A community of 30,000 US Transcriptionist serving Medical Transcription Industry

HITECH - Home office - mtmt

Posted: Feb 11, 2010

I'm wondering where other people have their home offices/work computers? My desk is currently in a corner of the living room but it's not in the main living area, so to speak. It's kind of off in this nook area off the living room. My monitors face outside and not into the living room. I'm wondering if I'm going to have to figure out someplace else to put everything to be in compliance? I do have my computers password locked so no one else can get in them, and they are both company supplied computers and are only used by me. Just wondering if anyone else is stuck working in a common area of their home and if they're worried about it.

Not worried in the least. - tired

[ In Reply To ..]
My family could care less what is on that screen, and even if they cared, they can't understand half of it.

I refuse to panic about this. Do you really think someone is going to come into your home and inspect your work environment? (rhetorical question).

I work on a laptop. It is secure with firewalls and passwords out the ying yang; however, I work in whatever room I wish and where I am most comfortable that day in order to get my lines in.

Ignorance is surely not bliss - compliant MT

[ In Reply To ..]
http://www.gklaw.com/news.cfm?action=pub_detail&publication_id=840

That gives some of the legalese. If you are an IC, it will be up to you to provide to all of your clients, even if it's just 1, evidence that you are compliant with HITECH (an extension of HIPAA). It's actually part of HIPAA that mostly addresses where your workspace is to be located.

While the likelihood of someone coming to your home and demanding an inspection is critically low, you still want to be sure you are handling the PHI correctly. There should be NO PHI on your hard drive, even more so if you're using a laptop as it can more easily be stolen. When getting up from your workspace, you should exit out to password protection screens. In many instances, home MTs are to work in a room that can be locked, but if your computer is pwd protected, and you sign out each time you get up (to minimize risk of someone wandering by and seeing Minnie Mouse is a patient whether they care about her or her diagnosis or not), you should be okay.

Just blowing this stuff off with ignorant statements like I'm not worried in the least is about as UNprofessional as you can get and one of the primary reasons MT will NEVER become a respected profession in many instances, just a bunch of pajama-clad women (rhetorical statement not an accusation) with chillun's playing at their feet, who are just to incapable of realizing laws are laws even if you think they're stupid.

good information for all MTs; thanks. - n/m

[ In Reply To ..]
nm

Thanks... that helps - mtmt

[ In Reply To ..]
I work in two platforms in which I'm able to pull up samples, and I don't save anything on my hard drive. I am going to start signing out when I get up, even though nobody really goes walking around behind my desk. Just want to be on the safe side I guess. Your information helped. Thanks.

Exactly! You need to be diligent rather than worried - Linda Andrews

[ In Reply To ..]
I agree about not worrying. If you take the steps to protect the information on the monitor and in the computer, you don't have to worry. It isn't a matter of whether any neighbor or child might be interested in what's there, but if they have the ability to access that information. I've been in one doctor's office where the monitors were clearly visible to me as I signed in and out. I could see the information on the patient on the screen. I wasn't interested in that information, but the fact that I had access to it meant they were not treating our personal and confidential information with appropriate care.

Once you've made the right changes to protect the information in your care, you don't have to worry about it at all! You don't have to look over your shoulder thinking someone is coming after you because YOU have been proactive in doing the right thing. Nobody had to tell you to do it. If someone wants you to explain or demonstrate how your system works, you'll be proud to show them, not shaking in your boots.

Like I said, I'm not worried in the - least.

[ In Reply To ..]
I know that my computer and the information on it is protected. Period.

I don't have anything to worry about and I refuse to do what some MTs are doing and panic about it.

I am not UNprofessional by not worrying. I take care of MY business, which is why I'm NOT worried.

Have a good one.

The issue isn't "panic" - but compliance

[ In Reply To ..]
Putting aside for the moment the unfortunate suggestion in your post that it's acceptable to ignore a law as long as you think you won't get caught, it's not necessary to make the issue seem ridiculous by suggesting that the choice is one between compliance or "panic". The choice is whether or not to comply.

