TollFree Phone Transcription
In a nutshell, 30 Satisfied Medical Practices will tell you the whole story about our expertise and commitment over the years. We have customers in almost all the specialties. Our account management experts treat every customer as unique and thoroughly analyze and chart the process migration. Our Turn around time of standard 12 hours ( next day morning ) delivery is highly appreciated by all our customers.
How do we get the Physician dictations sent to us?
Upon singing for our service, we provide Olympus Digital Dictations machines to our customers. We also work with various familiar dictation machines held and used by customers. Recorded dictations are then sent to us using our online browser based facility. It is user friendly and boundary less, you can just use Internet explorer, no other software to install and mange.
Toll Free Dictation
We have state of the art dictation server and toll free telephone connectivity to handle customers opting to dictate using telephone as dictation method. It is very handy and suitable for busy physicians working multi locations. Our dictation server takes care of recording, converting and forwarding to the transcription office.
How the reports and other documents delivered to Practices?
Practices can download reports from our online archival system upon alert email from our office. Upon special request, reports can be forwarded as encrypted attachment to your emails address.
HIPAA defines companies that provide service to Healthcare Providers as Business Associates. Though the guidelines and regulations of HIPAA are not directly enforced upon Business Associates, but rather on the Healthcare Providers, At TranscriptionStar, we are meticulously working on complying to very details of the Security and Privacy regulations of HIPAA. Besides, we are active participants and followers of guidelines by HL7EHR Security and Privacy Issues and JCAHO
We help the Providers to fulfill the PHI Privacy and Security requirements. We always enter into a written agreement with each physician or physician group that we will honor the privacy guidelines established by HIPAA and maintain technical and personnel safeguards to maintain the security of that data.
Security Guidelines of Administrative Simplification*
- Documented formal practices to manage the selection and execution of security measures to protect data and the conduct of personnel in relation to the protection of data.
- Your Pediatrics Reports Transcription assignment will be assigned to a separate pool of transcriptionists.
- Contingency - Data Backup, Disaster Recovery, Emergency Mode
- Information Access Control - Access Authorization, Access Establishment, Access Modification
- Personnel Security - Personnel clearance including custodial services
- Security Configuration Mgmt - Hardware/software installation and maintenance
- Virus checking
- Security Incident Procedures - Report/Response Procedures
- Security Mgmt. Process - Risk analysis and Management
- Sanction and Security policy
- Termination Procedures - locks changed, removal from access lists and user account(s)
- Training - User ed. Concerning virus protection and password management
The protection of physical computer systems and related buildings an equipment form fire and other natural and environmental hazards, as well as from intrusion. Physical safeguards also cover the use of locks, keys, and administrative measures used to control access to computer systems and facilities.
- Media Controls - Access control, Accountability, Data Backup and Storage, Disposal
- Physical Access Controls - Disaster Recovery, Emergency Mode Operation, Equipment Control
- (limited access) Need-to-Know Procedures for personnel access
- Policy and guidelines on workstation use
- Secure workstation locations
- Security Awareness Training (including business associates like transcription companies)
- Include the processes that are put into place to protect and to control and monitor information access.
- Access Control - Applies primarily to EMR and includes: Context-based, Role-based, and User-Based
- Access, Encryption, and Emergency access procedures
- Audit Controls
- Authorization Control - Role-based and User-Based access
- Data Authentication
- Entity Authentication - Requisite: Auto Logoff and Unique User ID, plus at least one of the following:
- Password, PIN, Tele-callback, Token, Biometric signature
Technical Security Mechanisms
- Include the processes that are put into place to prevent unauthorized access to data that is transmitted over a communications network.
- Communications/Network controls - Requisite: Integrity Controls and Message Authentication plus one of the following:
- Access Control, Encryption
- If using a network, add:
- Alarm, Audit Trail, Entity Authentication, Event Reporting
- *These are excerpts from Federal Register documentation on Administrative Simplification regarding Security. For comprehensive text, download documentation from the web by clicking here
Privacy Guidelines of Administrative Simplification*
The Privacy Rule provides the first comprehensive Federal protection for the privacy of health information and is carefully balanced to provide strong privacy protections that do not interfere with patient access to, or the quality of, healthcare delivery.
By the compliance date of April 14, 2003 covered entities (Health Plans, Healthcare Clearinghouses, and Healthcare Providers) must implement standards to protect and guard against the misuse of individually identifiable health information. Failure to timely implement these standards may, under certain circumstances, trigger the imposition of civil or criminal penalties.
Incidental Uses and Disclosures (45CFR 164.502(a))
An incidental use of disclosure is a secondary use of disclosure that cannot be reasonably be prevented, is limited in nature, and that occurs as a result of another use or disclosure that is permitted by the Rule. An incidental use or disclosure is NOT permitted if it is a by-product of an underlying use or disclosure which violates the Privacy Rule.
Minimum Necessary (45CFR 164.502(b), 164.514(d))
The essence of this rule is the conveyance of patient information, in whatever form that conveyance may take (documented, verbal, data transfer, etc.) with the minimum amount of data necessary to meet the current treatment needs of the patient. The Privacy Rule requires covered entities to take reasonable steps to limit the use or disclosure of protected health information to the minimum necessary to accomplish the intended purpose.