Tags Archives: HIPAA

You Only Have to Keep Personnel Records for How Long?

Posted on by Frank Leave a comment

Pop quiz: How long do you have to keep personnel records?

Correct answer: Only one year for former employees. That’s it.

Most executives are surprised by the short amount of time such files need to be kept after the termination of an employee. What seems to fall under a simple disposal schedule is often complicated by the fact that old personnel files may contain records pertaining to defined benefit plans or even health records, which should be kept in separate files.

For most businesses, the stored volume of old personnel records is inconsequential when compared to the volume of other business records being stored–so they sit around gathering dust. But have no doubt: Old personnel records can be the most dangerous files in a company’s possession.

Years ago, the most frequently filed lawsuit against a business was for product liability. That’s changed in the last dozen years or so. Now, the most frequent action taken against companies has been for adverse employment action. In particular, retaliation complaints filed with the EEOC during 2010 have increased 99% over 1997.

Whether it’s the EEOC or plaintiff’s attorney that reviews or handles a matter pertaining to employment action, you can bet the first thing reviewed will be all stored personnel files. Why? Their objective is to try to demonstrate a pattern and practice of discrimination.

When it comes to actions pertaining to personnel practices, I’ve heard there are only two kinds of employers: Those who have already dealt with personnel inquiries or lawsuits already and those who will have to deal with such disruptions in the future. Which category does your company fall under?

The best way to help you defend yourself against false allegations pertaining to employment practices is to limit the volume of old records you have in storage. In the physical world, doing this is quite difficult and very time consuming. In the digital world, deleting old personnel records is as easy as the click of the mouse. BIS’ imaging application, BIS4HR, can help you do a better job of controlling your stored volume of old personnel records quickly and effectively.

If you’d like to learn more about BIS4HR, please give me a call: (513) 721-FILE.

Recent HIPAA Fine Is Reminder: Protect Health Records

Posted on by Frank Leave a comment

Does $865,000 seem like a lot of money to you?

That’s how much the UCLA Health System recently agreed to pay in order to settle potential violations of the HIPAA Privacy and Security Rules. UCLA will also have to come up with an action plan to put their system in compliance with those rules, as part of the settlement.

The original complaints stemmed from unauthorized employee access to electronic protected health information of patients. An investigation found that records were repeatedly accessed improperly, leading to the $865,000 settlement in early July.

OCR, the federal office overseeing HIPAA, has been cracking down on organizations that violate HIPAA rules, including another recent $1 million settlement with Massachusetts General Hospital.

Every business with employees is likely to manage records that are subject to HIPAA rules. If you know what you have and are properly protecting those files according to HIPAA, you should feel fairly confident that you’re safe from such litigation. If not, let this hard lesson for UCLA Health Systems be a reminder to get your health records in check–before your business faces a hefty fine from OCR.

My company, BIS, manages HIPAA-protected records for numerous health care organizations in the greater Cincinnati area. If you have questions or concerns about your business’ health care records management, please contact me. We’re happy to help ease your HIPAA worries.