Ob-Gyn Coding Alert

Don't Let Home Coding Turn Into a Code Red

Just because you're coding from home doesn't mean you don't have to be HIPAA-compliant.
 
More and more physician practices are employing coders who work from home. While there are certainly benefits to these arrangements for all parties involved, they present special compliance challenges that practices must consider. "Out of sight does not mean out of mind," says Brenda Burton, president of MedExtend in Fayetteville, Ga.
 
"Anytime someone works from home, they have special training needs," says attorney Michael Roach with Michael Best & Friedrich in Chicago. First and foremost in today's HIPAA-laden compliance environment, practices should work hard to ensure that home coders don't compromise patients' privacy.
 
Practices need to establish clear confidentiality policies and procedures for all off-site employees, says St. Paul, Minn.-based attorney Gordon Apple. Practices and home coders should also ensure that they receive proper computer security training, and that they have a system that will accommodate secure flow of information, he says.
 
Another area of concern is access to the computer you might use off-site. Ideally, you would have a computer solely for work, and no one else would be allowed to use it, Roach says. At the very least, you need to ensure that there are access controls built into your system.

To help cover your bases, Burton suggests that home coders follow these computer security tips:

  Run virus scans and use firewalls to prevent hacking and viruses.
  Ensure that documents are not saved on floppy   disks/CDs, retained in hard copy, or saved on alternate  drives.
  Stay in touch with technical support. Be sure   information is not misrouted, and don't try to fix   something you are not trained to handle. Make sure   your passwords and access addresses are set up    correctly. Report any breaches to your privacy officer   or IT manager.
  Prohibit others from using your workstations.
  Take precautions to avoid accidental or intentional   misuse of confidential information.
  Secure your residence from mail interception. Use a  guaranteed delivery service and always sign when   sending and receiving packages.

Technical security issues aren't the only ones to consider. You must also ensure that paperwork isn't floating around that contains protected health information. This will require you to raise your consciousness level, Roach says. Keep all paperwork in a locked filing cabinet and don't run errands with a car full of PHI, he says.
 
And remember, HIPAA isn't the only game in town. Make sure you have received all the appropriate compliance training, Roach says. You should have a copy of your compliance program and attend compliance training sessions with other employees.
You’ve reached your limit of free articles. Already a subscriber? Log in.
Not a subscriber? Subscribe today to continue reading this article. Plus, you’ll get:
  • Simple explanations of current healthcare regulations and payer programs
  • Real-world reporting scenarios solved by our expert coders
  • Industry news, such as MAC and RAC activities, the OIG Work Plan, and CERT reports
  • Instant access to every article ever published in Revenue Cycle Insider
  • 6 annual AAPC-approved CEUs
  • The latest updates for CPT®, ICD-10-CM, HCPCS Level II, NCCI edits, modifiers, compliance, technology, practice management, and more

Other Articles in this issue of

Ob-Gyn Coding Alert

View All