Sumner Mental Health Center Optimizes HIPAA Compliance

About this Case study

Sumner Mental Health Center moved its HIPAA policies and procedures to NAVEX’s policy management software to make its policy documents manageable.

1. Industry:

   Healthcare

2. Number of employees:

   60+

3. Before:

   Loose leaf approach to managing policies created challenges for maintaining HIPAA compliance

4. After:

   PolicyTech boosts organization’s confidence

5. Solution:

   PolicyTech®

Read the Case study

Sumner Mental Health Center Optimizes HIPAA Compliance

Sumner Mental Health Center (SMHC) provides a variety of mental health services to the Wellington, Kansas community. Their mission is to provide high-quality behavioral healthcare and addiction services that are cost effective and reflect the values of their consumers and community.

SMHC needed to move HIPAA policies from binders and desk tops to an electronic management system that allowed access to all employees, prevented outdated policies from being used and prevented current policies from getting lost while continuing to comply with HIPAA requirements. Sumner Mental health Center (SMHC) moved its HIPAA policies and procedures from notebooks to NAVEX’s policy management software to make their policy documents manageable and increase HIPAA accountability.

“We created a HIPAA compliance test in PolicyTech that employees must take yearly and get a certain score to pass. that way we always know that they are up on their HIPAA compliance.”

– David Robinson, Director of IT, SMHC

HIPAA Polices Move From Loose Leaf to Secure Internet

When the employees of SMHC needed to find a policy they had to go from desk to desk looking for the binder that held it. When the binder was found, it was often difficult to determine if the policy was up to date and accurate. It also took management significant time to find, review, and approve new policy documents.

Utilizing NAVEX’s PolicyTech policy management software transformed SMHC’s policy management strategy. PolicyTech stores all of the policies and procedures in a central database that is accessible from any internet connection. It also creates reports that record who has read what documents—and who hasn’t read them. It also ensures that only the most recent version of each document is published to readers.

Binders: Hundreds of Pages, Three Rings, and Legs

“PolicyTech has been very helpful,” said Robinson. “We are confident employees know where the policies are available and that we are covered both in a quality and legal manner because the policies are all up to date. From an administrative level it puts our mind at ease knowing every employee has the same information.”

SMHC also utilizes PolicyTech’s quiz feature to test each employee’s knowledge and bolster their HIPAA compliance efforts. “We created a HIPAA compliance test in PolicyTech that employees must take yearly and get a certain score to pass. That way we always know that they are up on their HIPAA compliance,” said Robinson.

“We were forever having the notebooks get misplaced,” said David Robinson, Director of IT. “They wouldn’t be in an office when somebody would come so we would have to try to find it.

As is typical in smaller organizations, many of SMHC’s policy creators do not write policies on a daily basis. However, when the task is necessary, they need to be able to get it done quickly and easily. SMHC administrators benefit from the convenience of the PolicyTech’s searchable document retrieval, as well as the time it saves them both in managing policies and in the review and approval process.

With the centralized storage and readership tracking, SMHC knows that their employees have read and understood their HIPAA documents. SMHC also benefitted from the user-friendliness of the policy management software. Microsoft Word™ modules saved SMHC the expense and hassle of installing and training on new word-processing applications. “I have multiple users who don’t just create policies all day,” said Robinson. “because PolicyTech is so easy and intuitive, it’s much easier for those teams to function.”

Conclusion

Policytech makes SMHC’s policy headaches go away with its user-friendly functions and compliance-conscious design. because each of SMHC’s employees can access Policytech on a daily basis, SMHC can protect itself legally, as well as protect the rights of its patients with more time to focus on improving the quality of their care.

About NAVEX

NAVEX’s GRC software and compliance management solutions support the integrated risk, ESG and compliance management programs at more than 13,000 organizations worldwide.