sprkysgirl
New
I worked for a company that contracts out to another company that is a Medicare supplemental insurance company. I was contacted by the person who does the reviews on me and she wanted me to send to her the patient notes for a particular provider, so I asked her for a fax number and she said she didn't have a fax that I could just email them to her. I told her that I couldn't do that because the notes I have are in paper form and the laptop that the company gave me did not allow me to install my scanner, printer, fax, copy machine. She told me to just scan them and send them with my personal email to her company email and if I put in the subject line PHI and the providers name it would encrypt it and she would un-encrypt it on her end. I told her that putting that in the subject line from my personal email does not encrypt it and she said yes it does that is how the other girls send their stuff all the time. I did not do it this way and reported it to the person that takes care of system issues and he said he would forward it to his boss as I was right and if she was doing this then PHI would be compromised. I am no longer employed by this company and need to know if and where I should report this to as being a coder I need to let the proper entity know so please give me any guidance, thanks! Or am I way off base here and should just let it be?