Friday, July 16, 2010

Medical transcription outsourcing: Going the HITECH way!

Health Information Technology for Economy and Clinical Health (HITECH) act providing for privacy and security of patient health information was enacted on 17th February 2009, as part of the American Recovery and Reinvestment Act. (ARRA). The HITECH act has become effective on 17th February 2010.

HITECH has improved and expanded on the concerns and issues addressed by HIPAA (Health Insurance Portability and Accountability Act). HITECH has added new requirements concerning privacy and security for health information that materially and directly affects many entities, businesses, and individuals in ways more diverse than HIPAA

How does HITECH affect medical transcription service providers?

HITECH has added as ‘Business Associates’, organizations that transmit protected Health Information and require access on a regular basis to such information.

Medical transcription is the process of converting audio records of the patient-healthcare professional encounter into text format. The process of medical transcription is made efficient and cost effective when outsourced to a professional medical transcription service provider. Medical transcription service providers come under the purview of HITECH as business associates, as they have access to patient health information and are involved in the process of transmitting this data back and forth during the process of transcription.

What are the steps to be taken by a medical transcription service provider to ensure compliance with the HITECH act?

To be compliant with the HITECH act, the medical transcription service provider needs to implement the following:


  • Identify the compliance requirements specific to their organization

  • Carry out a risk analysis that includes the total flow of Patient Health Information (PHI) during the process of transcription. This needs to include the beginning of the process, all the steps in between up to the conclusion of the process, namely:

  1. Collection of dictation

  2. Transmission of audio files

  3. Distribution of audio files for transcription

  4. Shared access for quality checks

  5. Transmission of transcripts back to the healthcare professionals

  6. Archiving

  • Identify the high-risk areas and look at the current risk containment measures. Revise the measures to ensure that they are in tandem with current requirements and latest technology, making sure there are no loopholes to allow for breaches

  • Ensure that employees and any third parties having access to PHI are fully trained on the privacy and security requirements. Make them aware of their role in protecting PHI

  • Review existing relationships between covered entities and develop a continuing compliance strategy

  • Develop a strategy to minimize breaches, an early detection plan for identifying breaches and an action plan for quick responses to contain breaches, if any
While outsourcing medical transcription, it has become important for healthcare facilities to ensure that the service provider is fully aware of the requirement to protect the PHI under the HITECH act and have measures in place to ensure compliance.

TransDyne a leader in the outsourced medical transcription industry has always understood the importance of securing and protecting confidential patient health information during the process of medical transcription. Measures have been taken to ensure that PHI is protected at all levels. The measures taken by TransDyne to be HIPAA and HITECH complaint include:


  1. No sub-contractors: Work outsourced to TransDyne is executed in-house and no subcontractors are used.

  2. Educating the team: The transcription team, i.e. medical transcriptionists, proof readers, language editors and the quality assurance team have been educated on the importance of protecting and securing PHI

  3. Inbuilt security routines: All applications and processes have inbuilt security measures like password changes, access audits and related exercises.

  4. Joint access: Most confidential databases can only be accessed by a combination of passwords of a minimum of two individuals.

  5. Restricted Internet and Email access: Unlimited access to Internet can lead to security breaches. Access is limited to a few limited sites.

  6. Legal Declarations: Declarations are signed by employees undertaking to maintain the security of data.

  7. Security audits: Frequent audits are carried out to ensure that all procedures are followed and are effective

  8. Disabling ports for removable media: Ports for using removable media have been disabled to eliminate misuse of PHI
Company owned and managed facilities


  1. Manned security

  2. Video surveillance

  • Securing Technology: Technology has been secured by use of security features like

  1. All medical transcription related software applications are built in-house.

  2. Database based systems.

  3. 128-bit data encryption

  4. Multi-tiered application architecture

  5. Design level security safeguards

  6. Firewall protected networks

  7. Sterilized e-mail servers

  8. Denial of access procedures and

  9. Multi-modal alerts
To know more about secure medical transcription services by TransDyne, click here.

2 comments:

  1. Medical Transcription Services have come a long way from the early days of typewriters and carbon copies, but the way they are billed is often a mystery. So how do you know if you’re getting the best deal? Clearly, accuracy is critical. But with myriad ways medical transcription services companies compute their charges, it’s important to understand HOW to get an “apples to apples” comparison between potential service providers.

    For more information about medical transcription services visit http://www.mxsecure.com

    ReplyDelete
  2. Hi, this is Jeff D Marsh with Yantram –data entry services, online data service Provider - a part of Yantram BPO Services Pvt. Ltd. We can serve your all kind of requirements like Yantram - Data Entry, Data Entry Companies, Data Processing Services, XML Conversion Company, Offshore Data Entry Work, Offline Data Entry Work, Web Research Services and Data Conversion outsources, Image Processing Services, Image Editing Services.
    http://data-entry.outsourcing-services-india.com
    I like your information. It’s helpful to me.
    Your Blog is very informative for me. We are also provided Data Entry Services.

    ReplyDelete