demographics are not the only info that is HIPAA protected
Posted By: dnh on 2009-05-04
In Reply to: I guess, as long as nobody takes a look at the demographics, it's o.k...nm - ****
Any info that could compromise a patient's privacy is protected. that includes any diagnostic information, tests, diagnoses, etc., and basically anything in that record.
Complete Discussion Below: marks the location of current message within thread
The messages you are viewing
are archived/old. To view latest messages and participate in discussions, select
the boards given in left menu
Other related messages found in our database
HIPAA only addresses PHI (protected health information) would is defined as anything that SM
specifically identifies the patient, i.e. name, MRN, SSN, account numbers, etc. As long as all identifying information is removed from a report, it poses no HIPAA violation to keep it on file. Furthermore, as an employee of the hospital in the medical transcription department and charged with peforming QA, I have legitimate reasons to access a patient's chart. HIPAA says so.
Go back and read your HIPAA laws again.
Your name is not protected information
At the hospital I work in we were told your address and name are not considered protected information. However your symptoms, diagnosis and treatment are. I am not so sure I agree with this but apparently the hospital here doesn't think this is a problem.
A few months ago I took my father to a larger hospital near us to have surgery. After waiting in the waiting room for 6 hours the nurses told us the surgery was over the the doctor would be out to see us soon. Assuming since there were several smaller rooms that we would be taken into one of those for the update, NOPE. Right in front of every patient and family members right in the middle of the waiting room. Thank god my dad didn't have a circumcision or something embarrassing. I found that quite strange coming from one of the best hospitals in the whole state of Missouri.
how do get rid of password protected -sm
computer. I had it so a password needed to be entered on my PC but would like to change that now. How do I do that? Thanks.
Computer is now password protected...sm
Thanks for the advice! I wish I could get a little better control of him - I have also told him computer = $$$. He just feels he has to fix everything for some reason - ARGH!!!!!! Oh well, the password should keep him off of my stuff - I wish it would be that easy for other things around the house!
Password-protected FTP sites are . . .
HIPAA compliant. Are there any that do not require a password? I have never encountered one.
Unions protected workers from exploitation
It seems me that had the unions had a watch dog group, abuse of that system would not have occurred. And there was abuse. A small percentage of people always seem to look for loop holes and then milk something good as long as they can until they ruin it for everybody.
But please, unions are good. If there were unions in Calif for the field workers, conditions would be improved and these unemployed workers across America who have lost their jobs to outsourcing could actually make a decent living at them without work that puts you into a chiropractors' office in ten years.
Of course, the price of food would have to go up or perhaps all of those filthy rich ranch owners would, instead, have to take a cut in income (now there is a possible answer).
What diff does it make if it is one during the day or at night? Your computer should be protected
:+
Demographics in DQS
Do any of you have problems with bringing up info for the ADT screen? I was told that I could play detective and bring up lists of patients to find the right one but usually I just get the message that there is no one by that name in the records. It's hard to believe there is no one with the last name of Wendell or Harvey or Weinstein, for example. If the med rec number is wrong and you bring up the wrong name, that is the name you will continue to get no matter what names you try. I'm just curious about this. It isn't a huge problem since I just pass the buck.
demographics- if you want to try a
different name, clear the whole demographic field (clear at bottom) and you can try whatever name you want, or just highlight the number and delete it
demographics
Demographics
.
Yes, and patient demographics.
I'm not going to compare myself to others, though. I've made a lot of progress, and that's all that counts. I've only been on this account for three months. Who's to say what I'll be able to do next year?
It's easy if all the demographics are
there. Some docs don't like it. One doc says, "this is not a very user-friendly system." You could hear the frustration in his voice. Another doc pulled out as a client...never to be heard of again. It's got its own Expander but not very reliable.
Files are emailed with password protected zip file attachments done in Word...(sm)
So I could use OE and send this way and ask for a reciept. I love that idea....
Usually the patient demographics is shaded
on the MT end because it is only used as a guide to make sure you have the correct patient demographics. But it should show up on the MTSO or client end in full. It seems a little strange that your MTSO doesn't know anything about it. Hopefully this isn't an employee of a national who is asking you to help out on his/her accounts and using his/her name or MT number.
I bet she doesn't have to deal with demographics, though, right?
nm
ExText - can it be set to not spellcheck demographics?
Every time I complete a report, spellchecker spellchecks the demographics section, which is not necessary. If you hit the wrong button, sometimes it will mess up the demographics on the report, although it doesn't tell you that you did anything wrong. Does anybody know if spellcheck can be set to only check the document and not the footer information?