Incidentally, HITECH is not, as someone has suggested, part of HIPAA and it certainly does not address questions such as where computers should be located, etc. What HITECH does (among some other things that are irrelevant to this discussion) is to extend the civil and criminal liabilities that HIPAA imposes on covered entities under the Privacy and Security Rules to their business associates. Previously, contrary to what many thought to be the case, HIPAA was not applicable to business associates except in terms of obligations imposed on covered entities. There were gaping holes in HIPAA whereby NEITHER the covered entity NOR the business associate could be held responsible for certain kinds of unauthorized disclosures of PHI. HIPAA did NOT "pass through" to the business associate and at the same time HIPAA did not hold the covered entity responsible if the business associate disclosed PHI improperly. All the covered entity had to do was to "correct" the situation, and the only ultimate cure for a misbehaving business associate was to terminate the contract. Big whoop.

HITECH closes these loopholes to some degree.

First, business associate agreements are tightened with respect to the Privacy Rule, and...

Second, liability under HIPAA now attaches to the BA if they do not abide by the terms of the agreement, and...

Third, the Security Rule now applies directly (not through the BA agreement) to business associates.

Fourth, HITECH clarifies that both organizations and individuals may be held liable for improper disclosure of PHI.

HITECH also, by the way, imposes new obligations regarding notification and public disclosure of PHI security breeches more like those that have been imposed on credit card companies, banks, etc.

HIPAA has never specified or endorsed exactly what measures covered entities (and now business associates) are to take with respect to security. In that sense, HIPAA is "technology-agnostic". However, certain outcomes are required, and to achieve these there are "best practices" and "generally accepted" security measures that should be implemented as appropriate for a particular situation. Failure to use accepted security methods will result in much more severe legal sanctions under the Federal Sentencing Guidelines (if a criminal case is filed), or more severe civil sanctions/fines under HHS enforcement rules. In other words, bad things can happen no matter what you do, but the penalties will be much less if reasonable efforts have been made to comply with the law, as opposed to simply ignoring it.

One other thing. HIPAA has always recognized the fact that there can be "incidental" disclosures of PHI in the course of "normal operations". No one - covered entity or business associate - has ever been obliged to ensure that this will never happen. A physician can talk to his patient in the next bed...or a nurse can call out a patient's name in the waiting room...a fax can be misdirected...or a computer screen might inadvertently be turned so that someone catches a glimpse of it. The rule seems to turn on these questions:
1. How extensive is the disclosure?

2. Are the circumstances such that the individual who "receives" this information without authorization can "retain" it? A lot of debate is underway about what this means in the context, say, of a misdirected fax, but right now the general consensus is that a "warning" against misuse or unauthorized disclosure (we've all seen them) is still sufficient.

For the individual working at home, I am afraid that the question isn't whether you're an IC or not. Even if you're an employee, and even if your company still hasn't taken HITECH seriously enough to establish policies for you, it's the better part of wisdom to consider your specific risks and to take some extra precautions to minimize them as much as you reasonably can. Mostly, these are the same precautions you should take to protect your system and its contents anyway - such as turning the computer off when not in use, using the "locking" feature that activates a password-protected screensaver if you step away from the computer, keep your firewall properly configured and your antivirus software up to date, etc. If you go further and install a lock on your office door or an alarm system in your home, so much the better. But do take what steps you can, and by all means implement any specific measures that your MTSO might require.

It's also best if you don't use the same computer for work and personal purposes, but I realize that's difficult for some for reasons of cost. In that case, be extra cautious about not opening email attachments (yes, including the ones your friends pass along, because they can unwittingly be a conduit for a virus or worm!) And if other family members use the computer, be sure they have their own accounts on the computer and do not use yours. For children, install one of the many "nanny" applications and forbid them from installing or downloading any software, MP3s, etc. without your express permission...and then pay attention to what the monitoring software tells you they're doing!!

