The Health Insurance Portability and Accountability Act (HIPAA) requires all healthcare providers that deal with Protected Health Information (PHI) to do so in a safe and secure manner. This means that all medical documents, confidential paperwork, vials of blood, and any other works pertaining to healthcare must be shipped with a HIPAA-compliant courier.
What is HIPAA compliance?
HIPAA was passed by Congress in 1996 and aims to protect the privacy of patients’ medical information. The law applies to healthcare providers, health plan sponsors, and healthcare clearinghouses.
The law was introduced as an amendment to the Internal Revenue Code of 1986 and was created to ensure that health insurance coverage is secure, even if you change jobs or lose your job. Any business entity that works with medical information is required to comply with HIPAA’s privacy rules and security standards.
These rules are meant to provide safeguards that ensure your security practices are protecting individually identifiable health information (IIHI) also known as PHI. You can find detailed information breaking down these rules in more detail in the links above, here let’s talk about shipping with medical couriers.
There are many requirements that must be met in order for a medical courier to remain HIPAA compliant.
What is a Medical Courier?
To be considered a medical courier, companies are required to have HIPAA-compliant policies and procedures in place for their employees. They must also have technology in place that allows them to track shipments from start to finish and keep PHI secure.
Medical couriers also receive special training in medical terminology and HIPAA regulations. This ensures that they understand how to correctly handle sensitive material, as well as communicate efficiently with other medical professionals.
Before hiring a medical courier, it’s important to ask them about their HIPAA compliance policies.
For example, at Dropoff, our highly-trained couriers go through a seven-day vetting process before they can wear the Dropoff uniform – including written tests, in-person interviews, ride-a-longs, and multiple background checks. All medical couriers are also required to get and maintain their HIPAA certification and medical courier certification.
What are the risks of failed HIPAA compliance?
If you fail to maintain HIPAA compliance, you could be facing a range of costly penalties.
The Department of Health and Human Services’ Office for Civil Rights enforces HIPAA compliance by issuing civil penalties for HIPAA violations.
These civil penalties can result in fees anywhere between $100-$50,000 per violation. Since each violation is processed separately, it can be very costly for your business if regulations aren’t followed.
On top of this, violations that we’re determined as willful will have greater repercussions.
Criminal penalties can result in fees anywhere between $50,000-$250,000 per violation as well as 1-10 years in jail time. These penalties are no joke, and that’s why you need to be sure that you are working with a medical courier that handles the process top to bottom.
Things to know when transporting medical materials and samples
When you transport physical documents, such as paper medical records, all of the information needs to be protected at all times. You should have clear oversight of the chain of custody that that information is passed through so you know exactly who had access along the way.
The names or other identifying information on these records should be covered up before they leave your location. Additionally, keep any records in packages or wrapped in some way so no one can see them when they’re being transported.
If you’re transporting electronic data, you must use encryption tools to protect the data while it’s being transferred from one place to another. This includes any electronic records or requests.
Don’t stress about compliance, choose a courier that gets it right every time.
Who can be a medical courier?
Anyone with a valid driver’s license and clean driving record is eligible to become a medical courier.
It doesn’t matter what industry you work in or how old you are, as long as you meet the medical courier requirements, you can acquire the other necessary training and medical courier certifications through Dropoff’s thorough onboarding & training process.
Medical couriers are responsible for picking up and dropping off packages that contain PHI, or personal health information. They are trained to understand HIPAA compliance policies, as well as how to maintain the confidentiality of patient data.
Interested in working as a medical courier? At Dropoff we’re always hiring capable drivers, view our open positions.
HIPAA compliance checklist for couriers
When transporting medical information, it’s important that you use the correct type of physical or electronic storage.
For example, package your PHI in an opaque envelope before placing it into a secure file back. This will ensure that no one can see any identifying data when they’re out in the open. It only takes one glimpse for someone to identify patient records.
Most couriers are already familiar with the risks of transporting PHI. However, these risks can increase depending on how you transport the information.
Steps to take when transporting clinical samples:
- Confirm the mode of transport and shipment contents with your medical courier. For example, if you are shipping a blood sample for drug testing, you should confirm that it will be tested at one specific location.
- Clear the bags before the courier arrives to pack them.
- Be sure labels are clear and legible. Shipments destined for another country should include English language translations of any pertinent information, such as possible infectious disease risks involved with certain samples. When considering international shipping, be aware that different countries have different requirements for lab testing or diagnostic results.
- Remember that a courier cannot assume responsibility for any samples that are lost or damaged during shipment.
- Note the time and date of shipments, including arrival times at each location.
- Be sure to fill out all required chain of custody forms once your sample arrives at its destination. Laboratory, healthcare provider, or employer officials may need to provide information about the patient for which a sample is being collected.
- Ship samples to the appropriate facility. For example, you should send clinical specimens to labs that are authorized to ensure their safe handling and storage before testing. Clinical documentation should be stored under controlled access conditions away from X-ray machines or magnetic fields.
- Ensure that your courier is shipping your samples to the correct facility by verifying the address and name of the receiving institution before finalizing a shipment. For example, if sending a blood sample for drug testing, be sure it does not need to go to a particular lab’s satellite office or other locations in addition to its main site.
- Always check if your shipment requires a specific temperature to be maintained throughout transport. Often medical shipments vary greatly in their temperature needs, so make sure your medical courier is equipped with the right temperature-controlled containers or vehicles necessary to make a successful delivery.
Steps to take when handling clinical samples:
- Handle clinical samples with care. Follow all directions for HIPAA-compliant shipping on the outer package and label, including proper storage conditions at room temperature or in a refrigerator.
- Confirm that the contents of your shipment are accurate before sealing the container.
- Do not ship blood products unless you’ve separated them from plasma or serum.
- Never ship specimens to a private residence without the specific consent of the individual who provided the sample. This is especially important when shipping samples for drug testing or other types of illicit substance abuse screening.
- Report any concerns about mishandled clinical samples immediately to your medical courier service provider and appropriate regulatory bodies, such as the Food and Drug Administration, in your country.
Check also: How to start same-day delivery in your medical lab.
After reading this article, hopefully, you have a better understanding of how to ship with medical couriers and stay HIPAA compliant. As well as the ability to protect your patient’s information and follow HIPAA-compliant shipping guidelines to avoid any delays or penalties.
To find a medical courier with a track record of success, talk with one of our industry experts.