The HIPAA Privacy Rule...(sm)
Posted By: Brian on 2007-08-22
In Reply to: Please cite the HIPAA rule. Thanks - Eve
...requires a covered entity to make "reasonable efforts to limit use, disclosure of, and requests for PHI to the minimum necessary to accomplish the intended purpose." The only AHA-approved HIPAA training program, HIPAA Academy, specifically states in its training materials that HIPAA intends that personal information be limited to document headers unless absolutely required I will quote page 4-56:
"In practice, we expect the minimum-necessary requirement to lead to compartmentalization of the medical record so that one portion of the record (the body of the report) may be readily disclosed for one purpose without compromising the privacy of the entire record."
By limiting PHI to headers, reports can easily be redacted of personal information; when the PHI is scattered throughout the reports, this information cannot be redacted.
Complete Discussion Below:  marks the location of current message within thread
The messages you are viewing
are archived/old.
To view latest messages and participate in discussions, select
the boards given in left menu
Other related messages found in our database
HIPAA Privacy Rule
http://www.aafp.org/fpm/20021100/35theh.html
Guide for HIPAA PRivacy Rule
Covers for Stedman's books are designed by the graphic artist who works with them.
Get Steadman's Guid to the HIPAA Privacy Rule
:)
Stedman's Guide to the HIPAA Privacy Rule has one.
nm
Who designed the cover for Guide to HIPAA Privacy Rule published by Stedman's?
nm
Please cite the HIPAA rule. Thanks
x
all has to do with everyone's right to privacy--sm
and possible identity theft. We are not living *back before politically correct* any long and we need to protect ourselves in ALL areas of our lives, including the privacy of our medical records. Your grandparents' medical records and information are not yours to give away. That is up to them. Perhaps they do not want your child's school knowing all of their information. What if someone at that school happened to know those grandparents, found out about their medical history, and started blabbing it all over the place. This is what medical record privacy is for..to protect those that do not want it divulged to just anyone who asks for it. It may not bother you, but it bothers others, and that should be a protected right. This is just my take on privacy.
Enough with invasion of privacy
Its is all getting so frightening, the invasion by companies into peoples lives. I have worked at nine hospitals, two trans companies on-site, three trans companies at home and never have I had a background check OR drug screen. The policy for drug screening at the hospitals was if you seemed like you were under the influence your boss could request a drug screen but never happened to ME or any of my coworkers. Physical exam, sure I got those when I worked at the hospitals but they paid for the physical exam and they also covered me for insurance. The trans company I work for now does not provide medical coverage or life insurance coverage for statutory employees, so I dont see why they would be concerned about my health status. Lets face it, they are concerned with how much we can pound away each day and that is it. We get paid for what we produce. So under these circumstances, they dont need to be poking their nose IN my background, my urine or my physical body. If it is checking on my experience, well they already did that by talking to previous employers and coworkers and guess I passed the test, as I was hired.
I think they are violating your privacy
I'd check it out on the ALCU web site if you don't find anything regarding that there email them and ask about it... or Google in workplace privacy. I think they are way out of line when it is your personal computer and not theirs. If it's theirs they are within their rights
when privacy direct first came out.....sm
it only cost $2/month extra - today I think it costs $19.95 but to me it's worth it because #1 it cuts all telemarketer calls (and I have been on the Do Not Call list since that began) and I can also take my phone charges off my MTSO business at tax time......
call your phone company and ask them if they offer anything like Privacy Director. *S* 
Privacy question.
I do occasional IC work for a provider that I have known a while now. Today i did some work for her and found something that really bothers me. The physician dictates the patient's full name, street address and home phone number in addition to her DOB. Is that HIPPA compliant? I'm sorry folks but I really don't want my street address and phone number available across the internet even if it is "so called" secure. I would like your thoughts.
Privacy standards?
Who actually do you contact to report a breech of privacy standards in this business? I probably should know this by now, but I don't.
