Sound masking addresses troublesome remaining HIPAA issues related to discussing Protected Health Information (PHI) in open areas. If you don’t think about HIPAA everyday that’s a real mouthful, but it may apply to your business so pay attention.
According to a recent Harris Poll, sponsored by CareerBuilder and reported by USA Today, 53% of employees report having overheard confidential company information at the office. These privacy breaches create both legal and compliance concerns. For HIPAA covered entities this opens the organization up to significant fines.
You don’t have to be a Healthcare Provider to be covered by HIPAA.
Does HIPAA apply to your business?
If you provide healthcare it almost certainly does, but it also covers any entity offering self-insured health coverage or similar benefits such as an employee assistance program. For these businesses any unauthorized disclosure of PHI may still be considered a breach.
What is HIPAA?
HIPAA stands for the Health Insurance Portability and Accountability Act which was passed by Congress in 1996. HIPAA covers the following:
- Provides the ability to transfer and continue health insurance coverage;
- Reduces healthcare fraud and abuse;
- Dictates standards for healthcare information on electronic billing and other processes; and
- Requires protection and confidential handling of protected health information
It’s this last bullet that has proven most troublesome for healthcare providers and covered business. How do you adequately protect health information and avoid a breach?
What is Protected Health Information?
Protected health information (PHI) under HIPAA is any information about the health status, provision of healthcare, or payment for healthcare that is created or collected by a Covered Entity and can be linked to a specific individual. This is interpreted rather broadly and includes any part of a patient’s healthcare or healthcare payment history.
Over the last decade, healthcare organizations and covered businesses have gone to great lengths to protect PHI. This includes securing communication systems, networks, and businesses systems that handle PHI.
Everyone handling PHI is coached to only discuss it in private where it can’t be overheard, but this is often not realistic. The
What is Sound Masking?
When it comes to addressing noise, in this case private conversations, architects consider the ABCs; Absorb, Block, and Cover. Sound masking is designed to cover noise or speech. Absorption materials (carpet, ceiling tiles, etc.) and blocking structures (walls, cubicle partitions, etc.) sometimes aren’t practical and are almost always costly methods of dealing with sound.
Sound masking adds background sound at the frequency of human speech to produce greater speech privacy. It also has the added benefit of making open spaces seem quieter. This may seem counter-intuitive, but adding sound reduces our ability to interpret speech. When we can’t understand words, they are less distracting.
If deployed properly, sound masking is barely noticeable. It sounds like gentle airflow, and blends into the background. It’s easy to confuse it with “white noise,” but unlike white noise it isn’t unpleasant or an irritant when amplified.
Sound Masking Creates Privacy in the Open Office
The modern office has become more open and less private. Businesses have moved in this direction to promote collaboration between co-workers. Unfortunately, it also creates significant privacy issues. This lack of privacy is particularly troublesome for entities covered under HIPAA.
Sound masking is a cost-effective solution for limiting overheard conversations in open areas where PHI might get discussed and overheard. It helps companies protect confidential customer, company, and employee information.
Sound masking, if deployed properly, can limit the ability to overhear a conversation from as little as 15 feet away. Over shorter distances, you might hear the conversation, but you’ll struggle to understand it. In open spaces like reception areas and waiting rooms, sound masking is an excellent way to protect confidential information and limit privacy breaches.
