Monday, August 8, 2011

Hospital to keep outsourcing its paperwork despite security breach

A MAJOR hospital will continue to outsource the transcription of medical reports despite a breach of security involving possibly tens of thousands of patients.

Tallaght Hospital yesterday admitted it had called in the gardai to help find out how sensitive patient information "got into inappropriate hands" in the Philippines.

It has contracted out the transcription of medical reports and doctors' letters to private company U-Scribe since 2004.

However, the hospital terminated this contract last May when concerns emerged about security procedures.

Despite the security breach, the hospital -- which has since appointed a new service provider, Dictate IT -- resisted calls last night for it to keep transcription services in-house.

MIAOULIS NOTE: It is important to document that your business associates have security controls in place.  Covered entities should perform some level of validation and discussion.  Remember, if your Business Associate (i.e. transcription service) has a breach the Covered entity (Hospital, etc.) is responsible.

A good rule of thumb is that the patient entrusted you (the covered entity, hospital, physicians practice, etc.) and you are responsible for that data.

1 comment:

Anonymous said...

Outsourcing requires trust between the client and the contractor. In this case, patients have no way to win in this dilemma. And when it comes to handling the hospital finances, I think it is best recommended to hire an internal team to keep all the records.

Bookkeeping Adelaide