No you should not tell. I do believe it is a violation of privacy since you are doing the report.
The guy has to do what he has to do obviously to exist with his sorry self.
the problem is that this is a violation of privacy
Hope you don't think it is okay to have your family members looking in on your computer while you are working!!
Not to make light of pt privacy, but
I type on a 14 inch laptop screen that I must keep about 2 feet away from my face in order to see it. In the course of seeing my laptop, my less than petite frame obscures probably the middle 50% of the screen. On the screen, there are endless lines of text that would be rather meaningless to the average barrista/customer. The patient demographics are obtained via a link on the toolbar. A 'hotkey' is entered throughout the report where the patient name appears and in the preparing-to-send process, these are all replaced with the patient's name. The hospital I type for is 3000 miles away.
I can see where this might be problematic should someone with better vision than I manage to see around my hulking slumped body and see 25% of the text on the left and 25% of the text on the right and know enough about transcription to be able to fill in those rather large blanks on each line (and that doesn't even take into account that most laptops are made to be viewed head-on; side viewing, viewing from above, etc., distort the picture to make it all but illegible). I suppose this could still be problematic if this eagle-eyed contortionist with an intuitive knowledge of medical terminology and knowledge of random software programs to find that demographic button can psychically detect which hospital of the thousands in the country I am working on and happens to have a relative who lives in that very town ready, willing, and eager to spill the beans about Madame X's bunion. Yes, I can see where this is a danger. I guess I should thank my lucky stars that I have not run into either this fellow or chupicabra at my local coffee house.
It does violate privacy or employment laws.
I've posted about it before because there were MTSOs trashing MTs by name on some of the boards. My mother is an HR director, so she's told me what companies legally can and can't divulge about employees or former employees. Companies are not allowed to prevent people from securing employment, or slander/libel them. Personal opinions cannot cloud the reference. They can only confirm or deny the accuracy of certain items, such as employment dates, etc. I think the most judgmental question they can answer is, "Would you rehire this person?" Yes or no.
Correct about breach of privacy and its NOT too late
As others have stressed on this board, both here and under the politics board, you have a voice and have the opportunity to make it heard. I personally have been e-mailing my US and state elected officials at least once a week. At the Women for Democrats website one of their goals is to bring American jobs back to America. http://democrats.senate.gov/checklistforchange/checklist.cfm The credit card processor for my bank, Heartland, recently had a huge breach in their security system. Per our local State Police this theft is way up due to 2 factors (1) Once our private information leaves the US, those entities are NOT governed by US law and there is little they can do about it; (2) the economy as more people are now willing to buy that information. He said the same goes for our medical information. If you do a search for "medical identify theft", there are over 70,000 hits on that, mind you I did it in quotes, so most likely more without it. This was published Jan 2009, so recent, with many links at the end including a US Government report. http://www.fiercehealthit.com/story/report-hhs-must-lead-medical-identity-theft-fight/2009-01-26?utm_medium=rss&utm_source=rss&cmp-id=OTC-RSS-FHI0 In the years 2000-2004, I was one of the front runners fighting mortgage servicing fraud (very complex, see MSfraud.org) We were told then that there was "nothing to be done" - well a lot of victims of that fraud banded together and did make a BIG difference. We can too by getting our voices heard, working together as a team and following the many suggestions on this very informative forum at MT Stars.
HIPPA=Health Insurance Privacy and Portability Act
Yes, I saw the ad also and felt it was an insult to offer that line rate for what they wanted from an IC. I put the definition of what the initials HIPPA mean for your benefit.
