Ask the IT Expert! – (January 2016 edition)

We want to scan in all of our medical documents, what is the best way to do this?
– submitted by Robin

First we must know if you want to scan the documents in yourself or if you would like to have a service do it for you. There are many reputable, HIPAA compliant services within Arizona (and others throughout the United States) that provide a scanning service for you if you wish someone else to do the work. (please contact us for names, we would be happy to make recommendations).

If you decide you would rather undertake the task yourself, here are several things you should consider;

1. Retention – You are required to retain documents for a specified period of time. In most cases the scanned image can be considered the retained image but you will want to verify that with the documents authority.
2. Format – most documents are required to be a minimum of 300 dpi and must be saved in .pdf format. again, this is not true for all documents so verify with the documents authority.
3. Quality control – you will want to make sure all scanned documents are legible and therefore it is highly recommended that you visually inspect each document to verify it has scanned properly. This can be a cumbersome chore if you are scanning many records. Some, who are scanning a large number require that every 10th document is checked. but this is up to you as, if the scan is not legible and it contains information that you need and you have destroyed the original, you will have a significant issue.
4. Organization – you will want to be prepared for how you will file these documents. folder creation or into an application. if you will be creating folders, it is recommended that you create the folders prior to starting the scanning.
5. Storage – will these scans be stored on a network drive, the internet or some form of NAS (Network Attached Storage). you will need to verify that whichever you choose you have enough space and that the data is backed up.
6. Security – if these are medical records or other documentation that will fall under some compliance such as HIPAA, SOC’s, PCI or other, you will want to make sure they are secure and that others that should not have access to them do not have access. this can be done through Network rights or encryption if need be.

Once you have examined the above points and decided on a course of action, you will need a scanner that suits the job. There are many scanners on the market but for doing high volume scanning over extended periods of time you will want to contact your IT vendor or Copier vendor for the scanner that will fit your needs.

One last thing to contemplate is who will be doing the scanning, as this will take a considerable amount of time, you may want to hire a temp staff person to complete the job. Remember if this falls under HIPAA you will need a signed Business Associates Agreement.