SureMileage provides companies with an easy-to-use mileage tracking software that streamlines every step of the reimbursement process.
SureMobile automates mileage tracking, trip logging, and expense report submission for employees and managers on the go.
SureExpense brings the ease and accessibility of CompanyMileage’s mileage tracking solution to all other T&E expenses.
For Healthcare
For Sales Representative
For Mobile Employees
For Property Management
For Service Industry
Employee Mileage Reimbursement Law Basics
Creating a Compliant Mileage Log for IRS Purposes
What Do Most Companies Pay for Mileage Reimbursement?
Mileage Reimbursement vs Car Allowance: Which is Better for Business?
Dispelling Myths: Is Mileage Reimbursement Subject to Payroll Taxes?
The latest news, resources, ideas and inspiration for organizations.
Success stories from other organizations that have partnered with CompanyMileage.
Common questions we encounter from others considering CompanyMileage.
We discount CompanyMileage products and services for our partners.
We’ve integrated CompanyMileage with 70 accounting and payroll services.
Get our helpful eBook and learn how to craft better mileage reimbursement policy.
Ask us anything or reach out with sales questions. We’re happy to help.
Get access to the latest brochure and resources on Company Mileage.
Last Updated: September 12, 2024
The mobile workforce is an increasingly global one, with one in five employees working remotely in 2023, according to the U.S. Bureau of Labor Statistics. The constantly-growing nature of the mobile workforce is due in part to how many different fields utilize mobile workers, from sales to real estate, but a massive contribution to these numbers is the healthcare field. However, unlike real estate agents and sales reps, home health care workers have legal considerations that should seriously factor into your decision-making when choosing a field employee tracking app.
Maintaining patient privacy is an incredibly crucial element of healthcare work. Whether providers are serving people in a clinic or in the comfort of their patients’ homes, they must remain compliant with HIPAA, or the Health Insurance Portability and Accountability Act. Passed by Congress in August of 1996, HIPAA works to ensure the security of protected health information, or PHI, prohibiting healthcare providers from disclosing PHI without the consent of that patient, or somebody representing them.
HIPAA compliance doesn’t just apply to healthcare entities, though; any business that interacts with PHI at any point must follow the stipulations of HIPAA, even auxiliary applications, software, and, yes – your field employee tracking app. Home healthcare and hospice care services with large numbers of employees in the field often use this kind of technology as an efficient way to automate expense and mileage tracking activities.
However, these kinds of applications invariably touch PHI – even indirectly – through their constant daily use by caseworkers. Because of this, when it comes time to pick employee tracking software to make mileage tracking and reimbursement more accurate and efficient, it’s vital that you ensure your field employee tracking app is able to comply with HIPAA.
One of the primary functions of HIPAA’s implementation was to combat theft and fraud by mandating that the Department of Health and Human Services, or the HHS, create regulations for the use and distribution of health information. These include the Privacy Rule, which addresses how healthcare organizations subject to this rule – also known as Covered Entities – should keep PHI secure while still engaging in the flow of information.
PHI can be more than just someone’s name. The HHS defines PHI as any “individually identifiable health information” about health status, provided health care, or payment for health care. Parts of names, geographic identifiers, dates related to a patient, phone numbers, email addresses, vehicle information, medical record numbers, fax numbers and any other unique characteristics that could be used to identify a patient are considered PHI and protected under HIPAA.
Nearly every organization in the healthcare field is considered a Covered Entity, and must at all times comply with HIPAA requirements including healthcare plans, healthcare providers and endorsed sponsors of Medicare, as well as amendments or legislation related to HIPAA, such as the Health Information Technology for Economic and Clinical Health (HITECH) Act. HIPAA also covers Business Associates, a term which applies to entities that provide third-party services to Covered Entities in which they will encounter PHI. Business Associates can include anything from cloud storage services, IT contractors and billing companies.
When Covered Entities partner with any third party that handles PHI, they are required to enter into a Business Associate Agreement, or BAA. A BAA is a legally binding contract which establishes the partnership between the Covered Entity and the Business Associate, and that the Business Associate will appropriately safeguard PHI. It also establishes that the Business Associate is directly liable under HIPAA rules and regulations.
But what exactly does all of that mean for you? Essentially, any field employee tracking app that records the day-to-day activities and information of somebody in the home healthcare field inevitably stores PHI, whether it’s tracking expenses, trips or other activities. Even if the app doesn’t save explicit patient information like phone numbers or addresses, apps may still contain other bits of data that counts as protected information under the Privacy Rule, likeservice addresses, trip or route information and even notes from patient visits. This means in order for your organization to take advantage of any kind of field employee tracking app to manage the reimbursement process, this app must follow the same standards you do.
