As the Data Compliance Specialist with The Arc of Anchorage, one of my top priorities is the security of Personal Health Information, and compliance with the regulations that govern the use and access of PHI. Last week, I met with Program Directors, the Deputy Director, and the Director of Operations in order to address the potential vulnerabilities in the initial set up of our caseloads. These caseloads go all the way back to last summer before we went live, and before I knew AT ALL what I was getting myself into. (Incidentally, it was also the first ever meeting I conducted here at the agency, and my first opportunity to use the title “Certified Trainer” – look at me in my big girl shoes!)
I’ve been playing around a lot with the profiles options that came out in a semi-recent update, and guys, it’s awesome. There are endless ways of manipulating how an end-user accesses information in Therap, and that makes it incredibly personalized in regard to remaining compliant with HIPAA and HITECH regulations. It’s like digital spring cleaning! I’m going to be chained to my desk for an indeterminate number of days while I get things moved around the way I like them, but that’s job security folks!
Not that I’m encouraging full-fledged overhauls of the way you as an agency utilize Therap and how you have your caseloads set, but I am suggesting that it’s worth looking over to determine how you can tighten the access to PHI and protect yourselves from potential violations by ensuring you have those settings in place. Play with Super Roles and permissions. Test out the various profiles and abilities therein. I’m having a blast, feeding my OCD and organizing everything into straight little lines like my M&Ms – color coded and ruler-straight.
I know it’s still technically winter, but spring is LITERALLY right around the corner, so dust off those virtual cobwebs and take a look at your Therap closets. A place for everything, and everything in its place…and other cleaning cliches as well.