All U.S. Work Force (1 of 3)
Did you know Mercedes Transcription, Inc. is one of the last survivors of U.S. transcription companies that does not ship any of its work overseas?
Companies send transcription work overseas to save money. But there’s a couple big reasons why offshoring medical transcription can be a risky practice:
Is it secure?
Mercedes Transcription is compliant with HIPAA, the Health Insurance Portability and Accountability Act. While offshoring transcription is also HIPAA compliant, foreign countries are not bound by U.S. law, and therefore HIPAA has no standing there. Furthermore, what if offshore transcription services are themselves outsourcing?
As the degrees of separation increase for transcribed documents, so too do the risks for breach of information.
Consider this story of a Pakistani transcriber threatening to release patient records over back pay: “A woman in Pakistan doing cut-rate clerical work for UCSF Medical Center threatened to post patients’ confidential files on the Internet unless she was paid more money.”
“The violation of medical privacy…highlights the danger of offshoring work that involves sensitive materials, an increasing trend among budget-conscious U.S. companies and institutions.”
“U.S. laws maintain strict standards to protect patients’ medical data. But those laws are virtually unenforceable overseas, where much of the labor- intensive transcribing of dictated medical notes to written form is being exported.”
“Tomi Ryba, chief operating officer of UCSF Medical Center stressed that the renowned San Francisco facility is not alone in facing the risk of patients’ confidential information being used as leverage by unscrupulous members of the increasingly global health-care industry.”
“The Pakistani woman’s threat was withdrawn only after she received hundreds of dollars from another person indirectly caught up in the extortion attempt.”
As a result of these types of security risks in dealing with overseas firms, companies must perform risk assessments if they are going to send transcription work (or any PHI, Protected Health Information) offshore.
“It’s uncertain how the U.S. Office of Civil Rights (OCR) would enforce extraterritorial HIPAA violations, as it would be difficult, expensive and in some cases impossible. Still, firms cannot afford to risk exposure, and be left holding the bag.”
Mercedes Transcription has never shipped any of its work overseas.
Having a 100% U.S. work force allows us to reduce the degrees of separation and ensures HIPAA compliance, which we take very seriously.
Do we encrypt digitized dictation transmitted over the Internet? Absolutely – all communications between the medical facility and our transcription software are encrypted using 168-bit triple DES encryption, and data sent over the internet is encrypted and sent over the HTTPS protocol, which adds an additional 128-bits on top of the already robust encryption.
Is data stored in secure, firewall-protected servers, and are user IDs and passwords required to access it? Yes.
Have transcriptionists signed confidentiality agreements? Yes.
Are transcriptionists prevented from downloading, printing, faxing, or otherwise capturing patient files for possible misuse? For sure.