Absolutely Not. That is against HIPAA and will cause confidentiality breaches, nm
Posted By: ICMT on 2005-10-06
In Reply to: question about computer usage...sm - justme
x
Complete Discussion Below:  marks the location of current message within thread
The messages you are viewing
are archived/old.
To view latest messages and participate in discussions, select
the boards given in left menu
Other related messages found in our database
What about EMR and confidentiality? sm
Have a bad neighbor who is a CNA (the worst-behaved person, drinks, yells, swears all day) and she now has access to medical records at a hospital. Someone was in the hospital anonymously but she proudly announced she "found" them and what was wrong with them, etc. How are we going to prevent people working in hospitals or nursing homes, etc., from accessing ours or our loved ones medical records? I see one heck of a mess here! My doc went EMR and now I am very careful what I say to him, some things I should tell him, I do not because I don't want it read by the whole neighborhood. What's your opinion on this?
Ever hear of confidentiality? nm
nm
PS to confidentiality breach
I should have said they "had" their confidentiality breached by others. The hospital was very apologetic of this and does not know who did it but called in federal investigators to find the source of the poster on the website.
security, confidentiality, etc...
I also have a home computer and all the same programs on a laptop to use when I travel. It's no different than my home computer. When I type at home, I am typing in my living room with my husband and son moving all around me. (We're remodeling right now.) They respect that what I am typing is no one's business and they have never even offered to look or ask what's going on. Furthermore, this is a family computer, not provided by work. They are on the computer quite alot when I'm not. The program in which I transcribe is password protected and the information on patients is not stored locally, but on a server 1000 miles from here. That's about as secure as you can get. Then, that is not to mention that I have a wireless network here at home, as well as when I travel. With a password and a good firewall, security is just not an issue. Also, see the post from Just Me a few down, about networks. She is correct. (I also have worked in IT for many years.) Hotels ARE secure networks with original passwords. The last one I worked in had to give me a new password daily. Working at McDonald's or an Internet Cafe is what wouldn't be safe.
As for the laptop... like I said for my main job, no patient information is stored on my hard drive, but at a server away from me. I have a local account also, and once I do the work and send it in, it is deleted. I personally don't see the concern. There's not any point when I'm traveling that I have patient data stored on the laptop. The only way anyone could get patient information off of it is if they bust in the door while I'm working and jerk it from me mid-note.
Patient confidentiality
I remember when I first started out in MT in a hospital part of medical records confidentiality agreement was that we only had access to records on an as needed basis and were not to be talking to anyone about the things we transcribed even if it was a relative, family member, etc. That was gee now close to 10 years ago.
I know like others on the board, it would be nice to know what EMR will mean for all of us. If we are to be out of jobs, I would sure like to know now so that I can start planning financially. Also, as I have been searching for more information on implementation of EMRs, the more I get concerned myself about my personal information possibly being spread. Given my still rather young age of 31 and having no medical conditions requiring medical attention/medication, it really makes me wonder if I may want to look more into alternative medical care or a private physician who has alternative medicine in addition to medicine as we currently know it.
Confidentiality Agreement
Does anyone have a generic confidentiality agreement that they use for their clients. I have new doc, and I don't have any agreement in my file. I have signed theirs, but do not have one to offer the new doc. Anybody have one or know where I can find one? Thanks so much.
Confidentiality Agreement
There was an Agreement of Confidentialty that was posted on 05/20/09 by DeeAnn. that was really good. Hope this helps.
I have never signed a confidentiality notice that says
I can't mention what account I type on - I know they always say not to contact that place or try to get a job with them, etc., and I don't see the big deal either. I can't see why a company would care if someone knows what hospital you type for. I guess some places are just different, but seeing as how I assume she hasn't signed anything since she just accepted the job, I really don't see how they could not hire her because she mentioned that, not knowing that they didn't want her to. That's just my opinion though.
Hospital confidentiality breach in RI.
