Call Today! 501.525.5752
If you are a Covered Entity or Business Associate under HIPAA/HITECH, you are responsible for your health records.
In the American Heath Information Management Association (AHIMA) newsletter from May 25, 2010, there is an extremely timely and pertinent article that every organization that works with personal health information should read: Off-site Storage: No More “Out of Sight, Out of Mind”
To prevent data breaches and manage risks and business impact, you must know all the personally identifiable data your organization holds, and understand how long you have to keep that data. Failure to protect this information can have tremendous consequences- legal liability, monetary fines, and loss of trust. This can severely damage your organization’s reputation as well as revenues.
“At Dallas Regional Medical Center in Mesquite, TX, old records stored off-site are only inventoried to the box, says Vickie Boyd, CCS, the facility’s HIM director. The content is unknown other than a range of patient record numbers. Boyd has already negotiated with her off-site storage company the cost of having all individual records inventoried.”
We, at Arkansas Records Management, have a tremendous amount of experience and expertise in making sure all health records are indexed and inventoried and managed in a compliant and affordable manner.
Don’t hesitate to contact us at any time to answer questions with regard to your organization’s health records.
Scanning, Indexing, Storing, Destruction, and Retention Schedules. We’re here to roll up our sleeves and help.
David D. Reagler, MBA
We work every day with organizations throughout Arkansas, and even throughout our country. There are several common problems that we address day after day.
1. Decentralized control of records. This exists in almost every organization of every size. Human Resources takes care of human resource records. The business department takes care of accounts payable and other invoice records. Health Information Management takes care of patient records. Costs are astronomical due to duplication, and lack of centralized training and planning. By sharing information and experience with the other departments in your organizations, you can save a lot of money.
2. Lack of preparation to address organization-wide risks and legal compliance. Risks such as snowstorms, power outages, computer hacking, influenza epidemics, all can impact your organization. Likewise, not meeting legal obligations of handing information can cost your organization many dollars. And simple preparation and planning will diminish the risk significantly.
3. Most organizations believe the way to fix records problems involves spending lots of money on expensive software and computer hardware and scanners.
5. Most organizations are afraid to do anything about their records for fear of doing it incorrectly.
However, your organization can attack most of your records problems without spending a penny. More specifically, your organization will spend less money from day one and the savings will snowball. Finally, the scary facets of electronic discovery, lawsuits, hurricanes, and such will diminish.
Don’t hesitate to call with any questions or problems. My mobile number is 870-208-4495.
David Reagler President, Arkansas Records Management
We work with business people every day struggling with the impact of out-of-control records in the workplace. Whether these records are electronic or paper, the consequences are the same.
The Environmental Protection Agency has a nice article explaining 10 business reasons why organizations need records management programs.
1. To Control the Creation and Growth of Records
2. To Reduce Operating Costs
3. To Improve Productivity and Efficiency
4. To Assimilate New Records Management Technologies
5. To Ensure Regulatory Compliance
6. To Minimize Litigation Risks
7. To Safeguard Vital Information
8. To Support Better Management Decision Making
9. To Preserve the Corporate Memory
10. To Foster Professionalism in Running the Business
If you are assigned the responsibility of coming up with records solutions for your organization, please feel free to contact us.
We have gone down this road many times, and a bit of planning and a bit of work will result in dramatic improvements in the office.
You may read the EPA article here: Why Records Management? Ten Business Reasons
David D. Reagler
The majority of our clients are small businesses with fewer than 50 employees. For many of these folks, backing up and accessing saved data is a frightening, on-going battle. With the amount of change in the world of information systems, we can all use some good advice. Just as important, we need advice that is appropriate for our budgets, expertise-level, and time constraints.
The U.S. Small Business Administration published a helpful article earlier this year. I’ve included the link.
In the article Caron Beasley writes that 48% of American small businesses have experienced some type of data loss. The top causes were hardware/software failure, accidental deletion, viruses and theft.
She brings up pertinent questions you and your organization need to ask and answer:
1. Do you need to back up your entire system or just essential data?
2. What are your vulnerabilities?
3. How often should you back up?
She also lists practical options in the marketplace.
I, as a business owner, struggle with these questions every day. We at Arkansas Records have been tested in many ways and have extensive experience with backup processes and backup media, both ones that work well and many that work poorly.
Don’t hesitate to call or contact us with problems or questions.
Stacy Jackson wrote an excellent article on records and litigation in the November/December 2011 issue of Information Management.
Let me summarize a bit of the article. In lawsuits, sometimes individuals are the target of litigation, but many times, the organization, itself, is the target. For instance, a certain policy that a company maintains or fails to maintain might be the reason for the suit. When this is the case, individuals become obligated, through the legal process, to speak on behalf of the organization.
The U.S. Federal Rules of Civil Procedure (FRCP) Rule 30(b)(6) provides the guidelines for attorneys when this happens. Attorneys will use this rule as a starting point for learning about the organization. With the massive amounts of electronic information companies gather and store, IT staff and records managers are called in to speak on behalf of the company or organization.
IT professionals can provide information relevant to where the data is stored. Records professionals provide information on what types of records are stored, for how long, and how those records are safeguarded and destroyed after they have met their retention requirements.
You can read the article here: What Records Professionals Need to Know
There is a lot of important information in the article.
One issue that I , as a business owner, gleaned from the article is:
1. That you need to manage your digital records
2. That you must be familiar with retention-related laws and take actions so you keep and make accessible relevant records
3. That you must delete those records when you no longer need them and are not required by law to keep them
If a firm keeps any and all e-mails, memos, and other information with no retention policies, litigation and e-discovery becomes extremely expensive.
Please contact me or my staff with any records related questions or problems.
In our business, we constantly work with clients, converting paper records to electronic images, storing and managing backup media, paper records storage and access, and other facets of records management.
But as Hurricane Isaac slowly heads into Arkansas, the subject of business interruption seems pertinent. Our firm meets every Wednesday for an hour or so to discuss and document and invest in what is called business continuity planning.
The basic framework of our process is as follows. We discuss and write down all possible situations that can impact our business. Natural disasters like winter storms, tornadoes, hurricanes, fires, lightning strikes, etc. are listed. We also list any situation we can think of that would impact Arkansas Records Management. This includes internet service interruption, power failure, computer viruses, employee absenteeism, holidays, and vandalism/theft.
Once we have an extensive list, we scale the threats for likelihood to occur on a scale of 1 to 5. 5 is the most likely and 1 is the least likely. And then we scale the list on impact to our business with 5 having the most impact and 1 having the least impact. We add the two numbers together for each threat, and attack the threats with the highest scores first and the lower scores last. This way we are addressing the most likely threats with the highest potential impact on our business.
Then, with each threat we go through scenarios where this threat occurs and write down how to prepare for it, purchase necessary supplies, and think through the logistics of having the needed supplies and plans where they need to be to be effective during the threat. The solutions for many of the threats overlap, and we list all of these on sheets of papers in binders as well as electronically, and store these documents in different places.
For instance, with Isaac, we filled vans and generator with fuel, re-tested generator, cleared warehouse floor of anything that might be impacted by flooding, called key clients to handle all standard records work prior to threatening weather, made sure client, utility, vendor, and personnel lists are ready to go. We also check to make sure that our key software and hardware is loaded and ready to go on portable devices, and we are ready to service clients during and after storm.
I hope this provides and little food for thought. We pray that Hurricane Isaac comes and goes without loss of life or property.
Don’t hesitate to contact us at Arkansas Records Management if you have any questions or problems.
David Reagler, President