How are we meeting the HIPAA requirements to audit access to PHI (protected health information)?
We conduct random audits of access to IDX CareCast, the computerized medical information system. Anytime an individual accesses a patient record through CareCast, an electronic audit trail is created.
As a reminder, only individuals that have a need to know patient information in order to perform assigned duties should access such information.
Remember: Individuals who improperly access PHI are subject to corrective action up to and including termination.
If you're a manager, please ensure all of your employees are informed of the contents of these messages and how it applies to your work area. Some ways of sharing the information include discussions during staff meetings, printing and posting this message or asking your employees if they have any further questions.