It is not a breech of privacy to send unencrpyted email...
the healthcare provider , i.e. the doc, establishes the standards for protecting privacy of records. You (or your service) is the Business Associate who COMPLIES with whatever standards the doctor sets. Some docs send files by email, some want encryption. Hospitals, obviously, generally do more locking down on their stuff, as they are more open to lawsuits. All YOU have to do to be HIPAA compliant is to COMPLY witih the standards the doc sets. It is not up to you to set them. Also what you and everyone else forgets about HIPAA is it is a two part process. Not only does the patient's medical records have to be disclosed BUT the patient must also suffer a loss because of the disclosure. So even if your doc stands out on the street and tells passers-by about Mrs. So and So and her athlete's foot, unless she incurs a loss from that, it's not a HIPAA violation. Remember this whole thing came about because a pharmacy tech went home and told her high school son that another classmate's father was coming in for HIV drugs...get the picture? Something private was disclosed inappropriately and that's how the girl found out her father was HIV positive.
Work privacy - discussing one employee in hearing of another
I posted a question on the legal board because it is a legal question about workplace privacy and I thought somebody there might know, but please check it if you know anything about laws or agencies that protect worker privacy.
Don't think the worker privacy acts cover discussions such as this...
more likely they cover things like credit reports, evaluations, etc. It's rude to discuss in front of others, but not illegal...of course, in the US you can sue for anything.
It is against California Privacy Laws, and the patient can sue from what I read.
They (companies that outsource) are probably lining the pockets of the politicians!
Hospital fined for breach of octuplet mom's privacy
http://www.cnn.com/2009/US/05/15/octuplet.mom.hospital/index.html
LOS ANGELES, California (CNN) -- The hospital where a California woman gave birth to octuplets in January has been fined $250,000 by the state because nearly two dozen medical workers, including doctors, illegally viewed her medical records, according to state health officials.
![Nadya](http://i2.cdn.turner.com/cnn/2009/US/05/15/octuplet.mom.hospital/art.octuplets.gi.jpg")
Nadya Suleman was the subject of controversy after giving birth to octuplets in January.
Kaiser Permanente's Bellflower hospital, where Nadya Suleman's eight babies were born, revealed in March that 15 employees lost their jobs and eight others were disciplined for improperly accessing her computerized medical records.
There was no evidence that information from the medical files was leaked to the news media, which has intensely covered Suleman's story, according to Kathleen Billingsley, deputy director of the California Public Health Department's Center for Health Care Quality.
Six of the privacy breaches happened at other Kaiser Permanente facilities, which are linked into the same computer system housing medical records.
Suleman -- already a single mother with six children -- gave birth to octuplets conceived through in vitro fertilization, fueling controversy. News of her collecting public assistance for some of her children outraged many taxpayers.
maybe it's just a pure and simple invasion of privacy the poster feels they want to protect.
if you do your job, who cares if poster was released from prison. weren't companies hiring prisoners to do MT anyway and weren't they doing credit card customer service?
OpEd on Medical Records Privacy - Front Page of Yahoo
Thought this was interesting, as it pertains to us. On one hand, it could affect our ability to do our jobs at home. On the other, it could really crack down on medical information being sent to India.
--
http://news.yahoo.com/s/csm/yblevins
By Sue A. Blevins Tue Aug 26, 4:00 AM ET
Washington - How would you feel about your personal health information flowing freely over the Internet between public health officials, healthcare providers, insurance and data clearinghouse companies, and others – without your permission?
ADVERTISEMENT
If this doesn't sound like a good idea, it's time to become informed about federal health privacy law.
Today, when Americans visit a healthcare provider for services (including dental and eye exams), they receive a form with a title such as "Notification of Privacy Rights." Many assume that signing the form guarantees that personal information won't be shared with third parties. But the form offers no such guarantees. And neither does federal law.
In fact, the privacy rule established under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) legally permits healthcare providers to share patients' information with more than 600,000 health- and data-related entities – without a patient's consent. Yet the notification form doesn't clearly explain this.
Individuals control their information when they give consent; they don't with notification. When you sign a notification form, all you are doing is acknowledging its receipt. The HIPAA notification form offers no control over who sees your information and instead just tells you about some of the entities that can access your information, rather than asking for your permission.
