Why that ma ers ARTICLES / 2016 / AUGUST / BACKPAGE: HIPAA AUDITS ENTER PHASE 2



Similar documents
HMIS Case Management Quick Reference

April (the Next Genera on Model ).

A LERT ADOLESCENT LITERACY: ENGAGING RESEARCH AND TEACHING. Necessary for Some HOW TO HELP STUDENTS WHO STRUGGLE WITH READING THE SITUATION

MFC Best Practice Profile Financial Forecasting: Budget Preparation

THE CEO CHALLENGE Part II. For CEOs Successors and Top Team Candidates

We are the regulator: Our job is to check whether hospitals, care homes and care services are meeting essential standards.

Home Safety for Older Adults:

ABOUT ITIL IT SERVICE MANAGEMENT. Where is ITIL...in the Best Prac ces framework?

Understanding Credit Cards

By Robert Carcano, Senior SVO Counsel

A Short Guide To Metric Nuts and Bolts

Online Training Record

Building Trust and Confidence in Healthcare Information. How TrustNet Helps

What Are The Odds Of a HIPAA Audit?

Understanding the Total Portfolio Approach

San Bernardino County. Director,

Are You Ready for an OCR Audit? Tom Walsh, CISSP Tom Walsh Consulting, LLC Overland Park, KS. What would you do? Session Objectives

We are the regulator: Our job is to check whether hospitals, care homes and care services are meeting essential standards.

We are the regulator: Our job is to check whether hospitals, care homes and care services are meeting essential standards.

Medical Card and GP Visit Card Applica on Form

Feeling the Pressure Yet?

Insurance Newsle er Fall 2015

Houston Department of Health and Human Services

Our Commitment to Information Security

SMB Series. Effective Customer Relationship Management Software for Small to Medium-sized Businesses

Big Money to Bad People

NOTICE OF PRIVACY PRACTICES

HIPAA & Colorado Workers Compensation

Understanding Credit Cards

What are Clinical Trials?

CRM. Customer Relationship Management

DTFP EVIDENCE EXCHANGE NETWORK. 18 Month Report October 2011 to March Drug Treatment Funding Program Ontario Systems Projects

We are the regulator: Our job is to check whether hospitals, care homes and care services are meeting essential standards.

We are the regulator: Our job is to check whether hospitals, care homes and care services are meeting essential standards.

Answers to 13 Common Questions About Completing Your. Function. Report

Equivalent value exchange: Internet2 CRM and Member Sa sfac on

HIPAA Breaches, Security Risk Analysis, and Audits

Op mizing the Ambulatory EHR A Systema c Approach to Realizing Value

HIPAA and Network Security Curriculum

Sole Source Procurements Report Fiscal Year 2013

Texas House Bill 300 & HIPAA. A MainNerve Whitepaper

Result of Medical Negligence

State of Tennessee Strategic Learning Solu ons What We Do Four Areas of Focus for Statewide Learning and Development

Ethics, Privilege, and Practical Issues in Cloud Computing, Privacy, and Data Protection: HIPAA February 13, 2015

Workforce Development

What do you need to know?

Are You Still HIPAA Compliant? Staying Protected in the Wake of the Omnibus Final Rule Click to edit Master title style.

SECURETexas Health Information Privacy & Security Certification Program FAQs

How To Understand And Understand The Benefits Of A Health Insurance Risk Assessment

Bridging the HIPAA/HITECH Compliance Gap

HIPAA Compliance: Efficient Tools to Follow the Rules

Awareness Training for VIM Volunteers and Staff

HIPAA and HITECH Compliance for Cloud Applications

Thomas Nelson Community College

Arizona Physicians Group To Pay $100,000 To Settle HIPAA Charges

Let s Talk About Privacy

Medicare Part D Prescription Drug Information If you have Medicare or will become eligible for Medicare in the next 12 months, Federal law gives you

Employee Benefits

Preparing for the HIPAA Security Rule

HIPAA Omnibus & HITECH Rules: Key Provisions and a Simple Checklist.