A hospital in Rhode Island breached patient information of over 2000. Federal investigation underway. Patient's names, SS#, telephone, etc., put out for all to see and caught by a patient who "googled" her own name. They say it was only face sheet info and hospital offered to pay for credit check or credit fraud alert. (Which is free by the way!) So please be careful who you get involved with. I don't believe it was medical transcription or medical records since it was face sheet information but believe me, all subcontractors to this hospital are now on alert and you should be as well. It's out there! The scum bags who post info are at it again. They also had a scandal at a RI supermarket chain where the credit card swiping machines were altered by crooks who are being charged with federal crimes, two would keep the cashiers busy while another would alter the card swiping machine, put it back to collect information, then come in again, take out the swiping info and people as far away as California were charging to these poor innocent people in RI whose cards were swiped while doing their weekly shopping. So don't think your information is safe anywhere. These stories can be confirmed by the local newspaper in RI, "The Providence Journal" at their website, "projo.com". Check it out!!
You should have signed a confidentiality agreement which allows you to type this unless-
you do not feel comfortable typing it, in which case I would ask my supe to reassign it.
The buck stops with you (all of us). What confidentiality means is
that you/me, the MT, do not discuss the name and contents of a report with anyone outside the immediate realm of responsibility and only within a professional context.
If you feel really uncomfortable with doing it and have the option of sending it back for someone else to do, that acceptable but not entirely necessary.
If you *have* to do a report on someone you know, do it, and put it out of your mind. If you see that person, you cannot discuss anything about it with them, even if they ask. The onus is upon us to keep.our.mouths.shut. That is all that confidentiality entails.
Email and IP Address Confidentiality -- ALL READ
It is important that each reader and poster understand the safety of their information on MTStars:
Email Addresses
Email addresses should never be typed into a post in any way. The email address you validate to have posting privileges is never given or sold to any individual, group, company or association.
You may receive emails to that address from others using the Reply By Email option on one of your posts. If you receive an email through the MTStars board, it will provide the URL to the post it is referencing. Your email address is still not exposed at this point. The person sending an email does not see your email address but has simply filled in an online form to send you the email. If you choose to reply to the email sent to you, then you have actively chosen to expose your email address to the person emailing you.
MTStars does not recommend that you respond to any unsolicited email unless you are certain of the validity of the sender. Anyone can send you an email through the Reply By Email option on any post you make. It will go to the email address you used to validate that post.
IP Addresses
Your IP address is private and confidential. It is never given or sold to any individual, group, company or association.
Depending on the email agent you use, if you respond to an email sent to you (or if you send an email to someone outside of the MTStars board at any time), your IP address may be traceable through your email.
Can companies or individuals find out your identity?
Yes. Not through exposure of your information (email or IP address) but through recognizing situations you describe or other information provided by you when you post. It is deductive reasoning. If YOU provide enough information, you may be effectively “signing” your post. This is true on any board, whether open publicly or not. Even private boards cannot guarantee who their membership really is.
Do companies and associations read MTStars?
Yes. Anyone can read MTStars. Information posted is searchable on the Internet. Even a private board can be read by anyone who registers as a member.
Making claims that MTStars provides, gives, exposes or sells your email address or IP address is a libelous claim and will not be tolerated.
If you have any questions, please contact the Administrator or Moderator directly.
when you work for a national, you sign a confidentiality agreement...?
the same rules would apply, and you must have signed a confidentiality agreement with whomever you work for. you can be fired, if breached.
my opinion, as a professional, you transcribe it and mums the word...
when I worked in a hospital, someone was caught 'sharing' information about the CEO from a transcription report, and was fired on the spot.
It's a written rule in some companies confidentiality agreement.
I know my company has it as a written rule so it just is not good business. I would think an MT would know this
IMO, you violated a patient's confidentiality by even posting about this - that you transcribed t
I know you didn't give any personal info, but even mentioning this in a public forum on the "world wide web" - I don't know, I would consider that a violation of medical record confidentiality. I know some may post a sentence or a blooper or something, but this is probably something I would have kept to myself... I am sure you thought what an interesting coincidence when you show the show, but my opinion is you should have kept it to yourself, and if I was the transcription supervisor at your hospital and I found out you had posted on this.... well I would think that would be reason for discipline. No offense meant, just my opinion.
Absolutely, I absolutely love my job and
x
That is against HIPAA
x
What about HIPAA?
 Our hospital is adamant about no accounts going offshore. Not only because of quality, but also privacy, lawsuits, etc. ESPECIALLY after what happened a couple years ago between UCSF Hospital and sub-sub-contractor in India. (MT there who got gypped in pay held accounts for "ransom".)