Consequently, many physicians and other healthcare providers are urging Congress to strengthen privacy rights. They know firsthand that the HIPAA rule fails to ensure true confidentiality.
"...[T]he regulations under [HIPAA], which were intended to extend patient privacy as we moved from a paper-based system of medical records to a digital system, are a sham. HIPAA allows the routine release of personal health information without patient consent or knowledge, and even over a patient's objection…" stresses Dr. Janis G. Chester, president of the American Association of Practicing Psychiatrists.
As the ACLU put it, "HIPAA has so many medical privacy loopholes, it makes Swiss cheese look solid." The organization also points out that under existing federal regulations, the term "privacy" hasn't been well defined. The ACLU is urging Congress to define medical privacy as "patient control of electronic medical records."
Moreover, these organizations and others are lobbying for privacy amendments to key health Internet-technology (HIT) bills currently being considered in Congress.
Lack of privacy has serious consequences. It fosters making personal health information a commodity that businesses sell and trade in the marketplace, notes ACLU. Weak privacy rights also interfere with doctor-patient relationships. When drafting the HIPAA privacy rule, the US Department of Health and Human Services (HHS) noted that "Privacy violations reduce consumers' trust in the healthcare system and institutions that serve them." The ACLU noted recently that at least one third of Americans are not sharing their complete personal medical histories because they feel their privacy will be weakened in the name of efficiency. Additionally, without strong privacy rights, individuals can't take steps to adequately protect themselves from bad, lost, stolen, or misused data.
Meanwhile, more and more personal data is being collected during routine healthcare visits, including information about marital and sexual matters. A married woman (wedded for over 30 years) and mother of two adult children, said she was appalled when asked during a routine visit if she preferred men or women. She stressed that while she "has nothing to hide," she doesn't think it's anyone's business what her sexual preference is or when her first sexual encounter was (which is often asked during exams).
What's more, it is becoming easier to share healthcare information with just a click of a mouse. As HHS has noted, "Until recently, health information was recorded and maintained on paper and stored in the offices of community-based physicians, nurses, hospitals, and other healthcare professionals and institutions.... Today, however, more and more health care providers, plans, and others are utilizing electronic means of storing and transmitting health information…. In a matter of seconds, a person's most profoundly private information can be shared with hundreds, thousands, even millions of individuals and organizations at a time."
Do Americans really want the intimate details of their lives and families shared so easily without their consent? If not, they need to urge Congress to establish stronger privacy rights. Tinkering with HIPAA won't do it. That would just keep a lot of people busy rewriting regulations that don't guarantee privacy. Rather, Congress needs to pass a new law that defines "privacy" and upholds the precious ethic of consent. The new law should guarantee individuals' freedom to decide whether to be part of electronic medical-record and genetic databases for years to come.
• Sue A. Blevins is president of the Institute for Health Freedom in Washington.
You RULE!
What a win-win situation!
I wish the animal shelters took better care of our pets (since they are a part of the government and all). I don't know why those shelters smell so bad; the shelter in my county stinks so bad that you are constantly aware of it. Taking care of displaced or hurt animals should be a big part of their job, and they could take measures to ensure the animals don't get sick. I understand all about their being overworked, but then someone should report to the higher ups what is needed, and then there should be no problem meeting those needs.
In a neighboring county where I live, the public went toe-to-toe with the director over the animal division; demanding answers about the operations and procedures. (That director said he needed a new building, but the public thought the changes should be made in their operations and procedures.
When I want a dog, I always adopt (so far over the years I've adopted 2 beagles).
Nice post!
First rule of being an MT
That's what I was taught. Everyone is in the same boat and has to take the bad with the good. Refusing to do the hard stuff makes it worse for the other MTs on that account, and they will not appreciate it. Until the problem doctors go poof and disappear, nobody has the right to say they can shove all the bad jobs onto the next MT because THEY are here to make money (everyone is, and someone has to type it). And there is such a thing as Karma - one day you might log on to find ALL the work is the dictator you dread, because all the MTs that came on before you felt entitled to leave the crap work for YOU. You really won't make any money on that shift, as opposed to doing a few bad jobs each shift. So type them as you get them, like the rest of us.
