A community of 30,000 US Transcriptionist serving Medical Transcription Industry

HIPAA data breach - see definition enclosed

Posted: May 02, 2010

I am reading far too many cases of MTs being fired/threatened for copying the wrong doctor on a report. While this constitutes an error, it does not (NOT) constitute a HIPAA breach.

HIPAA law is being wielded like an axe by misinformed management, with the regulations being used to threaten and fire a huge segment of the American workforce.

MTs fired for a "cc" issue need to report their job loss to their state labor department as well as the department of health and human services.

Please see below for definition of breach:

http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/index.html

Definition of Breach:

A breach is, generally, an impermissible use or disclosure under the Privacy Rule that compromises the security or privacy of the protected health information such that the use or disclosure poses a significant risk of financial, reputational, or other harm to the affected individual.

There are three exceptions to the definition of “breach.” The first exception applies to the unintentional acquisition, access, or use of protected health information by a workforce member acting under the authority of a covered entity or business associate. The second exception applies to the inadvertent disclosure of protected health information from a person authorized to access protected health information at a covered entity or business associate to another person authorized to access protected health information at the covered entity or business associate. In both cases, the information cannot be further used or disclosed in a manner not permitted by the Privacy Rule. The final exception to breach applies if the covered entity or business associate has a good faith belief that the unauthorized individual, to whom the impermissible disclosure was made, would not have been able to retain the information.

Yes it is a breach sometimes...here is why - Typin_away

[ In Reply To ..]
Dr. Jones office is at 123 Main St. Dr. Johns office is 325 Main St.

You are to copy Dr. Johns but instead copy Dr Jones and his office moved and that address now is a 7-11 so you fax information to a noncovered entity. You would have to notify the patient. It is a breach.

If it was a Dr. Office still and you could be fairly certain that they would shred this unintended document then it isn't a breach. But with a 7-11 you have no way of knowing what is done with that information and you can not without a reasonable doubt say the information continued to be protected.

Oh, geez... what is some 7-11 clerk gonna do with it? - Most barely speak/understand English. nm

[ In Reply To ..]
nm

Unlikely the new 7-11 would have the same fax number - as Dr. Jones old office

[ In Reply To ..]
just sayin...

Wouldn't the PO notice it was not a doctor's - sm -

[ In Reply To ..]
office since said office became a 7-11 ...they do have to read the address to sort it before delivering it. All sorting is done by hand by the mail carrier. As for the FAX #, I highly doubt that would be "left behind" so to speak for the next tenant to use. The doctor would take it with them unless for some reason the phone company would not allow them to transfer the number to their new location. As for the wrong report in the wrong chart, I work in a system where if you hit save too fast then the previous report you did will paste into the current chart you are in. It is a glitch there but we obviously need to stay on our toes about. Luckily I have never had the issue but several others I work with have, and no, no one has been fired over it. But if some one is dumb enough to put down the wrong doctor in the CC out of laziness to look it up, or taking the docs word on the spelling, etc, then you are just asking for trouble there.

okay, so like... - read on

[ In Reply To ..]
The reason I posted the definition of a data breach is because I am so disturbed that MTs are getting threatened and fired under the misguided application of HIPAA regulation.

Still, you have gone to considerable trouble to develop a HIPAA violation scenario wherein health records are delivered incorrectly to a 7-11. (?!)

HIPAA violations are about willful and wrongful dissemination and use of the private health record.

That being said, an MTSO certainly can fire you for whatever reason they want.

However, if the MTSO is inappropriately citing you with a HIPAA violation, I think the department of Health and Human Services ought to be made aware of it.

This is way out of hand.

PS: It is illegal to open US mail addressed to someone else. Don't worry about the 7-11. :)

I wonder what would happen if the MTs sued their MTSO - for firing them?

[ In Reply To ..]
An MT is fired because a cc was sent to an incorrect physician. **BUT** it is the MTSO who is requiring the MT to send cc's in the first place. And because the MT does not have access to the patient's actual medical records, it seems to me that sending cc's to others is beyond the scope of the MT's knowledge.

