Portal Administrators: It’s important to us that our members’ protected health information (PHI) is always safe. Here are some good habits to adopt in protecting our members’ information:
- Schedule time to periodically audit your portal users.
- Inactivate portal accounts for staff* who have left your organization.
- Make sure your staff is assigned to the Tax IDs, providers, and roles that match their job’s required access to conform with HIPAA’s “minimally necessary” standards.
*When a provider leaves our network, the provider portal account is automatically updated to a special inactive user status. They will be able to view information, but not submit new transactions. This means portal administrators only need to actively update non-provider staff user accounts for those who should not have portal access.