Demographics/extra work
How many of you are being asked to do more demographic work and other extras in your job that do not apply to your line count? An email went out telling us that these areas "had to be filled in" because it caused too much work for the hospital if we didn't do it - but these demographics do not add to our line count - so I have a hard time understanding why we are to take 2-5 minutes in each report to do work that we are not paid for - for one report it doesn't seem like that much - but add it up to all that you do in a week - and well, that's a big pay decrease from where I stand. How many of you are dealing with this problem. It is probably not a new one - just new to me.
Good for her! In-house we used to get all the demographics--
Now I put in name, date dictated, time dictated, dictator ID#, billing #, copies (for which I- that is I, me, have to maintain the list and the #s), date transcribed, time transcribed, and work type and op or procedure date or service date (all three different fields--pick one depending on work type, which I have to maintain a list) -- God forbid they hire and pay a programmer, when the MT can do it as part of her duties and not get paid. We are being treated like dirt! I remember even 15 years ago, we would have had a cow if we had to imput this info ourselves! 15 YEARS AGO!!!!! My MTSO has PROMISED this for 2 years!! 2 YEARS! Keeps saying "if the hospital would pay for it." There is plenty of stuff that could be programmed on his end. I cry when I see an ad about what technology can do--the word processor (us) is being left totally behind. I feel like I'm on a Selectric with one of the letters missing, this makes me so slow. MTSOs--help out the poor woman! Most of the time. We need programming, too.
Emdat is only good if...A. Demographics load and B.
if you have a limited number of doctors who use a lot of repeats. I am lucky to make 100 lines an hours with the account I am on.
I guess, as long as nobody takes a look at the demographics, it's o.k...nm
nm
That is against HIPAA
x
What about HIPAA?
Our hospital is adamant about no accounts going offshore. Not only because of quality, but also privacy, lawsuits, etc. ESPECIALLY after what happened a couple years ago between UCSF Hospital and sub-sub-contractor in India. (MT there who got gypped in pay held accounts for "ransom".)
HIPAA
Some in the office I work in said there are HIPAA rules that apply to transcription, such as font size, etc. Does anyone know about this and where I can get more information.
Thanks
HIPAA and cc - what to do? sm
If doctor wants carbon copy sent, I'm told it's a violation of HIPAA rules. Please tell me where I can find this on the Internet. Thanks.
Why would that be against HIPAA?
I have to save my files at least through the invoice period anyway. Why would it be against HIPAA to run them through IT?
I'm not the OP, but yes, there is a HIPAA (sm)
violation if you keep copies of patient reports on your hard disks in a form where the patient is identifiable.
What I do to make my normals and IT glossaries is cut/paste a copy of the body of each report, with no info to identify the patient, into wordpad and save under the dictator's name (such as jones hysterectomy, smith HP, etc).
HIPAA
There is nothing in HIPAA that says this information cannot be in the record. What it says is that IF you need to de-identify the information for any reason, all of those things must be removed. Probably not the best policy to have but not a HIPAA violation.
HIPAA
I was recently hired as an employee at a doctors office and we have been discussing taking my MT work home. It is all on hard copy except for occasional e-mails I need to send to the office to download. What do I need to be doing to comply with HIPAA?
HIPAA req.
I use encrypted e-mail through CryptoHeaven, cryptoheaven.com. They have a bunch of different packages and well priced. All work must be kept confidential and protected as much as possible (lock box for saved work on CDs). I keep all patient lists only to type and then they are shredded. Make sure if you are faxing pt lists back and forth, you are using a front fax cover sheet with a statement on it regarding confidentiality, etc. (your doctor's office probably uses this when sending stuff from their office). I also have the ability to lock my office when there are parties, etc. at the house just to be on the safe side.
It's HIPAA............nm
nm
I don't know about HIPAA.... sm
But I wonder why they were asking you all those questions? The only thing I remember when enrolling my son was making sure his shots were up to date. Of course, we are talking a long time ago!
I don't understand why a kindergarten would need such a thorough medical history on their students. HIPAA or not, it sounds like invasion of privacy to me.
It's HIPAA
It's HIPAA, not HIPPA, and the provisions are only enforceable within the US.
There are free HIPAA courses online; you don't have to become certified, just become familiar with it so your work area, computer, etc. are compliant. Should be mandatory learning for all MTs.
it's HIPAA, not HIPPA. nm
x
HIPAA Compliance ?
Does anyone have any knowledge about a US MT typing from home and any HIPAA compliance violations if this MT also types from a 2nd residence in a different state for part of the year?
HIPAA response
HIPAA has more to do with the confidentiality of a patient's information. It has nothing to do with what residence you transcribe from, as long as you maintain the confidentiality of the patient's information. The company you work for may have some sort of requirement that you notify them if you'll be working from a location other than the location that they have on record for you.
Is it HIPAA compliant?
That certainly does sound like a great solution! You are right, I would probably want them to zip their files anyway since I have only dial-up available to me at home and would need it at a CG if I ever get to that point in my life.