Another serious consideration for health care companies wanting to use an app to track field employees is Electronic Visit Verification, or EVV. As of January 1, 2023, all Personal Care Services (PCS) and Home Healthcare Services (HHC) providers must electronically verify all visits, including the time, date, location, and type of service performed. While GPS systems and tracking apps are permitted systems for EVV tracking, all systems used to gather EVV information must be HIPAA-compliant.
Failing to comply with HIPAA regulations can have serious consequences for any Covered Entities or Business Associates. Should there be a breach of PHI, fines, criminal charges and civil action lawsuits could be filed. Being ignorant of HIPAA regulations is not a justifiable defense, either. It’s your responsibility to be aware of and follow all technical, physical and administrative safeguards or, explain why you haven’t. The apps your mobile field employees use could potentially be a weak spot as far as HIPAA compliance is considered.
So, what do you need to look for in the field employee tracking app your mobile caregivers and caseworkers will be using? You need to make sure confidential information is being safeguarded per the HIPAA Security Rule, which dictates the standards for protecting electronically stored PHI. This rule requires safeguards in three areas: technical standards, physical standards and administrative standards.
These safeguards concern the technology used to protect and access PHI. First and foremost, data needs to be encrypted at NIST standards. This ensures that if any data is breached, it will be unusable. Any applications that encounter PHI must also include safeguards that will control access, such as secure logins and PINs, ensuring that only authorized people will be able to access protected information. The Covered Entity or Business Associate in question must also be able to track activity around PHI, to determine who has accessed data and how that information was used. Additionally, electronic PHI must not be improperly altered or destroyed.
HHS rules for physical safeguards focus on access to PHI, whether it’s located in a virtual location such as cloud storage or on physical servers. Entities storing PHI must limit access to those facilities, while still allowing access to authorized individuals.
Physical safeguard regulations also address the security of workstations, personal computers and mobile devices, with policies monitoring the transfer, disposal and use of these devices to protect PHI. Internal firewalls must also be maintained and regularly monitored to prevent data breaches.
Administrative safeguards for PHI constitute the collection of all the policies and procedures in place to ensure the privacy and security of patient information. Organizations must ensure that any software they use has the appropriate guidelines in place ensuring HIPAA compliance. Proper administrative safeguards may include regular risk assessments, employee training on security protocols including strong password practices, and restriction of unauthorized third-party subcontractors.
Security and efficiency don’t need to be mutually exclusive to the workings of your organization. SureMileage from CompanyMileage is a secure field employee tracking app designed to automate everything from trip planning to mileage tracking to expense reporting processes for your mobile workforce.
Our SureMobile app makes it simple for HHC workers to track mileage and submit expense reimbursement reports, all while meeting or exceeding standards set by HIPAA and its accompanying regulations. Our suite of software solutions also records the information necessary for EVV tracking compliance, so that your workers can remain compliant without taking too much time away from their busy workdays.
Our three-tiered approach to security ensures that all collected data is secure and protected at all times. CompanyMileage meets the highest encryption standards while data is in transit and at rest, and we have robust access controls to protect the integrity of user accounts. Our facilities and servers are securely maintained and monitored 24/7, and we have firewalls in place to prevent unauthorized access to the system. To guarantee our clients’ privacy, our library of policies and procedures safeguard against unauthorized disclosures and breaches of confidential information.
Automating mileage reimbursement doesn’t have to come at the risk of patient privacy. With CompanyMileage’s secure, intuitive, efficient answer to mileage reimbursement,you can safely address the inefficiencies in your internal processes. Schedule a demo with us today, and learn more about the benefits SureMileage has in store for you.
Written by The CompanyMileage Team
Marketing
CompanyMileage helps hundreds of organizations across multiple industries effectively manage the cost of reimbursing employee mileage expenses through it's mileage and expense management software solutions.
Share this blog
Determine an estimated mileage rate based on gas prices in your area.
Figures are based on an internal analysis by CompanyMileage.
Find out how CompanyMileage can save you 25% on mileage reimbursement costs
Ready to see what CompanyMileage can do for your bottom line? Learn how using an accurate, efficient, and simple mileage reimbursement software can translate to over $1,000 in annual savings per mobile employee!
There’s a reason why hundreds of organizations prefer using CompanyMileage to track over 500 million miles a year, submit expenses, and process reimbursements. Discover how easy the process can be with the right tools.
On average, our clients experience a tenfold return on investment with CompanyMileage. Don't miss out on these savings – reach out to us today and see how much you could save!
