Beware of the security concerns before you outsource your billing and hire a freelance insurance biller.
The Covid 19 crisis reshaped work in America.
According to recent polls, one by the Pew Research Center and another by the Becker Friedman Institute for Economics at the University of Chicago, the majority of Americans prefer to work from home—and the majority of workers are at the very least partially working from home.
Even though the percentage of work-from-home workers is slightly lower than during lockdown in 2020, the number of people ditching the commute for their stay-at-home office is higher than ever.
This cultural shift toward work has the potential to change who you hire for your optometry practice’s billing positions. Freelance insurance billers are popping up every day, everywhere. Optometrists, looking to minimize overhead, are outsourcing components of their RCM to these out-of-office service providers.
But slow down!
While this option is appealing, there are some security risks. The biller must have key security protocols in place with dealing with patient data remotely. Some protocols are mandated by HIPPA; others are simply best practices to protect your practice and the patient.
So, before you respond to an ad for a “Cheap, Experienced Freelance Insurance Biller,” be ready to ask these seven important questions.
1. Do you have written policies and procedures?
If the biller answers yes to this question, then you might not need to ask all the remaining questions.
A written policies and procedures document ought to highlight how the freelance insurance biller protects data and patient information, through measures like encryption, password protection, a secure office setting, never working without a VPN, and disposing of documents properly.
Don’t be afraid to revisit the document from time to time and ask the biller to provide proof of their procedures.
2. What is your work environment like?
Some households have multiple people working from home. That means that in some cases not everyone has a private office.
However, an outsourced freelance insurance biller must have a private, secure space to work, where interruptions are minimal and wandering eyes can’t access patient data. Not to mention, when billers make phone calls to insurance providers, patients, and colleagues, they need privacy.
Another caveat: your Wi-Fi should always be secured with a password. Billers should not use free Wi-Fi (at a Starbucks or McDonalds, for example), but if they do, then they must use a VPN.
3. Do you have an encryption system?
It’s always about protecting patient data. The HITECH amendment to HIPAA requires that email sent with PHI be sent secure/encrypted. Billers must prove that they have an encryption system before they begin working for you, otherwise your practice will be in violation of HIPAA.
And that could have long-term, and expensive, consequences. One incident could be thousands of dollars. Multiply that by multiple accounts a biller worked on, and you could be looking at a costly mistake.
4. Is your computer password protected?
Everyone has to take breaks during the day. When working from home, it might be tempting to not lock your screen when you go grab a snack from the kitchen. But even during small breaks, a computer must be password protected and locked. Patient data must always be protected.
5. Do you have virus protection?
Nobody thinks their computer will catch a virus. But no one is exempt. Billers must have virus protection on their computer before they start work for your practice. A virus can wreak havoc on your patient billing records as well as compromise secure patient data.
6. How do you manage downloaded material?
To protect patient data and your practice’s financial records, billers should never leave downloaded information—like EOBs, claim information, or any other patient material—on their computer. They must have a process in place for daily removing downloaded documents from their computer and also from their trash bin.
7. How do you manage printed material?
HIPAA requires that all billers shred, burn, pulp, or pulverize PHI records so that PHI is rendered essentially unreadable, indecipherable, and otherwise cannot be reconstructed. Freelance insurance billers must have a system in place for daily disposing of printed patient material.
Your patient’s security is serious. So are the violations.