Outsourcing Your Medical Transcription Services

Whether you are a hospital entity, a doctor or a patient that needs medical transcription services, the internet is a viable means for outsourcing such a service.

What is medical transcription?

Medical transcription is a process that involves conversion of voice or audio reports into written texts for better documentation and reporting purposes. This kind of medical services is indeed very necessary in any hospital unit, and as such, most hospitals do employ individuals that cater to the task of medical transcription.  However, the modern time calls for better innovation in the medical field, and as such even brought some changes on how medical transcription works. This time, hospital or doctors outsource their medical transcription services.

The Benefits of Outsourcing

Because of the surge of demand for better documentation of electronic health records(EMRs), hospitals are now veering towards outsourcing their medical transcription services only to meet the demands. It is in this nature that outsourcing medical transcription services has warranted benefits for hospital entities:

1.                  Cost-efficient. Medical transcription companies can offer lower overhead cost in terms of the services the hospital would require. The hospital does not have to employ a specific personnel to tackle the medical transcription duties, and instead outsource this task to a medical transcription company. You only get to pay the company once you require their services, which is indeed a cost-effective way.

2.                  Expertise. Instead having to hire then train personnel to do the medical transcription, calling on a company that offers such a service is better in terms of expert transcription of these medical records. You can be assured that expert staff of a company that only offers the best in the industry processes the medical transcription of important medical documents accordingly.

3.                  Faster Transcription. Tapping the resources of a medical transcription company can give you result in faster turnaround, according to your need and specification.

Physical Security for Data Centers

Well-publicized health information breach incidents are serving as important reminders that paying attention to the physical security of data centers is a vital component of any information security strategy.

For example, in the largest breach reported so far under the HITECH Act breach notification rule, insurer Health Net says 1.9 million individuals may have been affected when server drives were discovered to be missing from a data center managed by IBM (see: Health Net Breach Tops Federal List). While details about the incident remain sketchy, the breach reinforces the need to pay attention to physical security details.

The HIPAA security rule spells out more than a dozen requirements for physical security, says Andrew Weidenhamer, audit and compliance manager at SecureState (See: Physical Security: Timely Tips). The National Institute of Standards and Technology offers HIPAA security rule compliance guides, he points out.

Key Physical Security Steps

The three most important physical security steps to take to protect data centers, Weidenhamer says, are:

• Make sure that all critical servers are housed behind locked doors using auditable access control measures;

• Limit data center access to only those individuals who have a legitimate need;

• Ensure that visitors, contractors and others are always escorted within the secure area.

Montgomery County Memorial Hospital, a 25-bed critical access facility in Red Oak, Iowa, takes all these steps at its new data center in a recently opened addition to the hospital, says Ron Kloewer, CIO.

All hospital employees use RFID proximity badges that enable them to open doors to restricted areas, based on their roles. Only about eight staff members have access to the data center, he notes.

A camera at the door to the data center ensures that "every coming and going from the data center is recorded," he adds. And directory maps of the hospital don't display the location of the data center.

PCI, HIPAA Compliance

An often overlooked physical security measure involves making sure that vendors hired to handle offsite storage of backup media have demonstrated their compliance with all relevant federal regulations, including HIPAA and the Payment Card Industry Data Security Standard, or PCI DSS, Weidenhamer says.

He also urges healthcare organizations to encrypt backup tapes, as well as all media and devices that store protected health information. "Encryption is the single best way to protect sensitive data," he notes. "Healthcare management companies are going to be in a much better position in the event they are breached if the data is encrypted."

A recent major health information breach incident illustrates the value of encrypting backup tapes. New York City Health and Hospitals Corp. notified 1.7 million individuals of a breach that occurred when unencrypted backup tapes were stolen from a truck that was transporting them for offsite storage (See: New York Breach Affects 1.7 Million).

Montgomery County Memorial Hospital will implement encryption of its backup tapes stored offsite in the coming weeks, Kloewer notes. Plus, it's developing a strategy for encrypting drives on servers in its data center.

"Healthcare service companies need to perform a data flow analysis to determine where all sensitive data is located, classify these assets and data and then implement security controls," Weidenhamer stresses.