Price Transparency – it’s something we expect in almost everything else we consider purchasing, right? So why shouldn’t we expect hospital price transparency as well? That is undoubtedly what members…
Category: HIPAA & Compliance
Code of Conduct for Healthcare – 18 things to include
Many healthcare organizations of any size have a Code of Conduct. These codes are designed to demonstrate the organization’s dedication to ethical behavior and compliance with the healthcare services organization’s…
When can the OCR Audit You?
If you are wondering just when can the OCR audit your covered entity or business associate organization, you may conclude “any time it darn well wants to”. Well, that’s an…
Changes in the OIG Self-Disclosure Protocol
Eight years after the last revision, the Office of Inspector General (OIG) of the Health and Human Services Department has updated the OIG Self-disclosure Protocol. The update was issued on…
HIPAA Physical Safeguards: Security Rule Implementation
HIPAA’s Security Rule requires that there be measures, policies, and procedures in place that address a covered entity or business associate’s efforts to secure electronic protected health information (ePHI). It…
HIPAA Wall of Shame: no hiding from the public facts
The HIPAA Wall of Shame is a highly visible reminder that data breaches involving protected health information are real, and can have serious consequences for all involved. You can learn…
Anti-Kickback Law in Healthcare – a comprehensive look
The U.S. Federal Anti-Kickback Statute (AKS) is the governing law that prohibits any person or entity from knowingly and willfully offering, paying, or soliciting any type of remuneration for referrals….
Ransomware and HIPAA: trends and what to do
Ransomware attacks in the healthcare industry have become increasingly common in recent years, threatening patient care, disrupting daily operations, and possibly compromising protected health information (PHI). Under HIPAA rules, organizations…
What is the False Claims Act in Healthcare?
What is the relationship between the healthcare industry and the False Claims Act? Turns out, it is pretty intimate! In this Article … The False Claims Act – some background…
A Proposed HIPAA Rule Change for 2023
A proposed HIPAA Rule change for 2023 was an early Christmas gift from the Health and Human Services Department (HHS)! On December 21, 2022, HHS released a proposed rule covering…
Is Zoom HIPAA Compliant?
The Health Insurance Portability and Accountability Act (HIPAA) is the federal law that required the creation of national standards to protect sensitive patient health information. And the question “Is Zoom…
Mastering the OIG Exclusion List
In this Article … What is the OIG Exclusion list? Who is on the OIG Exclusion list? What does it mean if an employee is on the OIG Exclusion List?…
What Methods are Acceptable for Destruction of PHI?
The Health Insurance Portability and Accountability Act (HIPAA) sets strict standards for the destruction of protected health information (PHI). PHI is any patient health information that can be used to…
Understanding the Penalties for HIPAA Non-Compliance
Penalties for HIPAA non-compliance can be severe, and both healthcare providers and business associates need to be aware of the risks that come with violating HIPAA Rules. This article provides…
Critical Access Hospital Compliance Plan
Is there anything particularly special about a Critical Access Hospital Compliance Plan? Not really; the same Office of Inspector General Guidance for Hospital Compliance Plans applies to critical access hospitals…
Hospital Compliance Program – Board Concerns
Hospitals commonly have a Hospital Compliance Program. Members of the Board of Directors read about problems or actual misconduct at other institutions. They want to know what the CEO is…
What is a Corporate Integrity Agreement?
It seems these days the Office of Inspector General (OIG) of the Health and Human Services (HHS) Department is always busy with settlements or enforcements with healthcare providers. When the…
HIPAA Privacy Rules – Scope and Protection
In 2023 we will observe the twentieth anniversary of the publication of the HIPAA Privacy Rules. The HIPAA Privacy Rule, just like the HIPAA Security Rule, and the Breach Notification Rule,…
Risk Assessment for a Breach of PHI
When should you do a risk assessment for a breach of PHI? The short answer is any time you have a confirmed unauthorized disclosure of protected health information (PHI). The…
The Hospital Compliance Officer: what you need to know
This year has not resulted in a slowdown in the need for a competent Hospital Compliance Officer. In fact, if anything, it has increased the demand for such a person…