If everyone got together and went to management about the problem guy, that's one thing (and yes, we all feel this way about at least one doctor). Deciding you don't have to do it because you don't want to is quite another, and often grounds for disciplinary action. Work is often just that, hard work, and with time and practice it becomes easier. Nobody promised you a rose garden, challenges are what this job entails.
MY first rule, before being MT. is I have to
x
The first rule of being self-employed is that
you set your own line rate. However, we all know that NONE of the MTSOs hiring IC MTs allow us to set our own rate. They "offer" a rate, and we accept if it's OK.
I worked for a real cheapo doctor when I first started out. He paid hourly and kept riding my backside to type faster because he only wanted to pay for the actual time dictated instead of the time it took to transcribe. More than once I told him that it takes an average of 3:1 typing to talking ratio to get it done. It worked out to be $.03 per line. I dropped him like a bad habit. He bounced through a few other transcriptionists who all quit on him before he wound up having to pay to outsource to a service.
as a general rule...
I use an "f" after any abbreviation that I want to expand. I just use the standard abbreviation plus f, so I do not forget what they are. My ShortHand is full of things like this.
ex: cbcf tcpf tshf
Works for me!
date rule
Thanks. My mind just blanked and I couldn't remember. It seems like it has changed so often over the years!
I have been an MT for 33 years and the rule has always been...sm
to use mg when preceeded by a number.
and there are so many exceptions to all those rule! lol
that's the english language for ya! I really don't know.
My rule for semicolons
is that if the two statements support each other and each statement could be a separate sentence, I use a semicolon. Example: He underwent an ultrasound in March 1999; AT THAT time he was noted to have BPH. The sentence you asked about should be done like 'NM'says: He underwent an ultrasound in March 1999, at which time he was noted to have BPH.
Thought that was already a rule
Hmm...I thought that that was already in effect, that no US Govt transcription contracts could go overseas/be outsourced - at least the V.A. has that standard in place...
I was always told as a general rule
it was double. Most of the time, however, I think it is slightly over that.
Rule Books and AAMT
AAMT sure brought this profession to the forefront. However, when they started publishing their own Bible (BOS) there are a lot of grammatical errors in there. Also, the styles they use are not accepted in this part of the country and will be considered "errors" by the client, hospital or clinician who do not want their reports set up in this manner. It is wrong to test people on a style that is not accepted in their part of the country. You are only forcing people to learn a "new style" which the facility in your area will consider completely wrong. Then the private company will comply with that particular hospital and change the set-up. Sadly, the person who took the test and did not use the BOS has a lousy score and is not considered for the job although s/he meets the set-up criteria for hospitals in the area where they live. Go figure, spend all that money for the book, or just test and get 100 per cent and then study the style of the facility who is paying for the work and then be 100 per cent right. Don't judge all tests by style, wait and see what the hospital is paying you wants for the style. You are putting the cart before the horse. Been in long enough to know that the BOS is absolutely not the "Bible" and the testing companies should take this into consideration. You could study this book until you're blind and then have to "unlearn" it to comply with the paying $$$ facility who is the ultimate "boss" of how the work will be turned in and accepted. Kabish? If I turn in a discharge summary in my local hospital according to the BOS style, I would be considered a total idiot. If I used the local hospital style for testing nationally, I would probably rate a 65% on what the hospital would consider 100% correct for style and grammar. Can't win.
It's the AAMT new BOS rule on numbers.
x
you two are the exception to the mommy rule(sm)
Most MT mommies got into this business solely for the purpose of staying at home and making a little extra cash on the side. They try to juggle the kids and MT and the diaper changes always come before that STAT report. And, yeah, I know what I'm talking about because I used to work in the hospital and that was always the way with the at-home mommy MTs. There was always an excuse as to why they couldn't do this or couldn't do that.