As far as a family member happening to glimpse something on your screen while you're working - that is something I would NOT obsess about.

That's something I wouldn't obsess about but would keep from happening - Agree with all but one comment

[ In Reply To ..]
You said, "As far as a family member happening to glimpse something on your screen while you're working - that is something I would NOT obsess about."

While I wouldn't obsess about it, I would take steps to make sure it doesn't happen. That's just being smart.

My office (sm) - Long time MT

[ In Reply To ..]
My office is in an upstairs "bedroom," though the only things in it are work-related. No bed, no chairs other than my work chair. There are no children in the home, so I'm the only one who comes up here. The system my employer uses leaves no voice file or patient report on my computer.

On what I make as an MT, I feel lucky just to be able - to swing having a roof over my head. (sm)

[ In Reply To ..]
My bedroom is my office. It's mainly an office, a just happen to have a bed in there. I'm the only person in my home, and I'm up on a hill so no one can walk by and peep into my window.

If HITECH mandates that I have an entire room designated solely for MT work and nothing else, then they'll have to have a little talk with my employer about upping the pay so I can afford a place with an extra bedroom or den.

If the govmt. wants to trudge up my hill and inspect my home, and I find that I can't work as an MT anymore because of some dumb, arbitrary rules, then the govmt. can pay my welfare check each month.

HITECH? - Not worried

[ In Reply To ..]
I work for a couple of different companies. One has gone the HITECH route to a degree...One still emails the reports back and forth, and they don't plan on changing anything soon. I would prefer using a secure FTP site, but if they don't see the need, it's on them. I have my "office" in my dining area. I also work in different states when out and about on my laptop. I don't use passwords. I don't even have a firewall other than the cable company one. I don't plan on changing a thing. I have been doing this 23 years. This is just typical government scare tactics. They are not going to come into your home and check your workspace! They don't have the manpower nor the financial resources to do that. The security of these medical records ultimately rests on the companies, not us worker bees.

Ok, until... - KRFan

[ In Reply To ..]
This attitude is okay as long as nothing happens. That is, as long as your laptop doesn't get lost or stolen, for example. As for what your companies do or don't do, you -- especially if an IC -- are still responsible for breaches of security. So if your laptop is stolen, and you have not taken elementary precautions (like passwords), then you are responsible. Under law, you have to notify all patients involved, and you can be fined or even imprisoned. If you lose a laptop, and your companies find out that you've lost it, they are obligated to report that to the federal (and probably state) government as a security breach, or else THEY will be fined etc. It's not all that big a deal to take a few elementary security steps, in my opinion.

I don't understand - MissyMT

[ In Reply To ..]
someone bragging their ignorance.

Your claims are horrendous. Why would you brag about them?

You doing this for 23 years, the ONE thing that has remained constant is confidentiality and you obviously have no regard for that. I've also done this a long time and worked in various different capacities and can tell you, you're in violation and I seriously hope you get busted. The "ain't my fault" defense just doesn't float.

Similar Messages:

Sep 26, 2012

Tax deduction when you work at home is definitely worth it. My friend is an accountant and anything done to improve your house is deductible (including crazy things like carpet cleaning, window cleaning). I even deducted new appliances and furniture and carpets ( in other rooms). ...

Apr 03, 2014

I have heard different interpretations of the "no commercial use" rule by Microsoft about the Home and Student version of Office. Some say you cannot use this version to work from home as an MT, and some say it only means that Home and Student version just doesn't have all the bells and whistles someone would need for commercial use. I just called Microsoft, and the rep told me that it IS okay to use it in that way, but I don't feel confident he really knew what I was ask ...

Nov 18, 2009

I did some research and have found that at least according to Federal Government guidelines, you can deduct home office expenses if you are an employee. The one big stipulation is that you are working at home because it is convenient for the employer. In other words, they cannot provide you with an office. Of course, in our case that is a no-brainer. The rest was pretty straight forward and much the same and I am doing now for tax deductions as an SE. My accountant ...

