Still not convinced a HIPAA Risk Analysis is not optional? Here are a couple of historical headlines: Oregon Health & Science University (OHSU) has agreed to settle potential violations of…
Is this a HIPAA Privacy Violation? 5 Questions from the Workplace
Is this a HIPAA privacy violation? Not too surprisingly, the questions never end! In just over three months in 2018, we have received over 12 specific questions about HIPAA privacy. …
OIG Work Plan FY 2018-2019 and Monthly Updates
The OIG advertised that they have published its OIG Work Plan for FY 2018-2019, a 2-year frame-work for the audits, inspections, evaluations, and investigative activities planned in support of OIG’s…
MIPS, are you ready? The Merit-based Incentive Payment System.
As mentioned in a previous blog, MACRA combines parts of the Physician Quality Reporting System (PQRS), Value-based Payment Modifier (VBM), and the Medicare Electronic Health Record (EHR) incentive program into…
Crisis Communication and Social Media in Healthcare
Allen Gingsburg once said that whoever controls the media, the images, controls the culture. Healthcare related crisis communication and social media are intensely connected! Take a deep breath to comprehend…
Stark Regulations for Physicians New and Old
CMS made several changes to the Stark regulations for physicians in 2016, including some useful clarifications. Now there are some court decisions which further clarify the expectations of the Stark…
HIPAA Compliance Checklist and Employee Sanctions
A HIPAA compliance checklist is the tool to turn to when imposing sanctions on employees for HIPAA privacy breaches. It may feel like a never-ending and thankless task, but consider…
HIPAA Compliance for Dental Offices
HIPAA Compliance for Dental Offices now stand in parallel with medical organizations in terms of having access to Protected Health Information (PHI). Meaning they must adhere to the same level…
Acquisition of Physician Practices – Legal Observation
Acquisition of physician practices are on the rise! Hospitals acquired 31,000 physician practices across every region of the country between 2012-2015 making the number of employed physicians increase from 95,000…
How to Start a Medical Practice – it’s a business, too!
How to start a medical practice . . . . When I was being interviewed for an article about billing and accounts receivable recently for Dermatology World magazine, I was…
HIPAA Violation and Hospital Employee viewing PHI
HIPAA Violation rocks hospital! An employee at St. Charles Health system accessed over 2400 patients’ medical records over a two-year period because they were curious. We all know that curiosity…
Medical Device Cybersecurity – 4 Steps to Take.
As if the headlines today are not scary enough, now we have to be worried – very worried, it seems – about medical device cybersecurity! Reports of hacking and other…
Employee Medical Records in the EHR Environment
As more and more hospitals and medical practices adopt electronic health records (90% by end of 2017) , these organizations must grapple with how HIPAA Privacy and Security rules apply…
Outsourcing Compliance in Healthcare – 5 point checklist
Outsourcing Compliance, especially in a small hospital setting, may be the best way to be in compliance with required regulations and apply limited resources. Why do many healthcare organizations still…
EHR Replacement and Selection – 4 must answer questions
EHR replacement is one of the most important decisions you make in a medical practice. There is a reason you are considering a switch to a new electronic health records…
HIPAA Policy Requirements
Have you ever heard the saying “the job is not complete until the paperwork is done?” Covered Entities and Business Associates should be cognizant of the importance of finalizing and…
Medical Office Floor Plans – 11 essential questions
Medical office floor plans require a lot more consideration, research, planning, and soul searching than one might think. I have been part of starting a medical practice, done that so…
What is MACRA?
The roll out of MACRA (Medicare Access and CHIP Re-authorization Act) is expected to proceed, regardless of changes in the Affordable Care Act. MACRA is part of a broader push…
ACO Compliance – Unique and Different!
ACO Compliance include requirements specific to the nature and operations of an ACO. It is somewhat different than a “traditional” healthcare provider, be it a Covered Entity or a Business…
Corporate Integrity Agreement – time to select or replace your IRO
Is your IRO interfering with your obligations under your Corporate Integrity Agreement? One of the important choices healthcare organizations who are subject to a Corporate Integrity Agreement must make, is…