And yet, the MTSO is still requiring the MT to enter in that cc information. So in essense, is the MTSO asking the MT to take chances with the law that could result in the MT doing something illegal? It would be interesting to get an attorney's point of view on this.

Not true. That is why we have blanks. - MTSO Loophole

[ In Reply To ..]
If you're not sure who to send a copy to, just leave a blank. You can not get fired for leaving a blank - you CAN get fired for an incorrect CC on your report. The MTSOs have their "blank policy" which would cover their butts in a law suit. Don't waste your time.

Sounds like the MTSO has already thought this out - and has a loophole all ready

[ In Reply To ..]
As an MT, I will get in trouble with my MTSO if I manually type all of the names into the cc field, instead of choosing to auto populate that cc field with the only "Dr. John Turner" that is listed on the database that the MTSO has supplied me with.

So, it's a catch-22. I can either:

1. Choose the name to auto populate the cc field from the database and risk being wrong, thus risk breaking HIPAA and HITECH laws, or

2. I can choose to manually enter all of the cc names, but then get into trouble from my MTSO for "not utilizing the database" and risk losing my job.

Nice. Sounds like the MTSO has all of their bases covered. And, as usual, the MT is on the losing end of things.

Similar Messages:

Jun 09, 2014

Anyone get a notice of data security incident from PayTime regarding a hackers getting payroll information on MTs? OMG the list of information they got for me includes SS#, direct deposit bank account, DOB, phone number, home address, hire date, wage information . . . This is just so frustrating!! ...

Oct 29, 2009

Hi, I need a quick check on HIPAA rules. With respect to the health care debate, I want to write to my senator, etc., about a situation with a patient I transcribed on. The only info. I intend to give is that the patient was a: Russian immigrant, on welfare and receiving Medicaid benefits--when he should not have. He and his "sponsor(s)" was responsible for his care and living expenses. Further, I transcribed a note in which the doctor said that this patient wanted to re-sched ...

Aug 12, 2013

Did anybody hear about a recent breach of confidentiality by an "offshore partner?" I got a whiff of this and was unable to verify on Google... just curious if it has happened (again). ...

Apr 05, 2010

Below is a link to another breach of medical records. We can directly blame the fact that today's medical records largely dwell on the internet. Lest some of you come back with "but without the internet, we would not have jobs", let me tell you that we got along without the internet previously and had higher pay because the offshore vultures could not get at the records and we were in higher demand. We can do it again. http://valley.newhavenindependent.org/index.php/archives/entry/ ...

Sep 28, 2010

Hospital: Info on 6,800 patients leaked online The Associated Press E-Mail Print Text Size: tool name close tool goes here NEW YORK -- A New York City hospital has apologized for a security lapse that allowed personal information belonging to as many as 6,800 former patients to be published on the Internet. New York Presbyterian Hospital/Columbia University Medical Center said the information included names, clinical data and a few Social Secur ...

Dec 21, 2010

dictation found on the internet back in 2008. Just now reporting this apparently to the general public. Just saw this on Facebook. ...

Apr 12, 2010

In discharge summary: Lab Data: "Heart rate: 96 to 220 with no ST-T wave changes." Question is, is heart rate correct like this? Also, ST-T wave, is this correct or should there be a hypen between T-wave? Please help if you can. Thanks so much! ...

Mar 14, 2012

Wow my docs won't even put in a correct medical record number for their patients, I have to do it for them, which is fine because that is my job. Can you imagine what is going to happen when they have to put in all the info. Dang dudes, it is just 6 numbers. ...

Aug 15, 2012

Never heard of this one ... Dr. says while reviewing blood work, "On the smears, tuchim and aspirate, there were increased...." Anyone ever heard of that? Somebody, andybody????? Thanks :) ...

May 01, 2012

Does anyone know companies that have data migration work? Thank you. ...

May 01, 2013

What do you know about this company? Apparently they have a backlog and need help. ...

Oct 10, 2013

Didja see the MT proficiency report? I'm surprised we're not forced to sit on digital pads to record minutes out of chair and weight change during the day. Now, why the hell isn't there a proficiency report on the physicians? Minutes per report, how much voice recognition was invalid. We should get combat pay for doing some of these guys who obviously had their lips sewn shut. MM collects data on everything else... ...

