Scanning Protects the Privacy of Health Records - The Law

Scan and protect medical records

Scanning your confidential patient charts can make it easier to restrict and control the access of charts to only those who are properly authorized. The laws state that it is the responsibility to do everything in your power to limit unnecessary access to confidential documents.

What better way to restrict the access to private confidential information than to remove the paper medical records and only allow authorized employees access to the digital records.


Health Insurance Portability and Accountability Act (HIPAA), was enacted in 1996 and includes provisions intended to safeguard the privacy of patient health records. HIPAA is a significant piece of legislation with onerous penalties.For a full text of the SUMMARY OF THE HIPAA PRIVACY RULE from the Department of Human Services, available online. See page 16 of this document in regards to specifically "securing records under lock and key.…and limiting access….."

Data Safeguards. A covered entity must maintain reasonable and appropriate administrative, technical, and physical safeguards to prevent intentional or unintentional use or disclosure of protected health information in violation of the Privacy Rule and to limit its incidental use and disclosure pursuant to otherwise permitted or required use or disclosure. For example, such safeguards might include only allowing authorized personnel the access to confidential electronic records.


GLB (Gramm Leach Bliley)

Gramm Leach Bliley (GLB) is another federal law with a much broader scope than HIPAA. The broad standards outlined in this law were designed to compel financial institutions to "respect the privacy of its customers and to protect the security and confidentiality of those customers' non-public personal information." Specifically, this law requires protection against "unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to any customer." See page 1, section (b) (3) of Section 501 of the Conference Report and Text of Gramm-Leach-Bliley Bill published by the Senate Banking Committee.



The Fair and Accurate Credit Transactions Act of 2003 also known as the FACT Act was signed into law on December 4, 2003. In general, the Act amends the Fair Credit Reporting Act (``FCRA''). The Act contains a number of provisions intended to combat consumer fraud and related crimes, including identity theft, and to assist its victims

The Disposal Rule of FACTA, as proposed, requires entities covered by the rule to take "reasonable measures" to protect against unauthorized access to or use of information. Scanning records and taking them off-site to a professional record storage company is one way to restrict access to such records, while at the same time making the records immediately available on the desk top screen.