Apr 28, 2014

Do most of us have Microsoft Office Home & Student version or the Professional version? The only difference I can see is that Professional has 2 other features, Publisher and Access, which most of us don't need in our MT work. I can buy 2010 Home and Student for about 1/3 the cost of 2010 Professional. Thoughts? ...

Jan 27, 2015

Using H&H this year, not using the new simplified deduction. I understand the square footage, utilitities, all that and have done that part. My office is a dedicated room, no problem there. What I don't understand is where to deduct my supplies, internet, etc. I want to count ink cartridges, paper, internet, Shorthand, stuff like that but not sure where to do that. I already paid for this tax software (it was a deal through Amazon) but maybe I should ...

Mar 09, 2010

I am trying to find a desk and chair under $100 ideally that is comfortable and doesn't cause of a lot of strain on my wrists. Did any of you who work at home purchased your furniture at a specific store? I would appreciate any suggestions. ...

Mar 29, 2010

Has anyone claimed the home office credit while being an employee rather than IC? Does anyone know the "rules" with that? Seems that it could still be claimed since we HAVE to work from home. This is my first year as an employee, so I am curious. Thanks for any input. ...

Jan 28, 2011

I have not filed for the home office deduction in the past, even though I do have a fair size room dedicated solely to my office so, therefore, I would qualify. This year I had to buy a new computer for my job. My husband works out of state, so we have a lot of deductions for him and I am wondering if I should file for the home office deduction or not? I know it is quite often flagged for audit by the IRS, but I feel I am entitled to it. I just do not want to risk the higher chance of being au ...

Mar 15, 2012

I'm doing my taxes on TurboTax and it says you can claim the home office deduction if you work at home for the "benefit of your employer, ie, if no office or desk is provided." Does this apply to us ? I'm worried about taking the deduction and getting audited or something. I've never taken it in the past. Wondering if it's even worth it for me if we indeed can take it (I don't own a home). ...

Mar 18, 2013

Just by chance, does anyone know of an office job or other work from home, part time only? I am an MT myself but know of someone needing just an office job from home, she is not an MT. Any ideas would be appreciated. ...

May 14, 2014

Hoping someone out there can answer my question. I'm new with iMedX. I have Office Professional 2013 on my computer. According to their techs, their platforms aren't compatible with 2013. It has to be 2010 or lower. (Office 2013 has been compatible with other companies, but not with iMedX.) Someone has offered to let me use her Office 2007 Home and Student (not Pro), but we're not sure it will work with the iMedX platforms, which are IKM and Sc ...

Sep 25, 2014

Recently got new computer with windows 7 (old one had Vista) and put my word office 2007 home and student back on ...my shortcut keys (like F7) for spellcheck are not working...and I want to get the spellcheck visible on the task bar...any ideas how I can fix? Thanks!! ...

Mar 08, 2014

Numerous cc's not in the database which have to be added, address and all. Short reports, of course, that take 3x longer than the dictation time. Just shoot me now. I can't wait until I get a new job! Came close today - job lead was 1/2 day too late. :-( Hopefully the other person won't work out :-} ...

Apr 26, 2014

I'm starting with a new company next week. My Windows 7 PC has Office 2013 Professional. The new company's platform is only compatible with 2010 or earlier. I don't have the money to spend on 2010, so I'll either have to decline the offer or try to find a way to install 2010 cheaply. I thought I might be able to download a version for free, since it's not the newest version, but it doesn't look like I can do that. Any ideas? ...

Jan 28, 2012

There are new reporting requirements (MU, or meaningful use) within the HITECH Act. For the first time ever, patients' BMI, smoking history (patients 13 and over), and vaccination history and records will be reported directly to the federal government by their physicians. (These data were compiled in the past for epidemiologic purposes but not linked to individual patients.) And these are just the aspects of Stage I of EMR implementation -- Stage II ...

