HIPAA and Confidentiality: Proper Security Measures for MTs
Your Security Responsibilities as an MT/HDS: HIPAA and Confidentiality
We deal a lot with the importance of confidentiality in the Professional Issues portion of our Medical Transcription/Healthcare Documentation course. More and more hospitals and practices in Canada and the US are adopting Electronic Health Records, but hackers are finding weaknesses in their networks and are stealing patient data. It seemed like a great time to remind students and MT/HDSs about their duty to treat the information they transcribe with the utmost care and discretion.
The HIPAA (Health Insurance Portability and Accountability Act of 1996) Privacy Rule was established to protect an individual’s medical record and personal health information, while the information is being distributed to necessary medical professionals in order to facilitate a high quality of health care. The Rule provides a balance that allows the necessary use of patient information while protecting the privacy of the person seeking care.
Now folks, remember, that’s HIPAA, not HIPPA or HIPPO or any other animal. Since so many people do spell the acronym wrong, blog.hipaa.com decided to make light of the misused form of the acronym in their latest meme:
Now, back to the serious stuff. As a medical transcription/healthcare documentation specialist, you must always remember that the medical record is a legal document. When you are transcribing these sensitive documents, you must do so with complete confidentiality. Each medical record MUST remain absolutely confidential. The information in each of these documents is based on a confidential relationship between the physician and the patient. As a medical transcription/healthcare documentation specialist, it is very important that you take the security of the patient record seriously. Failing to do so could result in termination of employment and even possible legal recourse.
Below are some HIPAA and confidentiality compliance guidelines, tips, and information for medical transcription/healthcare documentation specialist:
Ensure that a proper confidentiality agreement exists between you and your employer.
As an at-home MT/HDS, ensure that your office space and computer are secure. If possible, have a separate computer for work.
Make sure that your workstation is protected by a password.
Ensure that you adjust your settings so that your transcription platform will auto-shutdown after 15 minutes of inactivity. If you are going to be away for more than 5 minutes, log off the platform.
Never leave confidential information on your computer while you leave your office.
Create strong passwords. Passwords with upper and lower case letters, numbers, and symbols are ideal.
If you are on a home wireless network, ensure that the connection is encrypted. Wireless signals can extend more than 300 feet from your wireless router. Therefore, neighbors can access your wireless network. People who can connect to your wireless network will be able to view files on your computer, monitor the websites you visit, read your email, and copy your user names and passwords as they move across your unprotected wireless home network.
Strictly no revealing of any patient details, sending voice or transcribed files, patient logs, or any such individually identifiable patient health information material through an instant messenger, as these could be intercepted.
If you are storing a copy of normal reports on your computer, remove any personally identifiable information in them. It should be just a normal report with no patient demographics contained in it.
A virus scanner with spyware protection and an up-to-date virus database is a must.
Do not write down any patient details on any papers or sticky notes on your table.
If a need exists to write down any patient information on paper, take due care to destroy the paper with no trace left behind at the end of the day.
Do not discuss any individually identifiable patient health information with friends or family members, in the public, with outsiders, or in front of outsiders (even over the phone).
Following these guidelines will ensure that the privileged information between doctor and patient remains that way.