HIPAA and Document Imaging
There are four important mandates under the HIPAA Administrative Simplification clause to
Privacy requirements - This portion of the law cover the disclosure of patient PHI.
Security requirements - Protected Health Information (PHI) must be protected at all
National identifier requirements - Electronic transactions and codes sets standards
Document scanning and/or forms processing will help you as a covered entity of
HIPAA. You must make sure any vendors you contract with comply with HIPAA laws.
Why might document imaging help me with HIPAA?
The security requirement of HIPAA states that any covered entity must ensure that
all PHI is secure and protected. It is very difficult to protect paper documents. As you
compile more paper the greater your exposure to violations will be. Paper is susceptible to
fire, flood, theft, and miss-filing errors.
Scanning your paper to centralized digital databases will enable you to come into
compliance in an efficient and credible way.
When documents are digital they can be encrypted and user rights can be assigned to
restrict access. Software packages like OpenText’ Alchemy will allow you to track and audit files
and users in your system. These functions will give you data such as who opened and emailed a
particular file from your database. User tracking provides a great deterrent to anyone in your
organization from stealing someone else’s Protected Health Information (PHI). Additionally, digital
documents are easy to protect from fire, flood and other natural disasters.
Paper Claims Processing
By using a service bureau to process your paper claims electronically you can get
all your paper claims back in an ANSI X12 EDI standard format. With advent of the National Provider
Identifier (NPI) the provider selection will now be a much easier process to pass along to a
data entry company.
Along with the X12 837 file you will be able to receive digital images of the paper
claims along with attachments in a fully searchable and HIPAA compliant database. This will result
in faster payments of claims as well as better security for your claims.
Service bureaus - When contracting with any service bureau or
clearinghouse to process claims or handle PHI, those organizations become covered entities of HIPAA
as well. You must make sure that organization complies with HIPAA as well. Just because you
contract with someone else to perform your business processes for you, does not relieve you of your
obligation to under HIPAA.
We as a service bureau take every precaution to ensure our clients PHI remains safe
and secure. Our systems are fully redundant and our facility is secure. All of our employees are
fully aware of the importance of protecting PHI and sign confidentiality agreements in support of
that protection. Please click here to see a copy of our employee
For more detailed information on HIPAA please click here.