Keeping Your Practice HIPAA Compliant

Patient Protection

keeping your practice hipaa compliantAs psychologists around the country are treating more people for mental health issues it is as important as ever to keep those patients personal information safe and secure. From internal meddling, to internet security breaches, the need to protect patient information is at an all time high. Years ago patient information was stored physically in the office and documented on paper. Today, patient information is stored locally on hard drives or in the cloud on secure servers designed specifically to be HIPAA compliant storage servers. This allows local practitioners to relieve themselves of the responsibility of  storing data locally, giving them a solution without the technical headaches. Cloud storage is still susceptible to hacks and doing your due diligence is encouraged when searching for a HIPAA compliant storage solution for your patient data. This does not mean however that there aren’t secure ways to store your data in-office. This may be the solution for your practice, we just suggest taking extra security measures to make sure your data is safe.

Secure Your Network

Password protect everything. From the point of entry on your network all the way to the computer that the data is being stored on. Here are various levels of security that should be implemented if local storage is an option for you.

Secure your router

Secure your switch

• Add a HIPAA compliant firewall

• Password protect all computers

• Have an admin login separate from the user login

• Do not allow employees to have admin level access to the computers

Proper Disposal Of Patient Records (Paper)

As with any healthcare provider, patience come and go and patient information eventually needs to be discarded of. shredding patient documentsMany practices still rely heavily on paper and folders to store patient records for quick, convenient access. When a patient schedules a visit, a psychologist uses this information to access past records, assessments, prescriptions, and evaluations. There are many ways to dispose of these patient records should they become absent in their visits. The most common for of disposal for paper records is the use of a paper shredder.  It is important as a health practitioner to remain HIPAA compliant and this means properly disposing of patient records.


Proper Disposal Of Patient Records (Digital)

The disposal of digital records is a little more complicated. Paper shredders fit conveniently in any Dr’s office and the shredding process is a simple one. With digital data, the process is far more complex. Simply deleting patient records from a hard drive isn’t always enough. Secure data disposal is imperative to remaining compliant and properly disposing of patient records.


Proper Disposal Of Computer Hard Drives

There may be a time where the disposal of data isn’t necessary, maybe you are getting rid of the computers in your practice, or maybe you are updating the computer at the front desk to improve patient scheduling. Whatever the reason for updating the computers in your practice, make sure you dispose of the old ones properly. Hiring someone to properly break down the old machines is recommended if that is something that is outside of your knowledge base. But what if you are not replacing the entire computer? What if you just want to update your existing hard drive to a solid state drive for improved performance? If you decide to migrate data from your old hard drive to your new solid state drive it will be extremely important to properly dispose of the old drive. Hiring a company that specializes in HIPAA compliant hard drive destruction would be the first step in ensuring you continue to abide by HIPAA compliancy.



If you have gone through med school, opened a practice, and are actively treating patients for psychological disorders then it is of the upmost importance that remain HIPPA compliant to protect your patients, your practice, and your medical license. For more information about HIPAA compliancy for Psychologists you can visit the link provided.

Posted by Patricia Adams