Smartphones Put Pharmacies at Risk for Inappropriate PHI Disclosures

PAAS National^®’s Fraud, Waste, and Abuse and HIPAA compliance program updates for 2020 included a new section: 11.11.5 Audio, Video, and Social Media (see our February article FWA/HIPAA Compliance Program Changes for 2020). Smartphone utilization has, unfortunately, become pervasive with patient interactions. Patients on their phone while trying to consult on new medications, or a patient snapchatting a friend while waiting for their prescription to be filled is all too common.

Pharmacies need to develop

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!

and enforce a policy to mitigate inappropriate protected health information (PHI) disclosure risk given the tendency for patients to have their phone accessible at the pharmacy counter and in the patient waiting area. It is the pharmacy’s responsibility to safeguard the PHI of patients, which can include audio/video recordings by someone other than the patient. Staff awareness and training become a critical component to enforcing these policies and handling them with tact.

Discovering a PHI breach occurred through an audio/video recording needs to be documented appropriately and handled swiftly. A patient, or customer, who obtains another patient’s PHI through inappropriate methods [in the pharmacy] should be banned from the pharmacy and, if PHI was posted on social media, requested to remove the offending content. Should they refuse or fail to act promptly, reaching out to the social media platform to request removal of the offending breach would be prudent. These efforts need to be documented thoroughly in an incident report.

See the full list of 2020 FWA/HIPAA changes with additional updates on the PAAS Portal. PAAS works tirelessly to keep you one step ahead of the game and in compliance.

PAAS Tips:

Confirm your HIPAA compliance program is staying relevant
Ensure employees are adequately trained on HIPAA to mitigate risk (see our eNewsline for an OCR fine that cost a provider $10,000)
Compliance programs offered through an entity affiliation may not be the best choice to protect your pharmacy.

PAAS Audit Assistance members can view the full article on our eNewsline.

Author
Recent Posts

Trent Thiede, PharmD, MBA

President at PAAS National^®

I started working at Shopko, a community pharmacy, in high school. Shopko was a regional chain, and I worked there for 15 years, holding positions as Pharmacy Manager and Regional Pharmacy Supervisor while completing my PharmD from UW-Madison and MBA from UW-Oshkosh. In 2013, I took over Shopko’s Long-Term Care division and helped divest it to KPH HealthCare (aka Kinney Drugs/HealthDirect). I helped grow their business throughout the Midwest, eventually servicing 20,000 beds in under four years.

I have always been involved in pharmacy audits, and hated recoupments, but didn’t see all the opportunities to combat audits the way PAAS does. PAAS is a small, family-orientated company, and I appreciate the opportunity to help independent pharmacies be more successful.

Latest posts by Trent Thiede, PharmD, MBA (see all)

Cybersecurity Incident at Change Healthcare – Documentation is Key to Reducing Audit Risk! - April 6, 2024
2024 Fraud, Waste & Abuse and HIPAA Compliance Program Updates - January 30, 2024
PAAS Battles MedImpact for DAW 0 Reimbursement on Semglee® - October 19, 2023