HIPAA Compliant Medical Transcription

By: Ricci Mathew

What is HIPAA? It stands for The Health Insurance Portability and Accountability Act (HIPAA) of 1996. It is the standard for electronic exchange of sensitive patient data and protects patients from disclosure of their medical data without authorization. Who has developed these regulations? Well, it is The Department of Health and Human Services that has developed this series of privacy regulations known collectively as the Health Insurance Portability and Accountability Act of 1996 or HIPAA. HIPAA has many regulations for electronic transmission of sensitive patient data that define internal procedures that have to be followed for privacy and security. It has become mandatory for all medical transcription service providers to comply with all HIPAA requirements.

HIPAA regulations extend to all health care plans, health care providers who transmit health records in an electronic format, and health care clearinghouses and medical billing companies. What about the regulation for transcription service providers? Yes, these are the basic factors that HIPAA compliant medical transcription service providers must adhere to;

Ensure security of PHI (Patient Health Information) Maintain record of all those who access patient information Implement new technology/processes Provide physical security requiring password protection. The primary focus of the Act is to restrict the dissemination of patient health care information. What is actual patient data? Well, patient identifying information will includes such things as name, address, social security number, phone number, or any other information which could be used to identify an individual. Today most Medical transcription companies get their transcription done from transcriptionists who may be located elsewhere often outside the US. Transmission is done using the Internet. How safe is the Internet? HIPAA requires all online transmission of voicemails and e-mails be done only after encryption. Or one must use a secure FTP site to send documents. Whenever documents are faxed, a disclaimer statement explaining the confidential nature of the information has to be attached. Telephone dictations are however exempted from the need for encryption during transmission of patient data. What are the Penalties for Non-Compliance by covered entities? Who are covered entities? All health care plans, health care providers who transmit health records in an electronic format, and health care clearinghouses and billing companies. Those covered entities which fail to comply with the final regulations by the mandated compliance date may incur stiff penalties, including the payment of a fine. In certain cases, criminal charges may be brought against the non-compliant entity. Take a look at the full text of HIPAA at http://www.cms.hhs.gov/HIPAAGenInfo/Downloads/HIPAALaw.pdf