A Guide to HIPAA Compliance in the Pharmacy

Although pharmacists understand that all of a patient’s medical information is confidential and access to that information is protected by the Health Insurance Portability and Accountability Act (HIPPA) of 1996, some still have challenges staying 100% compliant. That is why independent pharmacy owners should establish a compliance checklist and ensure their staff does annual HIPPA training.

“Pharmacy staff need to be aware of who they are providing health information to over the phone, in person, or via mail,” said Chirag Patel, PharmD, MBA, chief operating officer and brand ambassador for Carolina Pharmacy Group in Charlotte, North Carolina “The staff also need to ensure all health information at the pharmacy—prescription vials, labels, print outs, handouts, etc—is properly disposed of. That disposal source is most often an information security company that disposes of personal health information via shred boxes.”

Arielle T. Miliambro, Esq, a partner at Pine Brook, New Jersey-based health care law firm Frier Levitt, outlined the components of HIPAA:

• The HIPAA Privacy Rule protects the privacy of individually identifiable health information.
• The HIPAA Security Rule sets standards for the security of electronic protected health information (PHI).
• The HIPAA Breach Notification Rule requires covered entities and business associates to provide notification following a breach of unsecured PHI.

Each HIPPA rule may have different requirements and exceptions. Miliambro explained that the Privacy Rule contains certain limited exceptions for which PHI may be disclosed without authorization, such as to coordinate care among health care providers or to obtain reimbursement from a patient’s health insurer or payer.

Russell Dowdell is director of solutions engineering for Secure Link in Austin, Texas, which provides health care organizations with a centralized solution for managing privileged access for their third-party vendors.

Continue reading on Totalpharmacy.com