|Patient Information Confidentiality |
Despite the benefits of offshore medical transcription services, the debate over sending physicians' dictation overseas continues. Those who oppose sending dictation overseas express concern that patient information confidentiality will be compromised. As such, we have implemented multiple levels of security to ensure confidentiality of patient information. Our clients may choose among the following options:
Level 0 - Nominal Transcription (Not Recommended)
Nominal transcription is a procedure in which the transcribed medical reports are linked to the patient by a personal identifier (e.g., first & last name, address, telephone number). Some or all individually identifiable health information about the patient are included in the physician's dictation. This is currently being practiced by medical transcription companies operating locally or internationally. Some companies employ strong encryption measures to conceal the patients' personally identifiable information.
Level 1 - Non-Nominal Transcription
Non-nominal transcription is a procedure in which transcribed medical reports can be linked to the patient by a code (which does not include personal identification of the patient) known to the physician. The medical transcriptionist also knows the identity of the patient, but the transcribed medical reports remain confidential. The medical transcription company keeps its own patient database, and is updated whenever the physician offers new information (usually upon introduction of patient to the medical transcription service). Companies employ this setup for physicians who require long-term archival and easy retrieval of transcribed medical reports.
Level 2 - Anonymous Transcription (Recommended)
Anonymous transcription is a procedure whereby transcribed medical reports can be linked to the patient by a code known only to the physician. Neither the medical transcriptionist transcribing the report nor anyone else knows the identity of the patient.
Employee policies are in place. These include procedures regarding security, confidentiality, information use and flow, release of information, established mechanisms for responding to security breaches, structures for determining and granting/revoking access privileges to the file server and MT workstations.