With only 85 days until April 14, retailers may need a checklist to make sure pharmacists have completed their HIPAA homework. The list was compiled by SN from multiple industry sources.
Supermarkets must declare themselves as a hybrid entity, which cuts out front-end employee training, or as a single entity to set up the proper HIPAA employee training program.
Appoint a chief privacy officer at corporate level to oversee HIPAA privacy initiatives.
Conduct HIPAA gap analysis to determine how the current store privacy policies match up with HIPAA requirements.
Create a Notice of Privacy Practice (NOPP) for customers. It must be written in simple language for all customers to understand. Pharmacists must be able to explain it to customers in person.
Pharmacists must devise a plan of how they will protect patient information and how they will deal with third parties when they request information.
Train people and make sure they follow the new rules and procedures.
Have an internal police process in place to ensure that patient health information isn't being mishandled. Pharmacists must be able to demonstrate how this process works.
Cull patient signatures. Make decision on whether to capture signatures through electronic method or file signatures through paper logbooks. Pharmacies have to collect these signatures only once, but they must keep that signature on record.
Look over physical pharmacy space to ensure that patient health information isn't easily overheard by others.