Eight years after the last revision, the Office of Inspector General (OIG) of the Health and Human Services Department has updated the OIG Self-disclosure Protocol. The update was issued on…
Category: HIPAA & Compliance
HIPAA Physical Safeguards: Security Rule Implementation
HIPAA’s Security Rule requires that there be measures, policies, and procedures in place that address a covered entity or business associate’s efforts to secure electronic protected health information (ePHI). It…
HIPAA Wall of Shame: no hiding from the public facts
The HIPAA Wall of Shame is a highly visible reminder that data breaches involving protected health information are real, and can have serious consequences for all involved. You can learn…
Anti-Kickback Law in Healthcare – a comprehensive look
The U.S. Federal Anti-Kickback Statute (AKS) is the governing law that prohibits any person or entity from knowingly and willfully offering, paying, or soliciting any type of remuneration for referrals….
Ransomware and HIPAA: trends and what to do
Ransomware attacks in the healthcare industry have become increasingly common in recent years, threatening patient care, disrupting daily operations, and possibly compromising protected health information (PHI). Under HIPAA rules, organizations…
What is the False Claims Act in Healthcare?
What is the relationship between the healthcare industry and the False Claims Act? Turns out, it is pretty intimate! In this Article … The False Claims Act – some background…
A Proposed HIPAA Rule Change for 2023
A proposed HIPAA Rule change for 2023 was an early Christmas gift from the Health and Human Services Department (HHS)! On December 21, 2022, HHS released a proposed rule covering…
Is Zoom HIPAA Compliant?
The Health Insurance Portability and Accountability Act (HIPAA) is the federal law that required the creation of national standards to protect sensitive patient health information. And the question “Is Zoom…
Mastering the OIG Exclusion List
In this Article … What is the OIG Exclusion list? Who is on the OIG Exclusion list? What does it mean if an employee is on the OIG Exclusion List?…
What Methods are Acceptable for Destruction of PHI?
The Health Insurance Portability and Accountability Act (HIPAA) sets strict standards for the destruction of protected health information (PHI). PHI is any patient health information that can be used to…
Understanding the Penalties for HIPAA Non-Compliance
HIPAA violation penalties can be severe, and both healthcare providers and business associates need to be aware of the risks that come with violating HIPAA Rules. This article provides the…
Critical Access Hospital Compliance Plan
Is there anything particularly special about a Critical Access Hospital Compliance Plan? Not really; the same Office of Inspector General Guidance for Hospital Compliance Plans applies to critical access hospitals…
Hospital Compliance Program – Board Concerns
Hospitals commonly have a Hospital Compliance Program. Members of the Board of Directors read about problems or actual misconduct at other institutions. They want to know what the CEO is…
What is a Corporate Integrity Agreement?
It seems these days the Office of Inspector General (OIG) of the Health and Human Services (HHS) Department is always busy with settlements or enforcements with healthcare providers. When the…
HIPAA Privacy Rules – Scope and Protection
In 2023 we will observe the twentieth anniversary of the publication of the HIPAA Privacy Rules. The HIPAA Privacy Rule, just like the HIPAA Security Rule, and the Breach Notification Rule,…
Risk Assessment for a Breach of PHI
Conducting a Risk Assessment for a Breach of Protected Health Information (PHI) is a critical step for healthcare organizations under HIPAA regulations. Prompted by any unauthorized disclosure of PHI, this…
The Hospital Compliance Officer: what you need to know
This year has not resulted in a slowdown in the need for a competent Hospital Compliance Officer. In fact, if anything, it has increased the demand for such a person…
Healthcare Compliance Program Policies and Procedures
Healthcare compliance program policies and procedures – that is the subject your boss has just asked you about. You realize while you have heard about this topic, you aren’t really…
Is Office 365 HIPAA Compliant? (a Comprehensive Guide)
Is Office 365 HIPAA compliant? This is a crucial question given the widespread usage of this suite of applications. Created by Microsoft, Office 365 encompasses various tools crucial to the…
HIPAA Encryption – Required or Not?
Does HIPAA require encryption? Well … encryption is not yet required to be HIPAA-compliant, but it is recommended. You must ensure that your ePHI (electronic Protected Health Information) is protected…