WorkTime - HIPAA compliant

December 8, 2020

5 min read

WorkTime is HIPAA compliant

The healthcare sector handles millions of highly sensitive patient information daily. Not surprisingly, statistics from “HIPAA JOURNAL” have shown that the number of reported health-related violations has steadily increased in recent years, with the highest number of data breaches recorded in 2018. WorkTime productivity monitoring features allow healthcare organizations to comply with HIPAA without invading privacy.

Defining the scope of HIPAA compliance

Health Insurance Portability and Accountability Act (HIPAA) requires healthcare organizations to adopt appropriate processes and procedures to ensure the highest confidentiality of Protected Health Information (PHI). PHI may include anything inpatient health records, such as medical history, lab records, to name a few. It also includes other patient information such as name, social security number, birth date, email addresses, and additional information that can be used for identity theft. Penalties can be up to “$50,000 per penalty, per violation and increase up to $1.5 million” per identity penalty.

Who is covered by HIPAA

HIPAA laws recognize covered entities (anyone administering treatment, payment, and other operations in the healthcare sector) and business associates (anyone who has access to patient information and supports treatment, payment, or operations). The covered entities under HIPAA regulations include medical, medical affiliates, legal, insurance, human resources, risk assessment. After the enactment of "HIPAA's omnibus rule" in September 2013, were extended to include business associates, auditors, consultants, IT companies, and others who have any involvement with health information.

HIPAA privacy and security rules

The HIPAA security rule requires covered entities to implement administrative, physical, and technical safeguards to ensure that medical information is stored, transmitted, and received safely and securely.

Administrative safeguards

HIPAA requires practices to develop and establish detailed policies and procedures for employees to learn, follow, and maintain PHI security.

Physical safeguards

Need to be put in place to protect locations and devices within practices. Access to facilities access must be created and monitored.

Technical safeguards

HIPAA requires practices to implement the right software and equipment to protect PHI. Practices should incorporate encryption and decryption in backing up, restoring, and transmitting electronic patient information.

WorkTime does not deal directly with PHI. It simply does not record it. WorkTime focuses on employee productivity monitoring.

WorkTime does not access PHI!

WorkTime is purely an employee productivity monitoring software that does not support any invasive features that infringe privacy. WorkTime neither has access to nor collects any patient PHI. This is because WorkTime doesn’t record screenshots, keystrokes, and sensitive data, which is the most efficient way to stay HIPAA compliant while implementing employee monitoring software. WorkTime components and all data collected by WorkTime Corporate stay on clients’ computers/servers.

With WorkTime's non-invasive monitoring features, healthcare organizations can ensure that both patients' and employees' sensitive data is kept private and protected.

How WorkTime helps healthcare organizations

WorkTime's non-invasive features have helped healthcare organizations to put their minds at ease on how their computers are used and how data is stored.
  • With WorkTime, health care organizations can easily keep an eye on employees’ activities to know exactly what websites they visit and what activities they carry out on their computers. Read this case study to see how reliable and efficient WorkTime employee monitoring software is when it comes to boosting employee performance.
  • WorkTime has been field-proven for over 20 years to offer multi-tier data protection features that ensure data security and successfully process large volumes of information with minimal system resource use.
  • To ensure transparency, WorkTime provides well-detailed policies, employee handbooks for healthcare organizations who wish to inform their employees about their intention to monitor their activity at work. This way, employee privacy doesn’t become an issue.
  • Since WorkTime does not record screenshots or keystrokes, healthcare organizations don’t have to worry about capturing Protected Health Information (PHI).
  • WorkTime provides real-time performance monitoring reports that give administrators a clear picture of how employees spend their working hours.
  • What’s next