HIPAA
Some in the office I work in said there are HIPAA rules that apply to transcription, such as font size, etc. Does anyone know about this and where I can get more information.
Thanks
HIPAA and cc - what to do? sm
If doctor wants carbon copy sent, I'm told it's a violation of HIPAA rules. Please tell me where I can find this on the Internet. Thanks.
Why would that be against HIPAA?
I have to save my files at least through the invoice period anyway. Why would it be against HIPAA to run them through IT?
I'm not the OP, but yes, there is a HIPAA (sm)
violation if you keep copies of patient reports on your hard disks in a form where the patient is identifiable.
What I do to make my normals and IT glossaries is cut/paste a copy of the body of each report, with no info to identify the patient, into wordpad and save under the dictator's name (such as jones hysterectomy, smith HP, etc).
HIPAA
There is nothing in HIPAA that says this information cannot be in the record. What it says is that IF you need to de-identify the information for any reason, all of those things must be removed. Probably not the best policy to have but not a HIPAA violation.
HIPAA
I was recently hired as an employee at a doctors office and we have been discussing taking my MT work home. It is all on hard copy except for occasional e-mails I need to send to the office to download. What do I need to be doing to comply with HIPAA?
HIPAA req.
I use encrypted e-mail through CryptoHeaven, cryptoheaven.com. They have a bunch of different packages and well priced. All work must be kept confidential and protected as much as possible (lock box for saved work on CDs). I keep all patient lists only to type and then they are shredded. Make sure if you are faxing pt lists back and forth, you are using a front fax cover sheet with a statement on it regarding confidentiality, etc. (your doctor's office probably uses this when sending stuff from their office). I also have the ability to lock my office when there are parties, etc. at the house just to be on the safe side.
It's HIPAA............nm
nm
I don't know about HIPAA.... sm
But I wonder why they were asking you all those questions? The only thing I remember when enrolling my son was making sure his shots were up to date. Of course, we are talking a long time ago!
I don't understand why a kindergarten would need such a thorough medical history on their students. HIPAA or not, it sounds like invasion of privacy to me.
It's HIPAA
It's HIPAA, not HIPPA, and the provisions are only enforceable within the US.
There are free HIPAA courses online; you don't have to become certified, just become familiar with it so your work area, computer, etc. are compliant. Should be mandatory learning for all MTs.
it's HIPAA, not HIPPA. nm
x
HIPAA Compliance ?
Does anyone have any knowledge about a US MT typing from home and any HIPAA compliance violations if this MT also types from a 2nd residence in a different state for part of the year?
HIPAA response
HIPAA has more to do with the confidentiality of a patient's information. It has nothing to do with what residence you transcribe from, as long as you maintain the confidentiality of the patient's information. The company you work for may have some sort of requirement that you notify them if you'll be working from a location other than the location that they have on record for you.
Is it HIPAA compliant?
That certainly does sound like a great solution! You are right, I would probably want them to zip their files anyway since I have only dial-up available to me at home and would need it at a CG if I ever get to that point in my life.
Thank you for your feedback. It is sincerely appreciated.
HIPAA rules
A lot of the national transcription services have many accounts where the hospitals/docs still want the name of the patient in the body of the report and do not want "the patient" in the body of the report. So the facilities still respect what the doctors want.
It's HIPAA and you pronounce it hip-uh.
l
By the waq, it should be brEAch of HIPAA. nm
nm
HIPAA at the Hosptial
Was at the hospital yesterday for some radiology testing. To summon me from the waiting area (full of other patients), the person who does the registrations used my first and LAST NAME! Bleah!
Then, after I was registered and back in the waiting area, another patient entered, sat beside me, and said "So, you're here for the same thing I am--I heard you mention it when you were being registered. I was in the next cubicle."
Shortly after this a different hospital employee summoned another patient from the waiting area using first AND LAST NAME! EEEK!
What on Earth ever happened to the HIPAA regulations? HIPAA applies to the hospital setting, right?
Any suggestions?
HIPAA is a joke
as long as these private records continue to travel overseas beyond the reach of the long arm of U.S. courts and law enforcement.