Nov 14, 2009

A few days ago the MTSO I work for informed us that it was even more important for us to be sure that the patient information in the demographics be accurate. They went on to say that if an error was made, the patient would now be informed of this. While I totally agree that at all times patient information, inculding DOB, MR number and other very important data be perfect every time, I can't help but wonder that if patients will be informed when this information is in error, w ...

Nov 15, 2009

Anyone check with their employer to see how they will handle an MT performing a HITECH HIPAA violation after 02/2010? Could be $100 fine for each occurence, up to $25,000/year. HITECH HIPAA violation could be an MT putting an incorrect doctor in for a carbon copy. I know the doctors are so very thorough in their carbon copy requests, so in that case, there should be very few problems...lol. ...

Mar 26, 2010

Just found out my employer is requiring all employees to take the HITECH test. This is from the law that was passed last year. We were told it would take about 5 hours to complete. Has anyone seen this test or taken it who can share some info (how long, how hard, etc?) Sure wouild appreciate a little info before starting. Thanks! ...

Jan 13, 2010

drop the account? Would you comply with HITECH and let the doctor worry about his own compliance and keep status quo? I have an acct that is part time and I could pick up more more elsewhere if I dropped him, but who wants to walk away from business in today's environment? This doctor is not overtly saying he refuses to send his dictation by encrypted email. He just is saying nothing and not changing anything. What would you do? ...

May 07, 2010

How can any company be compliant with HITECH/HIPPA when they send work overseas. Isn't that a HIPPA violation and should the patient be notified that their personal information, diagnoses, history, SS#, in some cases home address, DOB, etc, is sometimes mentioned in reports and overseas MTs have access to it? How can any company be compliant, especially with HITECH be compliant with these new laws, regulations, etc, when the patient is not aware their information is accessed overseas ...

Feb 07, 2010

“The Health Information Technology for Economic and Clinical Health Act (HITECH Act), enacted in February 2009, …expanded the reach of HIPAA, extending it to business associates effective February 17, 2010, and imposing nationwide notification requirements for breach of unsecured protected health information (PHI). Business associates will also now be directly obligated to comply with the security rule of HIPAA and implement security policies to safeguard electr ...

Jan 12, 2015

I was offered a position with a company who requires a HIPAA certificate, and I was wondering where others have gone online to obtain that and if anyone could suggest any that were under $20. Thanks! ...

Jan 27, 2010

Any info on the MT home course from At Home Professions? ...

Dec 17, 2009

I want to redo my office space. It's just a little corner in my bedroom because I live in a small townhouse where I rent but I need to freshen things up before I die of boredom. So what kind of desk, chair, keyboard, headphones, monitor, artwork, etc. make your workspace comfy? :) ...

Jun 25, 2011

Any comments on this company? Thanks. ...

Feb 04, 2014

confront some of these MMEs and their snarky notes. I said SOME MMEs. Some are wonderful, like Christmas and a new puppy rolled into one. ...

Dec 02, 2009

Does anyone work for the Findley, Ohio office and if so, your opinion please. ...

Jun 27, 2010

I want to reorganize my home office. Where is a good place to look for U-shaped desks? I have 2 computrers with 3 CPUs, printer, fax and reference books, not to mention 3 foot pedals, a mini casette transcriber, office files, multiple 3-ring binders, etc. etc. It would be so nice if it was compact, not spread out over the whole room - everything nice and neat and within reach. Is ths possible? and where do I start? TIA. ...

Oct 08, 2010

I will be placing this on the comedy board also, but since we at the evil Q have had such a bad day, I thought I would post it here also. Enjoy the laughs. http://www.youtube.com/watch?v=pkN1LcuMoJw ...

Nov 06, 2010

I applied to this company a week ago and they had called me back for a phone interview yesterday. They told me in an email that my scores were great, etc. After the phone interview (which I thought went well) the woman told me that I would be contacted later that same day. Well, she contacted me back about an hour later and said I was not a good fit for the company. Does not make sense to me whatsoever! I am glad I didn't get the job, I don't think I wanted to ...