/ Article How HIPAA Affects Medical Records Scanning

By Kara Rayburn, Global Manager, Product Marketing & Web

As in all other aspects of modern life, the healthcare industry is transitioning to a mostly paperless environment. The Health Insurance Portability and Accountability Act (HIPAA) was enacted in 1996 to protect the privacy and security of health information. The Security Rule portion of the legislation specifically addressed electronic versions of protected health information (PHI), keeping it secure, yet allowing covered entities to evolve their practices technologically. A covered entity is any health care provider, health plan, or health care clearinghouse that handles PHI.

HIPAA does not explicitly address scanning equipment, but the general rule of thumb is that entities must perform a risk analysis, determine if a particular piece of equipment is secure, and address any potential risks. Covered entities are required to follow four general rules that pertain to electronic PHI:

  1. Ensure the confidentiality, integrity, and availability of all e-PHI created, received, maintained or transmitted.
  2. Identify and protect against threats to the security or integrity of e-PHI.
  3. Protect against anticipated, impermissible uses or disclosures.
  4. Ensure that all employees comply with the HIPAA rules.

We will focus on the first rule here, and discuss how HIPAA has affected the choice of document scanners. Secure scanning of PHI requires two parts: digitizing the records, and getting that information into the right location.

Confidentiality

The HIPAA Security Rule defines confidentiality as “the property that data or information is not made available or disclosed to unauthorized persons or processes.” Any e-PHI created, received, maintained, or transmitted by a covered entity must be encrypted. Alaris scanners integrate with Virtual FileRoomTM to provide 256-bit encryption. Viewing files is transparent to the end user, but unauthorized devices cannot access them. The data remain encrypted, helping to ensure the confidentiality.

Integrity

According to the HIPAA standard, integrity is “the property that data or information have not been altered or destroyed in an unauthorized manner.” Yes, this does mean that the paper will still have to be stored in a secure manner, but the digitalization of the records makes it possible to store them offsite and maintain access to the electronic version.

Part of maintaining the integrity of e-PHI is ensuring that the scanned data is transferred, clearly and correctly, from paper to computer. Optical character recognition (OCR) is the conversion of images of text, whether handwritten or typed, into encoded text that can be interpreted by computer software. Alaris offers Capture Pro Software that, using OCR, captures and indexes encrypted data and automatically delivers it to its intended location. This intelligent software automatically flags questionable images and optimizes image quality without rescanning.

Availability

Availability, as it relates to HIPAA, is “the property that data or information is accessible and useable upon demand by an authorized person.” For example, if a patient goes to the ER, their medical records should be available so that the ER doctors can give appropriate care. Alaris has an Info Input Solution that makes scanning and archiving e-PHI a streamlined process, allowing for short turnaround time for e-PHI retrieval. This solution is a web-based one that ensures a consistent chain of custody across multiple platforms, which is essential to compliance with HIPAA.

Compliance Made Easy

The Alaris IN2 Ecosystem provides scanners and software that allow health care professionals to care for their patients’ PHI quickly and accurately. Complying with HIPAA’s security rule has never been easier. Now providers can focus on what they do best — caring for their patients.

About the Author
Kara Rayburn manages the global product, launch and web marketing functions for the Alaris business. Kara has a passion for technology, with nearly 15 years’ experience in B2B tech. To stay in touch, connect with her on LinkedIn.

Related solutions

Alaris Capture Pro

Capture Pro Software

  • Ideal for paper intensive business applications
  • Extensive integration with ECM systems
  • Network and Import modules available
Alaris Info Input Express

Info Input Solution

  • Ideal for large, enterprise customers
  • Integrates with business applications
  • Mobile module option

Contact

Alaris Information Management products, services and support are available worldwide and sold through resellers. 

To find a reseller in your area, call us at 1-800-944-6171 or complete our information request form below and a reseller will get in touch with you soon.

Thank you for submitting your information. We will be in touch soon.
Submit error