Well, my husband and I rule the menu here.
We're sure not going to let the kids do it, otherwise it would be pizza, tacos, and hot dogs daily and everyone would keel over from clogged arteries at the age of 30! Beside, like Kikki said, it's not good to let the kids call the shots. That's why the good Lord made parents! 
No one said the kids should rule the menu
But if you love your kids then you understand that they are people too, with their own tastebuds. Just because they might have a suggestion doesn't automatically make it JUNK. Just different.
Trust me, my kids know who the boss is. Geez!!!!!
My rule of thumb is a $100 minimum
Of course, closer relatives and friends receive more, but always at least $100 for graduations, wedding gifts, etc. when someone is an acquaintance.
General rule is 3-5% a year. sm
If you currently get 8 cpl, ask for a raise up to 8.25 or 8.5 cpl, that almost covers cost of living and inflation.
Generic numbers here to show the math based on the 8 cpl with the raises:
200 lph at 8.00 cpl = $16 hourly/$33,280 yearly
200 lph at 8.25 cpl = $16.50 hourly/$34,320 yearly
200 lph at 8.50 cpl = $17.00 hourly/$35,360 yearly
When you ask for a raise, provide them with verifiable data to prove you DESERVE a raise. Say you are 99% accurate, remind them. If you type 250 lph or more, remind them. If you work OT on days off, remind them. If you come at them with your homework done and good reason to give you more, they will be more apt to say yes. (I have never been turned down for a raise, once even got more than I actually was looking for because I didn't specify how much of a raise I was wanting.)
First rule of computers: Whenever anything goes wrong...
....reboot!
That will take care of about 95% of problems.
If you have two identical toolbars, then you may need to go to View, then Toolbars, and then Customize (way down at the bottom of the list). On the Toolbars tab, see what is checked.
If both Standard and Formatting are checked, this is where you may have your duplicate. Try unchecking either one of those and see if that puts your toolbar back the way you want it.
If that doesn't work, come back and we'll try again!
My company has a 2-minute rule
We are supposed to spend around 2 minutes looking for something. If we can't find anything, we blank it; my boss says that's what they pay their QA for.
I like your company...good rule/sm
Some places make you feel like if you don't search and search then you are inadequate. But I don't get paid to research, I get paid to type. I will research a reasonable amount of time and that is it.
OLD typing rule I have in my head, whether it is accurate I do not know, hence I said IF---nm
x
You are the exception, not the rule, when it comes to kids w/o fathers.
x
My family now has a hard and fast rule... (lm)
Nobody who is incapacitated/confused/at all unaware is EVER alone in the hospital.
Family comes from all over if we have to, but that's what you do. Family takes care of each other no matter the inconvenience, and having good friends, good neighbors, and a good church helps, too.
We learned that after my father suffered a head injury and was confused and combative and kept trying to get out of his bed, pull out his IV, etc. Someone from the family was with him most all of the time. Family only left when someone from the church or a friend or a neighbor came to stay. (The church had people sign up to come stay with him so that we could get a break, and neighbors would just show up and say "go get something to eat. NOW! ". God bless them all...)
Thank God, my father made an almost complete recovery. He has some personality changes and hearing loss, but nothing we all can't handle. I would NEVER leave a loved one alone in the hospital unless they were FULLY alert and oriented.
Rule of thumb - THERE'S NO FREE LUNCH
If you don't want to do much, don't expect to make much. That's just the way it is.
Rule of thumb in the NE is October & April when
the time changes. Daylight Savings starts in April and Standard Time in October. It always works for me. Change all the clocks and change all the batteries.
For those who haven't done so yet, though, better get changing. 
|
!["](http://i.cdn.turner.com/cnn/.element/img/2.0/mosaic/base_skins/baseplate/corner_wire_BL.gif"){kind=small}