Thank you for your feedback. It is sincerely appreciated.
HIPAA rules
A lot of the national transcription services have many accounts where the hospitals/docs still want the name of the patient in the body of the report and do not want "the patient" in the body of the report. So the facilities still respect what the doctors want.
It's HIPAA and you pronounce it hip-uh.
l
By the waq, it should be brEAch of HIPAA. nm
nm
HIPAA at the Hosptial
Was at the hospital yesterday for some radiology testing. To summon me from the waiting area (full of other patients), the person who does the registrations used my first and LAST NAME! Bleah!
Then, after I was registered and back in the waiting area, another patient entered, sat beside me, and said "So, you're here for the same thing I am--I heard you mention it when you were being registered. I was in the next cubicle."
Shortly after this a different hospital employee summoned another patient from the waiting area using first AND LAST NAME! EEEK!
What on Earth ever happened to the HIPAA regulations? HIPAA applies to the hospital setting, right?
Any suggestions?
HIPAA is a joke
as long as these private records continue to travel overseas beyond the reach of the long arm of U.S. courts and law enforcement.
It's not a HIPAA violation for sure. Can you
have the account use digital recorders that are uploaded to your FTP site? Bypass the TASP entirely. Or if you are the only transcriptionist, you can use Bytescribe's E-shuttle. Check it out at bytescribe.com
Ack, misspelled HIPAA!
I really do know how to spell HIPAA correctly, except when I'm being an airhead, sheesh!
HIPAA and Outsourcing
How can outsourcing to an offshore company, where a patient's sensitive personal and medical information is concerned, be HIPAA complient? Shouldn't we as patients have the right to know if our medical info and personal data are being sent via the Internet to a foreign country? Shouldn't we as patients be asked to sign a release/agreement to such a practice, notifiying us of this? I have never asked my doctor/hospital if they outsourced to offshore companies...but I will now. Wonder if I'll get a truthful answer.
According to HIPAA, SS# are not to be on reports.
p
SSN is not a HIPAA issue here
HIPAA, health information, SSN is not health information, no way relates. SSN would be a schools way to verify date of birth and U.S. citizenship.
The joys of HIPAA
Or you could just activate a password-protected screen saver on the machine any time you needed to take a BR break and there was anyone with a 5-county radius of wherever your machine was. Even the hospitals do that. I have to laugh at HIPAA sometimes. They're so worried someone might find out someone else has hemorrhoids, when most of the violations actually prosecuted that I've seen have involved hospital employees who had a legitimate right to see the patient demographics but used their position to perpetrate identity theft. Hey, if somebody is dying of cancer, they might be dead before anyone notices the unauthorized spending spree.
HIPAA is a joke
Sorry, but I edit reports for a large department in a major medical center that are all transcribed, you guessed it, overseas. Names, medical record numbers, Social Security numbers, etc., etc., are ALL included. Nobody truly follows HIPAA where I work. I even had to bring a shredder in from home to shred patient info sheets sent to me from the doctors' offices. Not only that, but patient letters WITH identifying information are e-mailed back and forth all the time without encryption. Until HIPAA is actually enforced by anybody, I'm afraid nothing will ever change.
HIPAA compliance
I am thinking about trying to get my own accounts and am trying to plan for all types of scenarios. For various reasons, I am not able to pick up and drop off tapes. Obviously, digital would be the best way to go. However, if a doctor absolutely wanted to use tapes, would it be a HIPAA violation to ship the tapes certified (requiring signature) via USPS or UPS? What about the completed reports? I had two physicians in the past who refused to go digital and I ended up having to stop working for them because it was becoming increasingly difficult to pick up and drop off tapes. What are your thoughts? TIA.
A DB does not violate HIPAA
Contrary to what you may have heard, the HIPAA regulations of 2003 address the medical transcription field only in passing. There is no extended discussion of the transcription field. On reading the entire thing, the (few) mentions of medical transcription appear almost as after-thoughts.
What those regulations state concerning medical transcription is that the Transcriptionist (or the MTSO) must take reasonable care (their terminology) in safeguarding the confidentiality of the records.
This has been interpreted by the leaders in the medical transcription field to mean:
1) The MT's computer is safeguarded so that unauthorized persons don't have access to her files. 2) Any electronic communication of those records is done in a secure fashion.
Now, I am fully aware that some MTSOs do not allow the completed report to remain on the MTs computer. That is their right. But to hear them state that such is a requirement of HIPAA is wrong. It is not. It is a requirement of THEIR implementation of HIPAA, not a requirement of HIPAA.
For an MT to have a database of the patients she transcribes is completely within HIPAA. However, she must ensure that others do not have access to her computer / files. That is HIPAA.
Merrry Christmas,
Vann Joe
|