Apr 14, 2014

I applied for a data entry job today after being unemployed for nearly 3-1/2 months. I can't seem to find anything I think I could start out doing after being home over the years. It seems data entry would fit for me. Getting back out there is hard. Depression has taken over, but I'm trying to manage without medication. Most days, I would like to go to bed and stay, but haven't up until this point. Anyway, thanks for listening to me vent. I pray I will at least get to interview, ...

Dec 20, 2014

If you ever chance to use Ctrl S for past reports, please check statistics. LMK if you see something "outta whack." Got my own screen shots (without patient name), would suggest you do the same. ...

Feb 12, 2015

Does anyone use a Verizon connection? Do you know data usage for an 8 hour day? I do not have cable where I live. I currently use a Verizon air card that the hospital I'm employed by maintains. We got out sourced and now I need to set up my own connection and pay for it. However, no one can tell me data usage so I can tell if the new job offered is going to be worth the expense. ...

Dec 11, 2009

I seem to be having a problem with getting the lab data in the right sentence structure can anyone help me out with this problem. Thank you in advance. ...

Mar 23, 2010

Anyone know anything about STP Medical Data Services? ...

Apr 26, 2010

Not too familiar with lab tests regarding this diagnosis, but it sounds like the doctor is saying: "T-cells showed WBC of 7,400, T4 162, TK 2,572, CBC: RBC 4, WCB 3,000 at lumbar puncture. The India ink stains were positive for cryptococcus. Acid _____ culture and gram stain were negative, sugar and protein were normal. ...

Jun 14, 2010

Anyone familiar with this? ...

Nov 02, 2011

What does a medical data abstractor do? Is this a remote job or an in-house job? Thanks in advance ...

Jan 14, 2013

Am I missing something, or did they remove the ability to import patient data when splitting a job? I cannot seem to find the button anywhere. ...

Jul 29, 2013

Does anyone know anything about this company and if they have much work available, how the pay is, etc.? ...

Nov 02, 2013

Have any of you heard back from them after "applying?" I even phoned them a couple of times and just got answering machine. Their website has the phone number transposed but is correct (supposedly not a sham place) in their posting here on MTSTARS. ...

Mar 20, 2014

Your thoughts and comments would be appreciated regarding the salaries for a data entry clerk versus a transcriptionist. Should a transcriptionist's pay be less, the same or more than a data entry clerk, and if you feel it should be more, how much more? Thank you for your comments. ...

Oct 22, 2010

My brain is fried. This is in Laboratory data of a Discharge Summary, doctor is speaking VERY quickly. s/l: S2P3 and S2O3 or maybe SUPD and SUOD. Sentence: CPK 69, LDS 426, S2P3 38, S2O3 44, serum amylase 30.... Help! =( ...

May 13, 2011

It seems that more and more companies, including some hospitals, are paying per line but then expecting you to do data entry, which of course you are NOT paid for. Just a few examples: Acute care on Dictaphone ExText/Word Client -- faxing, etc. McKisson -- Looking up and changing orders for radiographic studies Rad job posted here -- Entering patient demographics If an employer expects me to sit there and do data entry -- which has NO shortcuts -- IN ADDITION TO transcibing, then they' ...

Mar 07, 2012

nm ...

Mar 26, 2012

I am looking for work as an Mt and not having any luck. Today, I searched the job service board and found a cool job. It is an IC position with flexible hours and very good pay. It is collecting data for the county/township and entering it into a lap top. They want you to be ableto enter 7000 or more strokes per hour. I meet all the qualifications except this which, of course, is "key" to the job. I know nothing of data entry but I hate to pass on the opportun ...

Jun 27, 2013

Anyone know if ScribeRight got more data migration contracts? I thought this company's CEO said that there were a lot of good things happening and big contracts coming for data migration?! ...

Dec 21, 2013

computer typing screen down. Is there a way to clear out background without having to reboot the computer. I have my own computer. I think it is after I got into other websites to look at something like Goggle or what have you. ...