Medical Transcription and HIPAA – Where should you be now



The HITECH Act was effective last month, and now medical transcriptionists had implemented steps for compliance. This article will give some highlights where you should be at this time. If you are not there yet, now is the time to get it done because it means you are out of compliance.

This list includes those who are independent contractors and / or business owners. Keep in mind that an independent contractor is a business owner, so if you have an IC with one company, these rules still apply to you if you deal directly with the covered entities. However, if you contract with Medical Transcription services, then you are probably a subcontractor to them. While you still need to follow the rules, it is a tad different to what you are required by law to have in place

By now, you should have :.

  • Bent both privacy and security officer for your business (this can be the same person, although it does not have to be).
  • Performed formal risk analysis on your systems, both for privacy and security.
  • series of formal written policies and procedures for all things related to privacy and security rules. Within the security policy, you must at least take each point in the procurement even if you do not start them. When something is not done, the deal it will have to show why it was not fair for you to do it. In that argument, you also have to show why the choice would not function.
  • outline a strategy for disaster recovery and access to information in the event of a disaster.
  • The training of both the privacy and security of your staff (and safety training needs to be done annually, which should also be described in the regulations).
  • Updated colleague agreements to add new language that needs to change in the rules

And that’s just the start of the list! If you have not started this yet, now is the time to make it. Be sure you learn now what you have to do what you do not have to be not consistent. The law now requires the review to be done to be sure they are compatible and you do not want to be the one who gets audited and is considered to have completely ignored the new rule.


Leave a Reply

Your email address will not be published. Required fields are marked *