Maybe you’ve heard you need written policies and procedures for your health information, but you’re left asking yourself why it’s so important?
The truth is, without written policies and procedures, you open a healthcare practice up to a whole host of problems, including major legal issues.
In fact, every business needs good practices that apply to your:
- Information that you collect from patients/clients
- Business practices including electronic (or paper) patient records, and computer network
- Financial information
- Billing, collection, and payment processing
Within the healthcare industry, there are additional legislation requirements that require specific written health information policies and procedures.
The Health Information Act (HIA) and the Personal Information Privacy Act (PIPA)
As we mentioned, when a custodian collects health information, you must follow the Health Information Act (HIA) in Alberta.
Like most other private businesses in Alberta, private healthcare practices must also comply with the Personal Information Privacy Act (PIPA).
The colleges of regulated health professionals (like the Alberta Dental Association and College (ADAC) and the College of Physicians and Surgeons of Alberta (CPSA), require dentists and physicians to meet the standards of practice which includes compliance to HIA and PIPA legislation.
In addition, the college has other standards of practice that you must meet, including policies and procedures for the collection, use, disclosure, and access of health information.
So, let’s explore further why written policies and procedures are so essential, as well as what can happen without them, and why healthcare practices may not think they need them in the first place.
Benefits of Policies and Procedures
One of the most critical benefits of having policies and procedures in place is that they’re good for business.
- They contribute to consistent, efficient workflow.
- You can figure it out once, write the procedure, tweak it to make it better, and then repeat the same procedure again and again.
- They help you make better business decisions, like buying supplies, choosing services, and selecting vendors.
- They help support your accreditation efforts.
- On-boarding employees the right way with no missed steps is much easier with policies and procedures in place.
If you’re looking for even more proof of the benefits of having written procedures, it can also help you avoid:
- Internal disputes within your team and external disputes with your patients and clients
- Re-work and re-training employees
- Poor customer service
- Poor reputation
- Fines and penalties
Fines And Penalties For Not Having Written Policies And Procedures
You might be wondering why you would face fines and penalties for not having written policies and procedures in the first place.
The HIA requires the custodian – which includes the dentist or dental hygienist – to take reasonable safeguards to protect the privacy and confidentiality of patients’ health information.
Having written policies and procedures is a common, expected, and reasonable safeguard.
Let’s say you have a privacy breach in your practice or an error (like sending a fax to the wrong number or you are a victim of a phishing or ransomware attack).
If you can’t demonstrate that you had the appropriate reasonable safeguards, like written policies and procedures in place, you are guilty of an offence under the law.
It’s illegal not to have policies and procedures when you collect health information.
If you are guilty of this offence, you are liable for a fine of a minimum of $2,000 and not more than $500,000. (HIA section 107(7)).
3 Policies and Procedures Myths
One reason some healthcare practices fail to have written policies and procedures is because they believe they don’t need them.
Often, this is because they’ve fallen prey to the common myths about policies and procedures.
There are 3 of the common myths that stop healthcare providers and their clinic managers from creating written policies and procedures:
- It’s Too Hard
While it does take some skill to write clear, easy to read, and easy to understand policies and procedures, it doesn’t have to be heard. In fact, you can even purchase templates to make this easier.
- It Takes Too Much Time
Writing policies and procedures does take some time.
But investing the time to create policies and procedures pays off by preventing suffering from inconsistent or broken procedures, using or disclosing health information in error, and having to pay fines, penalties, public relations nightmares, or spending the time required to run a privacy or security investigation.
- It’s A Waste Of Time
Here are a few good reasons that prove writing policies and procedures is not a waste of time:
- Practical privacy policies and procedures will create a more efficient practice and help you make better business decisions.
- The policies and procedures become the foundation of your privacy impact assessment.
- Policies and procedures are pre-requisites for other initiatives, like access to Netcare or other community integration initiatives, and privacy impact assessment (PIA). Click here to learn more about PIAs.
- You must have them as part of your legislative compliance.
- It’s the law. Not having policies and procedures regarding the collection, use, disclosure, and access of health information is illegal.
As you can see, written policies and procedures help ensure consistent office procedures and good communication between team members in your healthcare practice.
In addition to those good reasons, you must have good written policies and procedures about how you collect, use, disclose, and provide access to health information to avoid legal problems, fees, penalties, and other problems.
If you need templates of policies and procedures for your healthcare practice, be sure to sign up for the Practice Management Success Membership. These tips, tools, templates, and training will help you save time and money to develop and maintain policies and procedures in your healthcare practice.
Did you enjoy this article? If you’d like to look at similar posts, visit these links: