Skip to main content

How Can PIMSY Help Keep You HIPAA Compliant?

PUBLISHED ON: 01.01.2016
PIMSY mental health practice management EHR enhances HIPAA compliance

It goes without saying that HIPAA compliance is of the utmost important to mental & behavioral health care agencies. While most EHR software helps increase data protection, how specifically can PIMSY help you keep HIPAA compliant?

Keeping your data safe & secure is one of PIMSY’S foremost priorities, and it offers multiple layers of control options for your agency. Any time you request something from your staff, you can see when the request was sent, to whom it was sent, when it was received, and whether or not the request was fulfilled.

Everything in PIMSY is tracked: you can see every action that was taken in the system, when and by whom, providing full accountability and complete transparency within your organization.  See below for some of the many ways we protect your information – and click here for our detailed HIPAA compliance statement.

7 Ways PIMSY Protects Data and Helps Keep You HIPAA Compliant

1. No Data At Rest: All Data is Secure in the Cloud

PIMSY eliminates vulnerabilities from filing cabinets, misplaced flash drives or (gulp) client charts stolen from your car while paying for gas (actual example of a HIPAA breach). In addition to eliminating the need for paper charts, with PIMSY, there is no data at rest on anyone’s personal device. Everything is stored and encrypted safely in the Microsoft Azure Cloud, which adheres to HIPAA protocols.

2. Safe from Browser-based Attacks & Vulnerabilities

PIMSY’s unique architecture protects your data even further: unlike many other behavioral health EHR systems, PIMSY isn’t vulnerable to Browser-based attacks – or the whims of Browser updates, plug-ins, add-ons, and extensions.

3. Tracking On Every Action in the System

PIMSY requires a unique log-in and password for every user, meaning that it puts an identification stamp on everyone who logs into the system. PIMSY can tell management who did what, when, and where. This extra level of tracking safeguards against HIPAA breaches. Good luck doing that with paper charts, or with an EHR that doesn’t provide that level of security.

4. No Data Disposal NeededPIMSY-helps-keep-you-HIPAA-compliant

While other systems might require an extensive protocol to purge old records, PIMSY eliminates the need for data disposal and safeguards data remants, because there is no data at rest; and nothing is stored locally.

5. Security Profiles

Using PIMSY’s security profiles, you can determine exactly what each of your staff members has the ability to see and do within the program. In addition to system-wide general security measures, PIMSY profiles allow you to set additional, detailed limits for each of your employees or contract workers.

Therapists can only see records for the clients assigned to them. In addition, you have total control over every function the clinician can perform and every piece of information they can view. To make it even easier, our Training & Support Team walks you through each step of this process and shows you how to efficiently set the security profiles to your desired settings.

6. Secure, Trackable Paperless Notes

In PIMSY, you can set a variety of specifics for notes: you can require that notes are started – or completed – within a certain time frame.  You can specify that a note can’t be released if it’s using an expired authorization.  You can set bill code specific parameters that control how many characters are required on each line and how many lines are required for each 15 minutes of service.

PIMSY can also be set to require a supervisor to review the note for release, if you have therapists that are under supervision or you simply want to see occurrences.  You can even run a report to review how many times in a year a therapist is late with their notes and why.

7. Complete Authorization Management

As notes are released, PIMSY automatically decrements the appropriate number of authorizations from the remaining units on the referenced bill code. As units on the different authorizations near or reach expiration, PIMSY sends alerts to the appropriate staff. Finally, when authorizations have expired or been exhausted, PIMSY will deactivate them, making them unusable and thereby reducing denials.

Keep in mind that these additional security methods are optional!

You can turn them on and off as desired, and we teach you how to maintain the level of control you want, even if that changes over time. That’s one of the many highlights of PIMSY: it’s customizable, flexible, and grows with your agency!


How Can PIMSY Help Keep Your Agency Compliant?

PIMSY adheres to not only HIPAA protocols, but also to 42 CFR Part 2. Contact us for more information about how PIMSY can save time, reduce cost, increase profitability, and help keep your agency compliant: 877.334.8512, ext 1 ||


Leigh-Ann Renz

Leigh-Ann Renz

Leigh-Ann Renz is the Marketing & Business Development Director of PIMSY EHR. For more information about electronic solutions for your practice, check out Mental Health EHR.

Author: pehradmin

Feeling forced into a new EHR and the deadline is looming?

All EHRs are not the same. It’s critical to find the one that fits the unique needs of your organization. Find out why people choose PIMSY.