Does anyone know where I can get a HIPAA compliance form to post on my website? I can't find one anywhere and the ones I do find I have to buy!

__________________
Have a fantastic day! Dekota
Aspiring VA

HIPAA compliance form for what purpose? You can get a standard HIPAA release form from any local hospital/doctor's office. Try searching for Federal HIPAA forms...

__________________
Lily Chambers, The Virtual Office Goddess, LLC
Author "How to Do Your Own Small Business Bookkeeping"

Originally Posted by Ideal VA

Does anyone know where I can get a HIPAA compliance form to post on my website? I can't find one anywhere and the ones I do find I have to buy!

Dekota, I agree with Lily, why would you need one posted on your site? The only thing that you would maybe need one for is medical transcription (I see that you offer transcription for one of your services), but that would be between you and your client that required medical transcription (also a way to securely transfer files). You could do a nondisclosure/confidentiality statement on your site stating that all information is confidential and you will provide a nondisclosure/confidentiality agreement to clients.

I guess I'm just a bit confused because HIPPA has to do with patient confidentiality and everyone that deals with patient records.

Sorry, don't mean to be a naysayer here.

__________________
Jules, SunRise Virtual Solutions - WordPress Customization & XHTML/CSS Web Sites

Oh i just thought I had to have one showing that I am hipaa compliant... I guess it was more my misunderstanding more so than anything!

__________________
Have a fantastic day! Dekota
Aspiring VA

The earlier postings are correct, you don't need HIPPA compliance on your website. If you take a look at a doctor's website, you won't find any there either. The only item you may find, is a HIPPA document that the "patient" signs.

How are you saying you're HIPPA compliant? Are you HIPPA certified?

__________________
The Doctor's Rx
"The Doctor's Prescription for Success"

No. I definately dont know alot about hipaa. I know about patient confidentiality and I have a small book that i got from my transcription school that i read over and it doesnt break it down very well.

__________________
Have a fantastic day! Dekota
Aspiring VA

Hi Dekota, I agree with what Jules said in an earlier post. HIPAA compliance is complicated. I know, part of my day job is HIPAA compliance and remote offices that handle patient information must follow strict privacy and security rules. The offices you outsource for should have guidelines that they require you to follow but you also need to understand and follow the rules. I require any one who works from home with patient information to have a dedicated computer that is secure even if I have to furnish it. I also require encryption if patient files are transmitted via the Internet or email.

Again, like Jules said, I don't want to be a naysayer but if you are dealing with patient information, know the rules and CYA.

__________________
Jenny McKinney
http://www.offsiteofficepro.com

I have to agree strongly with Jenny on this matter.

The following list might assist you with the requirements you should have in place to be HIPAA compliant. It will fall under the Security section of the HIPAA law.

http://hipaanews.org/checklist.htm

The last I understood this through my HIPAA training (not certification, this is a term used when company consultants come into an organization and or providers office to evaluate the knowledge and understanding of all employees, then a certified report is on file in case the organization or provider are faced with a DHHS audit).

As per The Department of Health and Human Services (DHHS), which manages and is responsible for enforcing Health Insurance Portability and Accountability Act (HIPAA) Rule, there is no company entrusted to certify an individual as "HIPAA Certified" or companies or products getting "official HIPAA certification".

There is HIPAA compliance training however, which is targeted specifically toward organizations, providers, employees and BA's (Business Associates) <---- This is where organizations and providers will need their BA's to have a BAA (Business Associate Agreement that they are HIPAA compliant).

All covered entities are trying to ensure that they are HIPAA compliant. There are some companies who offer HIPAA software, at quite the fee.

If you are not HIPAA compliant, then the clients who hire you are ultimately responsible for any violations. I'm sure they are going to want to confirm, prior to engaging in this line of business, that you have all the necessary mandated steps in place for security purposes.

You might even be required by a client to provide a written explanation of how your system design features map to the various HIPAA security rule standards. How does your software/system security stand up to the specific security compliance objectives of the client?

As Jenny stated, HIPAA compliance is complicated.

The best place to start would be:

http://www.hhs.gov/ocr/privacy/

I wish you the best!

Thanks so much for that information! I am actually considering dropping medical transcription service altogether. I don't exactly enjoy it but I took two seperate training courses so I thought I should put my training to use! I am thinking about only focusing on the services I do enjoy... bankruptcy assistance, small biz bookkeeping and office assistance.

__________________
Have a fantastic day! Dekota
Aspiring VA