As many organizations have found out the hard way, there is an important relationship between HIPAA compliance policy and your Electronic Medical Records (EHR). Consider these recent headlines: 100 million…
Category: HIPAA & Compliance
HIPAA Requirements – and how to be in compliance
Many articles and blog posts mention HIPAA compliance, but what are HIPAA requirements, and what do you have to do to be compliant? What is the security rule? The privacy…
Outsourced Chief Compliance Officer for Hospitals
For many healthcare organizations, especially smaller or rural hospitals, resources are scarce. Outsourcing can often be beneficial for hospitals. An effective approach in this situation is to outsource the management…
Why Healthcare Organizations need a HIPAA GAP Analysis
A HIPAA gap analysis, according to the U.S. Department of Health and Human Services (HHS) is “typically a narrowed examination of a covered entity or business associate’s enterprise to assess…
Effective Corporate Compliance Program Checklist
An effective Corporate Compliance Program in healthcare is a critical necessity! Corporate compliance professionals spend a lot of their time assessing the performance of other people in their hospital or…
A Comprehensive HIPAA Risk Analysis in 7 Steps
Still not convinced a HIPAA Risk Analysis is not optional? Here are a couple of historical headlines: Oregon Health & Science University (OHSU) has agreed to settle potential violations of…
Is this a HIPAA Privacy Violation? 5 Questions from the Workplace
Is this a HIPAA privacy violation? Not too surprisingly, the questions never end! In just over three months in 2018, we have received over 12 specific questions about HIPAA privacy. …
OIG Work Plan FY 2018-2019 and Monthly Updates
The OIG advertised that they have published its OIG Work Plan for FY 2018-2019, a 2-year frame-work for the audits, inspections, evaluations, and investigative activities planned in support of OIG’s…
Crisis Communication and Social Media in Healthcare
Allen Gingsburg once said that whoever controls the media, the images, controls the culture. Healthcare related crisis communication and social media are intensely connected! Take a deep breath to comprehend…
Stark Regulations for Physicians New and Old
CMS made several changes to the Stark regulations for physicians in 2016, including some useful clarifications. Now there are some court decisions which further clarify the expectations of the Stark…
HIPAA Compliance Checklist and Employee Sanctions
A HIPAA compliance checklist is the tool to turn to when imposing sanctions on employees for HIPAA privacy breaches. It may feel like a never-ending and thankless task, but consider…
HIPAA Compliance for Dental Offices
HIPAA Compliance for Dental Offices now stand in parallel with medical organizations in terms of having access to Protected Health Information (PHI). Meaning they must adhere to the same level…
Acquisition of Physician Practices – Legal Observation
Acquisition of physician practices are on the rise! Hospitals acquired 31,000 physician practices across every region of the country between 2012-2015 making the number of employed physicians increase from 95,000…
HIPAA Violation and Hospital Employee viewing PHI
HIPAA Violation rocks hospital! An employee at St. Charles Health system accessed over 2400 patients’ medical records over a two-year period because they were curious. We all know that curiosity…
Medical Device Cybersecurity – 4 Steps to Take.
As if the headlines today are not scary enough, now we have to be worried – very worried, it seems – about medical device cybersecurity! Reports of hacking and other…
Employee Medical Records in the EHR Environment
As more and more hospitals and medical practices adopt electronic health records (90% by end of 2017) , these organizations must grapple with how HIPAA Privacy and Security rules apply…
Outsourcing Compliance in Healthcare – 5 point checklist
Outsourcing Compliance, especially in a small hospital setting, may be the best way to be in compliance with required regulations and apply limited resources. Why do many healthcare organizations still…
HIPAA Policy Requirements
Have you ever heard the saying “the job is not complete until the paperwork is done?” Covered Entities and Business Associates should be cognizant of the importance of finalizing and…
ACO Compliance – Unique and Different!
ACO Compliance include requirements specific to the nature and operations of an ACO. It is somewhat different than a “traditional” healthcare provider, be it a Covered Entity or a Business…
Corporate Integrity Agreement – time to select or replace your IRO
Is your IRO interfering with your obligations under your Corporate Integrity Agreement? One of the important choices healthcare organizations who are subject to a Corporate Integrity Agreement must make, is…
