new logo

Absolutely Accurate News

March 2013


New HIPAA laws/confusion CONDENSED IN A NUTSHELL for you!


1.5 million dollars.


That is the maximum penalty a medical practitioner or business associate can incur if there is a breach with the privacy of a patient's health information. In a 563 page document, the U.S. Department of Health and Human Services (HHS) outlines the significant changes necessary to bring the Health Insurance Portability and Accountability Act of 1996 (HIPAA) into the digital age. It is concerning that HHS anticipates that, with the new notification requirements, they will receive notification of 19,000 breaches annually which will affect 6.71 million people. The Omnibus ruling goes into effect March 23, 2013, and practitioners will have 180 days to implement changes to comply.

The law

Besides the original HIPAA ruling of 1996, the new ruling includes the HITECH Act (Health Information Technology for Economic and Clinical Health Act) and GINA (section 105 of Title I of the Genetic Information Nondiscrimination Act of 2008). The concern with this Omnibus ruling is that there are so many facets it may be difficult for many practitioners to understand all that is required, and then it will be difficult to implement all of the considerable changes. However, after initial implementation, the government hopes that it is actually easier for practitioners to abide by this ruling than before. With a $1.5 million penalty, it also has grown some considerable teeth to ensure better patient privacy protection; practitioners have no choice but to adapt.

The new requirements

  • The new ruling increased data breach notification requirements. Now any incident involving patient records is assumed to be a breach, and, unless a practice conducts a risk assessment that proves a low probability that any protected information was compromised, the breach must be reported to the government. (This is why the HHS anticipates the increase in official reports of breaches.) Previous regulations had required a practitioner to notify affected patients and the federal government only if the practitioner determined that a breach involving patient records had occurred and that it carried a significant risk of financial or reputational harm to patients.
  • These laws now apply to business associates and subcontractors. However, this does not mean that any breach incurred by subcontractors is their liability alone. The practitioner who hired the contractor will also take on legal responsibility. For example, if someone who was paid to shred patient files instead throws the documents into a trash bin and causes a breach, the practitioner is also subject to enforcement violations caused by the contractor.
  • Genetic information, previously neglected by HIPAA, is now protected. It prohibits health plans from using or disclosing genetic information for underwriting purposes.
  • The sale of patient health information for marketing and fundraising is now prohibited. Also, it prohibits the sharing of information with health insurance companies if the patient paid for services with cash.
  • The ruling streamlines the patient's ability to authorize the use of their health records for research purposes and sharing immunization records with schools.
  • The ruling provides patients rights to access their health information, including obtaining records in an electronic form.
  • It mandates that practitioners must revise their notices of privacy practices to explain relationships with business associates and the breach notification process. This policy must be placed within a prominent area in the medical facility and be made available for patients to review and keep a copy. Placing this policy on the practice's website is acceptable. It does not need to be reissued to current patients, but it must be given to all new patients.
  • Most significantly, the new ruling strengthens the government's ability to enforce the law and has higher penalties for data breaches. These penalties max out at $1.5 million per incident.

Steps for implementation

Implementing these requirements will take some effort, but, once they are in place, practitioners should be able to meet the new HIPAA regulations with ease. Here is a list of steps practitioners can take to ensure patient privacy is guaranteed and the medical facility is in compliance.

  • Encrypt all electronic data
  • Review and update notices and documents since 2003 to include electronic records
  • Train all employees on privacy and security
  • Develop appropriate procedures for the disposal of information
  • Designate a security official within the medical facility to monitor procedures
  • Implement appropriate contracts with subcontractors
  • Conduct a thorough security risk assessment on all activities related to capturing, using, storing or transmitting electronic patient health information
  • Develop notification procedures if a breach of HIPAA is found
  • Examine and redesign workflow to handle the new requirements. For example, if a practice has an electronic health records system, patients can ask for copies of their medical records in electronic formats of their choosing. If the practice cannot readily produce a record that way, it must offer another electronic format or a hard copy if that format is rejected
  • Terminate all access to information for former employees immediately upon termination/resignation

Transcription Plus, LLC and HIPAA

Upon research, The HHS found that the largest breaches of privacy were with contractors and subcontractors. It is important that practitioners select their associates with care. They should be wary of any contractor who sends work to be done in off-shore locations. They should be confident that the contractor uses the most rigorous technology to ensure privacy. Additionally, the contractor must continue to educate and train staff to maintain a meticulous standard of ethics and conduct.


Transcription Plus, LLC is pleased to announce that we do just that. 
 We hand-pick our staff to ensure we can provide the upmost respect for our clients and continuously implement training and auditing to maintain privacy standards. We are proud that, unlike many other transcription companies, we have NEVER outsourced our work overseas for a cheaper labor. Finally, our technology privacy measures are multi-faceted, which includes full transmission encryption of all data and an audit trail for every transaction. Click here to learn more about our technology and how we are HIPAA Compliant.


Transcription Plus, LLC is ready to step into the next phase of health care with you. Please contact us here to learn more about how we are making this change easier for you. 



Mary Goehring


Transcription Plus, LLC


facebookSocial Media

Like us on FacebookView our profile on LinkedInFollow us on Twitter 

mailinglistJoin Our Mailing List
In this Issue

HIPAA Updates
Staff Spotlight

New Clients

StaffSpotlightStaff Spotlight

Samatha Mulcahy
 Certified Medical Transciptionist



Samantha Mulcahy has been with Transcription Plus, LLC since May of 2012.  Receiving her Transcription education at Career Step, Samantha specializes in Cardiology.

Click here to read interview with Samatha


Click here to read about our staff
NewClientsWelcome New Clients

We welcome the following clients to Transcription Plus, LLC:


They are:  

Jenifer S.
Joel S.
Heather G.
David M.


Welcome to the Transcription Plus, LLC Community!

linksQuick Links


Simplify your life's conversations with documentation!
Crisp and clear, high volume audio recording of any telephone conversation can be yours with no additional equipment required. There are many applications for this service. Physicians, Attorneys, Law Enforcement and Business Professionals have conversations with patients, opposing Attorneys, clients or initiate conference calls. All information discussed can be recorded and documented so there is no question as to the accuracy of what was discussed.  This service is even beneficial for an individual's personal use. We live in a very litigious society. Whether you have a verbal agreement with a contractor or with family and friends, there is no need to be deceived or swindled or have any controversy regarding those agreements. Never rely on memory regarding exactly what was discussed in a telephone conversation again.

referralReferral Benefits Program

Our Referral Benefits Program offers a 10% discount
(for a consecutive 4-week billing cycle) to anyone who successfully refers a client to us. This is our way of saying THANK YOU for your support and patronage.

Our goal here at Transcription Plus, LLC is to provide you with a service that exceeds your expectations.