HIPAA Compliance and Transcription
Many industries, including insurance, legal, and healthcare require Transcription Partners to access confidential and identifiable Protected Health Information.
Transcription Partners always seeks methods to secure our data and maintain strict confidentiality of the information we are entrusted to review and transcribe.
What Information is Protected
Electronic Protected Health Information. The HIPAA Privacy Rule protects the privacy of individually identifiable health information, called protected health information (PHI). The Security Rule protects a subset of information covered by the Privacy Rule, which is all individually identifiable health information a covered entity creates, receives, maintains or transmits in electronic form. The Security Rule calls this information “electronic protected health information. The Security Rule does not apply to PHI transmitted orally or in writing.
The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for sensitive patient data protection. Companies that deal with protected health information (PHI) must have physical, network, and process security measures in place and follow them to ensure HIPAA Compliance.
Transcription Partners employs a HIPAA-supported cloud solution.
Our FTP server solution has taken steps to comply with relevant aspects of HIPAA and provides customers interested in processing and storing Protected Health Information (PHI) with customer-configurable application security controls designed to satisfy HIPAA requirements.
Transcription Partners provides the tools you need to meet strict security standards, including the encryption and data-protection requirements of the HIPAA Security Rule and Meaningful Use standards.
The HIPAA Privacy Rule and Business Associates
45 CFR 164.502(e), 164.504(e), 164.532(d) and (e) (Download PDF)
The HIPAA Privacy Rule allows covered providers and health plans to disclose protected health information to “business associates” if the providers or plans obtain satisfactory assurances that the business associate will use the information only for the purposes for which it was engaged by the covered entity, will safeguard the information from misuse, and will help the covered entity comply with some of the covered entity’s duties under the Privacy Rule. Covered entities may disclose protected health information to an entity in its role as a business associate only to help the covered entity carry out its health care functions – not for the business associate’s independent use or purposes, except as needed for the proper management and administration of the business associate.
A “business associate” is a person or entity that performs certain functions or activities that involve the use or disclosure of protected health information on behalf if the activity or service involves the use or disclosure of protected health information. of, or provides services to, a covered entity. A member of the covered entity’s workforce is not a business associate. A covered health care provider, health plan, or health care clearinghouse can be a business associate of another covered entity. The Privacy Rule lists some of the functions or activities, as well as the particular services, that make a person or entity a business associate,
Business associate services are: legal; actuarial; accounting; consulting; data aggregation; management; administrative; accreditation; and financial.