Page 21 - Part 2 Navigating Electronic Media in a Healthcare Setting
P. 21
SVMIC Navigating Electronic Media in a Healthcare Setting
card, the moment it is discovered that the device is out of the
user’s control, the password and the app must become
inaccessible to would-be hackers. It is important to note that
according to HIPAA, simply changing the password for the device,
in general, is not sufficient. Should confidential patient information
be exposed, an authorized user must be able to change the
application password that is responsible for maintaining PHI.
Remember that HIPAA compliance is the responsibility of covered
entities and their business associates. Careful consideration must
be given to the products that manage PHI and the created PHI
data, because ultimately, protecting ePHI is the responsibility of the
practitioner. There are resources available that can educate
practices on the benefits and detriments of various companies and
entities providing dictation or voice recognition software. As
always, if you are not completely familiar with how a program
utilizes PHI and how the program protects PHI at every stage,
consult an expert professional.
Some physicians attempt to protect themselves and/or warn
subsequent providers about the potential for inaccuracy when
using speech recognition software or other engine-generated
transcription tools by including a “disclaimer” with the note such
as:
“Dictated but not read”
“Signed but not read”
“Portions of the record may have been created with voice
recognition software. Occasional wrong word or ‘sound-a-
like’ substitutions may have occurred due to the inherent
limitations of voice recognition software. Read the record
Page | 21
