If you're a medical transcriptionist who takes full advantage of your industry's perks by working from home and setting your own hours, you may hope to never return to an office for a traditional 9-to-5 job. Indeed, many transcriptionists can average $16 per hour or more while working from the comfort of their own homes. However, the strict regulations of the Health Insurance Portability and Affordability Act (HIPAA) can place a significant administrative burden on those responsible for keeping patient records at a home office. Read on to learn more about how you can keep private patient data secure and avoid potential fines or civil penalties under HIPAA.
What types of HIPAA violations may work-from-home transcriptionists be the most prone to committing?
As a transcriptionist with a home office, you likely process and store both paper and electronic patient data on a daily basis. Keeping these records confidential and inaccessible -- even from members of your family -- is key to avoiding HIPAA violations. Since you don't deal directly with patient care or billing, your greatest risk of a HIPAA violation lies in the medical records you spend your days transcribing.
Every inadvertent disclosure of private patient data could cost you $100 or more per violation, even if this disclosure doesn't result in any actual harm to the patient. For example, if you store certain confidential records on an unencrypted flash drive in your purse and your purse is stolen, you could be fined $100 for each individual record stored on the flash drive. This is the case even if the thief immediately throws this flash drive away or destroys it without accessing the confidential data.
Another relatively common HIPAA violation for medical transcriptionists can take place during a household move. Depending upon the requirements of your parent company, you could be asked to keep years' worth of paper records before destroying them in accordance with your employer's retention schedule. If a box of these records goes missing during a move (even if it's only thrown away), you could find yourself liable for thousands of dollars in HIPAA fines and fees.
What are the best ways to avoid potential HIPAA violations when in control of private patient data at home?
While it can seem overwhelming to be responsible for ensuring the security of thousands of patient records located within your home, there are some simple steps you can take to stay on top of your HIPAA obligations and help protect yourself from any potential liability.
If you're currently relying on an underpowered office shredder to dispose of paper patient records once you've transcribed this information to an electronic form, you could be leaving certain information vulnerable. Depending upon the width of the shredder blades and the size of the font on the documents shredded, portions of Social Security numbers or other identifying information could remain visible. It may also be harder to motivate yourself to shred thick patient files when you know you'll only be able to feed a few sheets of paper through the shredder at a time, leaving you with boxes of old records to dispose of at a snail's pace.
By entering into a contract with a professional shredding company, such as Vital Records Control, you'll be able to schedule regular pickups of your old records and have these records securely shredded and incinerated. In addition to the convenience of simply handing over your records for disposal (and the regular reminder to de-clutter your work storage space) you'll also have a clear "chain of custody" for these records, ensuring that any release of patient data can't be traced back to you.