Pharmacy News: Save your electronic PHI

The Show Must Go On!

When I started this blog series on HIPAA Readiness, I had no idea that real life was going to play such a big role in my posts! After telling you why HIPAA Readiness is such a big deal right now, how to handle possible breaches and how you as a pharmacy owner are responsible for your employees actions when it comes to HIPAA, a major pipe burst and “rained on our parade.” We didn’t see that coming, but we were sufficiently prepared to march on.

It’s important that your pharmacy is prepared to “march on” and to see patients through whatever happens to your facility or your community. Everything from hurricanes to snow storms to heat waves can damage your building, take out your electricity, or keep key employees from getting to work. Your disaster recovery plan should address the fallout from physical damage, loss of electronic PHI, and from the loss of key employees.

Here are a few high priority items for your plan:
1. Protect your electronic PHI. How can you access it if you can’t get into your building? Consider backing up your electronic PHI to a remote, possibly cloud-based, site. Make a plan for you or key staff members to access data remotely so they can work with patients from a safe place. This will also require you to ensure all of your employees who are remotely access your network are aware of standard security protocols for remote access.
2. Anticipate your patients’ needs. How can they get the medications they need if your facility is out of commission? You might establish a relationship with another independent pharmacy to back each other up in emergencies. Also, consider your state board requirements when utilizing a temporary site for your pharmacy.
3. Have an alternative communication system. Make sure you can get in touch with your employees. Immediately update your website with instructions on how patients can get their prescriptions filled.
4. Cross-train employees. The loss of a key employee to injury or worse cannot shut down operations. You need operational redundancy for the functions your employees perform just as much as for the functions your computers perform.
5. Train Staff and Test Plans. So, you’ve made a plan, but does it work? Get everyone on board and try it out. By doing so, you and your staff may see a better way or something that needs to be updated and keep your electronic PHI safe.

For more information about HIPAA and other pharmacy compliance solutions for your pharmacy, call PRS at 1-800-338-3688 and speak with one of our Specialists. Also, stop back here for additional posts on compliance issues and what you need to know as a pharmacy owner.