General Surgery Coding Alert

Don't Let Home Coding Turn Into a Code Red

Just because you're coding from home doesn't mean you don't have to be HIPAA-compliant.
 
More and more physician practices are employing coders who work from home. While there are certainly benefits to these arrangements for all parties involved, they present special compliance challenges that practices must consider. "Out of sight does not mean out of mind," says Brenda Burton, president of MedExtend in Fayetteville, Ga.

"Anytime someone works from home, they have special training needs," says attorney Michael Roach with Michael Best & Friedrich in Chicago. First and foremost in today's HIPAA-laden compliance environment, practices should work hard to ensure that home coders don't compromise patients' privacy.
 
Practices need to establish clear confidentiality policies and procedures for all off-site employees, says St. Paul, Minn.-based attorney Gordon Apple. Practices and home coders should also ensure that they receive proper computer-security training and that they have a system that will accommodate the secure flow of information, he says.
 
Another area of concern is access to the computer you might use off-site. Ideally, you would have a computer solely for work, and no one else would be allowed to use it, Roach says. At the very least, you need to ensure that access controls are built into your system.
 
To help cover your bases, Burton suggests that home coders follow these computer security tips:

 

  • Run virus scans and use firewalls to prevent hacking and viruses.
     
  • Ensure that documents are not saved on disks/CDs, retained in hard copy, or saved on alternate drives.
     
  • Stay in touch with technical support. Be sure   information is not misrouted, and don't try to fix   something you are not trained to handle. Make sure   your passwords and access codes are set up    correctly. Report breaches to your privacy officer   or IT manager.
     
  • Prohibit others from using your workstations.
     
  • Take precautions to avoid accidental or intentional   misuse of confidential information.
     
  • Secure your residence from mail interception. Use a  guaranteed delivery service and always sign when   sending and receiving packages.

    Don't Neglect Good Old-Fashioned Paper
     
    Technical security issues aren't the only ones to consider. You must also ensure that paperwork isn't floating around that contains protected health information. This will require you to raise your consciousness level, Roach says. Keep all paperwork in a locked filing cabinet, and don't run errands with a car full of PHI, he says.
     
    And remember, HIPAA isn't the only game in town. Make sure you have received all the appropriate compliance training, Roach says. You should have a copy of your compliance program and attend compliance training sessions with other employees.

  • Other Articles in this issue of

    General Surgery Coding Alert

    View All