It's not a HIPAA violation for sure. Can you
have the account use digital recorders that are uploaded to your FTP site? Bypass the TASP entirely. Or if you are the only transcriptionist, you can use Bytescribe's E-shuttle. Check it out at bytescribe.com
Ack, misspelled HIPAA!
I really do know how to spell HIPAA correctly, except when I'm being an airhead, sheesh!
HIPAA and Outsourcing
How can outsourcing to an offshore company, where a patient's sensitive personal and medical information is concerned, be HIPAA complient? Shouldn't we as patients have the right to know if our medical info and personal data are being sent via the Internet to a foreign country? Shouldn't we as patients be asked to sign a release/agreement to such a practice, notifiying us of this? I have never asked my doctor/hospital if they outsourced to offshore companies...but I will now. Wonder if I'll get a truthful answer.
According to HIPAA, SS# are not to be on reports.
p
SSN is not a HIPAA issue here
HIPAA, health information, SSN is not health information, no way relates. SSN would be a schools way to verify date of birth and U.S. citizenship.
The joys of HIPAA
Or you could just activate a password-protected screen saver on the machine any time you needed to take a BR break and there was anyone with a 5-county radius of wherever your machine was. Even the hospitals do that. I have to laugh at HIPAA sometimes. They're so worried someone might find out someone else has hemorrhoids, when most of the violations actually prosecuted that I've seen have involved hospital employees who had a legitimate right to see the patient demographics but used their position to perpetrate identity theft. Hey, if somebody is dying of cancer, they might be dead before anyone notices the unauthorized spending spree.
HIPAA is a joke
Sorry, but I edit reports for a large department in a major medical center that are all transcribed, you guessed it, overseas. Names, medical record numbers, Social Security numbers, etc., etc., are ALL included. Nobody truly follows HIPAA where I work. I even had to bring a shredder in from home to shred patient info sheets sent to me from the doctors' offices. Not only that, but patient letters WITH identifying information are e-mailed back and forth all the time without encryption. Until HIPAA is actually enforced by anybody, I'm afraid nothing will ever change.
HIPAA compliance
I am thinking about trying to get my own accounts and am trying to plan for all types of scenarios. For various reasons, I am not able to pick up and drop off tapes. Obviously, digital would be the best way to go. However, if a doctor absolutely wanted to use tapes, would it be a HIPAA violation to ship the tapes certified (requiring signature) via USPS or UPS? What about the completed reports? I had two physicians in the past who refused to go digital and I ended up having to stop working for them because it was becoming increasingly difficult to pick up and drop off tapes. What are your thoughts? TIA. 
A DB does not violate HIPAA
Contrary to what you may have heard, the HIPAA regulations of 2003 address the medical transcription field only in passing. There is no extended discussion of the transcription field. On reading the entire thing, the (few) mentions of medical transcription appear almost as after-thoughts.
What those regulations state concerning medical transcription is that the Transcriptionist (or the MTSO) must take reasonable care (their terminology) in safeguarding the confidentiality of the records.
This has been interpreted by the leaders in the medical transcription field to mean:
1) The MT's computer is safeguarded so that unauthorized persons don't have access to her files.
2) Any electronic communication of those records is done in a secure fashion.
Now, I am fully aware that some MTSOs do not allow the completed report to remain on the MTs computer. That is their right. But to hear them state that such is a requirement of HIPAA is wrong. It is not. It is a requirement of THEIR implementation of HIPAA, not a requirement of HIPAA.
For an MT to have a database of the patients she transcribes is completely within HIPAA. However, she must ensure that others do not have access to her computer / files. That is HIPAA.
Merrry Christmas,
Vann Joe
Why surprised? Have said all along HIPAA is a
x
Violating HIPAA?
You're not serious are you? There is no HIPAA violation at the eye doctor. When you go to the eye doctor everyone knows you have bad eyes. Do you wear glasses? Are you hiding the fact that you can't see? Please! It isn't like sitting in a doctors office when no one knows what is wrong with you. You're a joke! Get a life! You're the reason everything costs so darn much. The rest of us have to pay the docs insurance because of morons like you. I cannot even believe you would post such nonsense.
Everything you wanted to know about HIPAA
See link below, & especially important are the "HIPAA Regulations & Standards" links.
Happy reading.
This is HIPAA compliant? nm
nm
opps sorry, HIPAA
Sorry
|