Table of Contents. Long Range Financial Plan 28

HIPAA Secure Now! How MSPs Can Profit From Selling HIPAA security services

OCR HIPAA Security Audit Protocol a second look

HIPAA Training for the MDAA Preceptorship Program. Health Insurance Portability and Accountability Act

NEW MEXICO STATE CHAPTER P.E.O. SISTERHOOD

Building a Successful EMR Dress Rehearsal Program:

Easing the Burden of Healthcare Compliance

2016 OCR AUDIT E-BOOK

Transcription:

1 of 5 7/21/2016 9:41 AM Adver sement Home ASCA Home Contact Us ARTICLES / 2016 / AUGUST / BACKPAGE: HIPAA AUDITS ENTER PHASE 2 In March, the US Department of Health & Human Services Office for Civil Rights (OCR) announced the launch of its next phase of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) audits of covered en es and their business associates. Click here for more informa on. Why that ma ers BY ROBERT KURTZ AUGUST 2016 This news should be a wake up call for ASCs and all health care providers covered under HIPAA to take a close look at what they are doing and have in place concerning HIPAA compliance, says Lani Dornfeld, head of law firm Brach Eichler s Palm Beach, Florida, office and a member of the firm s health law prac ce group. If the OCR sees a serious lack of HIPAA compliance when it performs these audits, there will be further scru ny of that provider or business associate outside of the audit process, she says. OCR will separately engage in a compliance review of that par cular organiza on. There have already been quite a number of heavy fines and penal es this year against organiza ons found not to be in compliance with HIPAA, and there are likely more to come.

2 of 5 7/21/2016 9:41 AM If the OCR sees a serious lack of HIPAA compliance when it performs these audits, there will be further scru ny of that provider or business associate outside of the audit process Lani Dornfeld, Brach Eichler On the surface, it might seem like the announcement of Phase 2 of the HIPAA audit program is not significant for ASCs as OCR indicated that these audits are meant to be used as a tool to measure compliance, Dornfeld notes. The audits, however, might ul mately serve to iden fy covered en es, like ASCs, and business associates that are not in compliance with HIPAA. Adver sement What You Need to Do Properly protec ng pa ent privacy and complying with HIPAA can prove challenging. HIPAA is such a complex law with very onerous requirements, Dornfeld says. As a result, compliance in some organiza ons may be lacking. Providers are taking some measures to protect pa ent informa on, but they are not necessarily doing what HIPAA requires, and that can get you into trouble.

3 of 5 7/21/2016 9:41 AM To me, the me, energy and money that will be spent by a provider to deal with the serious consequences of noncompliance will be far more extreme than the cost to put in place and maintain a proper HIPAA compliance program, she says. Some providers believe this cost to be prohibi ve but it will seem like nothing in comparison to OCR penal es. A HIPAA compliance program includes many components. Dornfeld advises ASCs to closely examine the HIPAA Breach No fica on, Privacy, and Security Rules. They should also perform a risk analysis, as mandated under the security rule, to iden fy and address risks and vulnerabili es to electronic medical informa on. You must have the proper people involved in these efforts, which includes privacy officers and security officers, she adds. ASCs also would be wise to provide ongoing HIPAA training, she says. While annual training in a formal way is expected by the government, periodic training throughout the year is cri cal. This can include providing informa on in emails, inter office memos and during discussions at staff mee ngs. This kind of intermi ent, informal training serves to remind staff of its legal obliga ons and help prevent poten al negligent breaches. Sponsored Content SPONSORED CONTENT Place Your Message Here Reach ASCA's members and other readers of ASC Focus magazine by pos ng your content here. For more informa on, contact Chris Schriever at adver sing@ascassocia on.org. More Informa on >

4 of 5 7/21/2016 9:41 AM Sponsored Content INSURANCE New Captive Insurance Company Legislation Provides 'Golden Opportunity' The passing of a new law could help shrewd healthcare professionals save more than $1 million on their taxes, according to Jeff Blankinship, founder of Surgical Cap ve, a new firm focused on developing and administering turnkey Cap ve Insurance Companies for physicians and business owners in the healthcare industry. Read More > Dornfeld says some ASCs might be coming up short in compliance efforts due to a misunderstanding concerning their electronic systems. Just because you are told a system is HIPAA compliant does not mean your ASC is HIPAA compliant. That is a really big misconcep on and leads some providers to believe they do not need to do anything more than use that system. Doing what is necessary to put together a proper HIPAA program is simply the best protec on against incidents and governmental interven ons, she says. It is a preventa ve measure and one every provider must be undertaking. ASC Focus is published by the Ambulatory Surgery Center Associa on, 1012 Cameron Street, Alexandria, VA 22314, phone:

5 of 5 7/21/2016 9:41 AM 703.836.8808, www.ascassocia on.org. Copyright 2016 Ambulatory Surgery Center Associa on and Ambulatory Surgery Founda on. All rights reserved. Powered by Higher Logic

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information