There is a lot of focus when we bring an employee on board. We make sure we have all the HR done correctly and we follow our HIPAA guidelines. New team members are set up in all the systems and then we start training.
But what about when an employee leaves? Do you have policies and procedures in place to make sure that all their access to PHI is removed? How quickly will it happen? Are there checks in place to make sure that it does happen?
It is easy to focus on employees and on-boarding them correctly with HIPAA and the other paperwork required. We all know our policy and that they need to sign their documents and do their training.
Are your policies and procedures for when an employee leaves equally known by everyone? Do you have a checklist that will be signed off to ensure that you have taken care of removing the employee from all the systems they need to be removed from? What about all their passwords? Who is responsible for disabling them?
I focus on HIPAA, but there are also many other HR and hospital controls that need to be taken care of. Who checks to make sure these things are done? Do you have a person assigned the responsibility of checking behind all employees who have left?
Having policies in place is great and knowing exactly what you need to do when a team member leaves is wonderful. However, oversights can happen, and having a procedure where checks are made to make sure everything was done correctly is really important. Having a member of your team responsible for all employees and team members who have left is critical. Having this taken care of will ensure that you are protecting PHI, your facility and the team member who left.
No related posts.