program. The authors recognize that not all the metrics are applicable to all health care providers but intended to be used as a guide. The Guide was released on March 27.
You can also read the full “Semiannual Report to Congress (October 1, 2016 – March 31, 2017)“.
Maintaining compliance within an EMS service can be a daunting task, especially given the number of regulations that we must follow.
One way to look at EMS is if a trucking company married a hospital.
There are rules and regulations to abide by for an entire fleet of vehicles, from safe operation guidelines all the way down to the use and color of lights. Then there are requirements for a group of healthcare providers, which include necessary certifications such as CPR and knowledge of pertinent life-saving skills.
Not only does maintaining compliance keep vehicles and equipment running smoothly, but it can offer employees valuable peace of mind and keep everyone focused on the same goals of providing the best care possible.
I like to consider compliance an investment in common sense.
Employees know what is expected of them at all times, and they know what type of support their employer will provide to keep their skills sharp. In turn, an EMS service gains from being in good standing with regulators and from an engaged, confident workforce.
The benefits of a strong culture of compliance are immense. An organization that lives and breathes compliance can help ensure a smooth-running operation that features top-notch communication and quality providers who offer excellent care.
These six key ways ensure compliance will serve as a roadmap to a strong culture in your organization:
It’s not too late! Scott Moore, Esq’s Know When to Hold ‘Em or Fold ‘Em webinar has been rescheduled to September 21 at 2:00 p.m. ET. Register now►
Speaker: Scott Moore, Esq., EMS Resource Advisors
Your organization has been served with a lawsuit or investigative demand on an employment claim. Is your organization prepared for what is ahead? This session will follow what an employer should do long before the Constable serves the papers. Human Resources Managers treat employee personnel records like it is evidence in a case because it could be. This session will also discuss the financial and practical costs of defending your organization and how you can still lose even if you win.
I was born in Muskogee, OK and currently live in Tulsa, OK. I received my nursing degree from Connors State College and my bachelor’s degree in English from Northeastern State University. I began working at Muskogee County EMS as a paramedic 24 years ago, have moved through the ranks over the years, and have held my current title of Compliance Officer for about 12 years. When I’m not doing EMS, I am the Director of Nurses at Kids’ Space, a child advocacy center in Muskogee.
I’m married to Steve Williamson, CEO/President of EMSA, and between us we have 7 children and 6 grandchildren.
It’s always a challenge. Nothing is ever the same. I enjoyed being a paramedic because it was always different and no two patients were alike. Even though I’m now in administration and I’m dealing with Medicare, Medicaid, and insurance and regulatory issues and legislation, it is still never the same between days. I never feel like I have everything figured out, so there’s always a challenge in my job.
The EMS industry as a whole has so many challenges, but my biggest professional challenge would be making sense of some of the laws, regulations and rules that govern how we operate and how we get paid. Also, dealing with the bureaucracy and taking a simple concept, such as “we provide medical care,” and trying to get people in Congress and the legislature to understand that we’re not a supplier, but a provider. Translating all of that into simple, real-world language that everyone can understand so we can all be on the same page – that is a challenge.
I don’t really have a typical day! I’m very fortunate that, because I travel so much and because I have to be in different places, my schedule is very flexible and I’m able to work from home a lot. But typically when I go into the office, I can tell in the first five minutes if it’s going to be one of those days that I’m not going to sit down at all, or one of those days where I’ll have blocks of time to sit down and be productive. I try to talk to the medics every morning, and I talk to our Director and do a brief overview every morning and deal with any problems that may have occurred. My day is a constant interaction with the other administrators, the staff, and the medics, and can be a lot of running around.
I feel as though we as an organization (Muskogee County EMS) are light years ahead of so many other ambulance services because we get the information and the education that we need so easily. We can stay on the forefront of what is happening legislatively with Medicare and Medicaid regulatory issues, and we are in such a better position as a company and as a business because we have access to frontline information and top-of-the-line education. With AAA, industry experts are just a phone call or an email away. I cannot imagine trying to do my job and be effective at all without the education, the experts, and the ability to contact people who can help at a moment’s notice. I cannot imagine doing my job without having access to the AAA.
AAA legal eagle and human resources consultant Scott Moore shares with us best practices for handling pregnancy in your ambulance service.
AAA legal eagle and human resources consultant Scott Moore shares with us best practices for managing traffic citations and DUIs by EMTs and Paramedics.