HIPAA Privacy and Security Rules for Medical Transcription

Views: 1081

ARTICLE

The Health Information Technology for Economic and Clinical Health Act (HITECH) provides specific guidance and penalties for providers and vendors of health information.

Sponsored Links

Earn Free Cash
Get Paid To Take Free Online Surveys.
www.Survey4Profit.com

The Health Information Technology for Economic and Clinical Health Act (HITECH) provides specific guidance and penalties for providers and vendors of health information. It became law as part of the American Recovery and Reinvestment Act of 2009, which expanded and clarified HIPAA rules while increasing the penalties for nonconformity. These rules effect where, under what circumstances, and whom can provide transcriptionists services.

The policies contained in the HITECH Act are relevant and must be understood by both the provider of the outsourced medical transcriptions and the medical transcriptionist company. It has a direct impact on the way they will need to do business. Part of the act includes provisions that impose a higher standard of care on the part of outsourced service providers than was previously provided for by HIPAA. This is due to the increased risk of a security breach by someone performing medical dictation from home or off shore.

Outsourced vendors have the same responsibility as the provider to ensure the protection of personal health information. Both are subject to the same criminal and civil penalties under the HITECH Act. This extended even to subcontractors who will be held to the same standard of care.

The U.S. Department of Health and Human Services is responsible for investigating any suspect or known breach, and they conduct compliance audits. Companies are required to have a written policy that details procedures as well as their risk assessment information. All breaches of unencrypted personal health information require disclosure. Cases involving more than 500 people must be disclosed to the media. Civil penalties range from $100 to $50,000 for non intentional breaches. When data selling or otherwise intentional abuse is evident the fines can reach $250,000 and jail time.

Since foreign companies are not subject to this law companies that contract with them must have contracts that are very clear. They need to contain HIPAA protection clauses in order to be enforceable. A compliance officer should oversee the process and conduct risk assessments. There must be a clear procedure in place if a breach does happen. This needs to include who must be notified, which will be determined by both Federal and State law.

To protect personal health information, all data and voice files must be encrypted at all times. Files should be stored on a secure U.S. server that is accessed through a VPN, not the internet. Keep a clear audit trail on who has access what data and what their right to access the medi file was. Lastly, a disaster recovery plan and test is needed to prevent and prepare for severe problems.

All people that are involved in the handling of medical transcriptions need to understand what is needed to remain compliant. To stay in business it is necessary that there by a strict system of policies and procedures in place.

ARTICLE RESOURCE: This article was written by Larry Edward who follows medical workflow trends. He invites you to consider
Oracle Transcription www.oracletranscription.com which provides the most advanced digital dictation services with the highly experienced medical transcriptionists who are exclusively 100% American-based .

Syndicate This Article: [HTML (copy & paste)]

<h1>HIPAA Privacy and Security Rules for Medical Transcription</h1> 
The Health Information Technology for Economic and Clinical Health Act (HITECH) provides specific guidance and penalties for providers and vendors of health information.
The Health Information Technology for Economic and Clinical Health Act (HITECH) provides specific guidance and penalties for providers and vendors of health information.  It became law as part of the American Recovery and Reinvestment Act of 2009, which expanded and clarified HIPAA rules while increasing the penalties for nonconformity. These rules effect where, under what circumstances, and whom can provide transcriptionists services. The policies contained in the HITECH Act are relevant and must be understood by both the provider of the outsourced medical transcriptions and the medical transcriptionist company. It has a direct impact on the way they will need to do business. Part of the act includes provisions that impose a higher standard of care on the part of outsourced service providers than was previously provided for by HIPAA. This is due to the increased risk of a security breach by someone performing medical dictation from home or off shore. <a href="http://www.oracletranscription.com/" target="_blank" rel="nofollow" >Outsourced vendors</a> have the same responsibility as the provider to ensure the protection of personal health information. Both are subject to the same criminal and civil penalties under the HITECH Act. This extended even to subcontractors who will be held to the same standard of care. The U.S. Department of Health and Human Services is responsible for investigating any suspect or known breach, and they conduct compliance audits. Companies are required to have a written policy that details procedures as well as their risk assessment information. All breaches of unencrypted personal health information require disclosure. Cases involving more than 500 people must be disclosed to the media. Civil penalties range from $100 to $50,000 for non intentional breaches. When data selling or otherwise intentional abuse is evident the fines can reach $250,000 and jail time. Since foreign companies are not subject to this law companies that contract with them must have contracts that are very clear. They need to contain HIPAA protection clauses in order to be enforceable. A compliance officer should oversee the process and conduct risk assessments. There must be a clear procedure in place if a breach does happen. This needs to include who must be notified, which will be determined by both Federal and State law. To protect personal health information, all data and voice files must be encrypted at all times. Files should be stored on a <a href="http://www.oracletranscription.com/medical-transcription-services/digital-dictation.html" target="_blank" rel="nofollow" >secure U.S. server</a> that is accessed through a VPN, not the internet. Keep a clear audit trail on who has access what data and what their right to access the medi file was. Lastly, a disaster recovery plan and test is needed to prevent and prepare for severe problems. All people that are involved in the handling of medical transcriptions need to understand what is needed to remain compliant. To stay in business it is necessary that there by a strict system of policies and procedures in place. This article was written by Larry Edward who follows medical workflow trends. He invites you to consider 
 <a href="http://www.oracletranscription.com" rel="nofollow" target="_blank" >Oracle Transcription </a> www.oracletranscription.com which provides the most advanced digital dictation services with the highly experienced medical transcriptionists who are <a href="http://www.oracletranscription.com/medical-transcription-services/digital-dictation.html" rel="nofollow" target="_blank" >exclusively 100% American-based </a>. 
Article Source: <a
href="http://articlenoodle.com">Article Noodle</a>

Rate this article!

Report Article

( 0 Votes )

Article Noodle

HIPAA Privacy and Security Rules for Medical Transcription

Add comment

Navigate

Article Categories

Related Ads

Related Articles

Noodle Blog

Tags

Most Read Law Related Articles

Most Recent Law Articles