Home » Blog » File Management Tips for Staying Compliant and Keeping PHI & Confidential Information Secure

File Management Tips for Staying Compliant and Keeping PHI & Confidential Information Secure

File management involves knowing how to perform common file functions such as copying, moving and deleting files.  The goal is to have a systematic process whereby everyone can save and retrieve department files easily, and have up to date copies of files when needed.

From a compliance perspective, it’s important to keep department files organized, up-to-date and secure because doing so helps us meet our HIPAA requirements as outlined in the PRIVACY and SECURITY rules.  The goal of file management is to ensure we secure both PHI and confidential information effectively; also to ensure that you can find what you’re looking for on short notice.

Think of your file management system as a filing cabinet, typically we file hard copies alphabetically or by date.  A similar process can be used for electronic file management.  The only exception to consider is that in today’s digital world, employees utilize several server spaces in order to collaborate and create projects as such the value of managing shared files is of high priority.   These tips should help you keep your files safe, secure and easy to find in the future:

Organize by file types: Make any information easier to find by creating a folder with the title of the information you want to find (e.g. create a folder call “Compliance” on your drive

and keep all your compliance related information there).

One place for all: Place all documents in one location.  PHI and patient information should be stored electronically in Occuflex. Hard copy medical files should be maintained by clinic staff and secured in a locked file room.  (See policy: CC-702). Other confidential files like employee records and other HR documentation should be scanned and sent to HR and the paper copy shred.

Purge your files regularly: Keep your folders uncluttered by clearing out the old files; this applies to electronic and paper files.  Do not delete business related files unless you are absolutely certain that you will never need the file again.  Instead, create an “Archive” or “Inactive” folder and move old files into it. If you have paper documents, scan and save them electronically to eliminate desk and office clutter. Always follow the Documentation Retention and Destruction Policy. (See Policy: CC-703)


General Rules:

  • Keep files organized
  • Use plain and recognizable language when creating files
  • Be consistent with file maintenance in your department
  • Save information often

Finally, remember if you use other general electronic files on your system, be sure to save them to your personal drive.  If  you use the “Shared” drive then use the “Shared” drive exclusively and do not save files elsewhere.  This will make it easier to find documents, secure the information and ensure the files are backed up appropriately.

You May Also Like…