Start Your FREE Membership NOW
 Discover Proven Ways to Be a Better Medical Office Manager
 Get Our Daily eNewsletter, MOMAlert, and MUCH MORE
 Absolutely NO Risk or Obligation on Your Part -- It's FREE!
EMAIL ADDRESS

Upgrade to Premium Membership NOW for Just $90!
Get 3 Months of Full Premium Membership Access
Includes Our Monthly Newsletter, Office Toolbox, Policy Center, and Archives
Plus, You Get FREE Webinars, and MUCH MORE!
You are here: Home / Archives for topics / HIPAA
COMPLIANCE

5 ways your medical office can violate HIPAA

May 10, 2022 by

The HIPAA Privacy Act is a federal law that was established in 1996 to set provisions and standards for the protection of personal health information. The rule puts limits and conditions on the use and disclosure of patient medical information. It also gives patients the right to obtain a copy, examine, and request corrections to their records. Though most medical practices are very careful to keep their patients’ private health information secure, violations of this act can be costly with penalties ranging from $100 to 1.5 million per incident. Regular and ongoing compliance training for all employees is one of the easiest ways to prevent the improper use of PHI and reduce the risk of a violation. Below are a few common HIPAA violations and steps that can be taken… . . . read more.

TAGGED WITH: , ,
MANAGING THE OFFICE

7 ways to cut costs with a greener office

April 18, 2022 by

By Daryll Esposito The well-being of our planet is a universal concern, but it’s not always front-of-mind when we’re busy at work. The good news is that making greener choices at the office is not only better for the environment, it’s better for your budget too. With Earth Day this week on April 22, it’s time to look at some environmentally friendly improvements. Some common repurposing and recycling advice is not appropriate for a medical office, where confidentiality requires paper to be properly shredded for safe disposal. Infection control requires single-use items, often made of non-biogradeable plastic, and the pandemic has only increased the need for these disposable items. On the other hand, the move to electronic health records greatly reduces paper use. 7 simple, sustainable and cost-saving steps that… . . . read more.

TAGGED WITH: , , , ,
ADVICE FROM THE WHITE HOUSE

Is your medical office vulnerable to Russian cyberattacks?

March 28, 2022 by

The White House is urging businesses to review and improve cybersecurity because of a heightened risk of cyber attacks from Russia. A statement from the Biden-Harris Administration advises businesses to take the following steps: Mandate the use of multi-factor authentication on your systems to make it harder for attackers to get onto your system; Deploy modern security tools on your computers and devices to continuously look for and mitigate threats; Check with your cybersecurity professionals to make sure that your systems are patched and protected against all known vulnerabilities, and change passwords across your networks so that previously stolen credentials are useless to malicious actors; Back up your data and ensure you have offline backups beyond the reach of malicious actors; Run exercises and drill your emergency plans so that… . . . read more.

TAGGED WITH: , , ,
TECHNOLOGY

Clocked out or connected: What you need to know about after-hours group chats

March 8, 2022 by

By Paul Edwards “Quick question…” Those two words have become increasingly popular as our near-constant attachment to communication devices blurs the line between work and personal time. Whether by phone, laptop, or tablet—via Slack, WhatsApp, or Google Chat—it’s easier than ever for teams to stay in contact after the workday is done. But employers need to be cautious about how they approach group conversations outside of the workplace. Not only will you need to ensure that your employees are clear on the standards for professional conduct within a group chat or text, but whether or not you have to pay employees for the time they spend messaging will depend on several factors, including the content of the messages, how much time is spent messaging, and whether the employees are classified… . . . read more.

TAGGED WITH: , , , , , , ,
CYBERSECURITY

New safeguards and fines follow data breach investigations in New Jersey

March 4, 2022 by

Two cases of exposing patient personal information occurred in New Jersey but serve as warnings to all healthcare providers. The state’s Division of Consumer Affairs has reached a settlement with three New Jersey-based providers of cancer care that the State alleges failed to adequately safeguard patient data, exposing the personal and protected health information of 105,200 consumers, including 80,333 New Jersey residents. Under the terms of the settlement, Regional Cancer Care Associates LLC, RCCA MSO LLC, and RCCA MD LLC (collectively, “RCCA”)—all headquartered in Hackensack, but with 30 locations throughout New Jersey, Connecticut and Maryland—have agreed to pay $425,000 and adopt additional privacy and security measures to safeguard individuals’ protected health information and personal information to resolve the State’s investigation into alleged violations of the New Jersey Consumer Fraud Act… . . . read more.

TAGGED WITH: , ,
HIPAA

5 more HIPAA patient rights violations: strategies for avoiding fines

February 10, 2022 by

By Danika Brinda In September of 2019, the Office of Civil Rights (OCR) of the Department of Health and Human Services settled the first HIPAA Fine and Corrective Action Plan for $85,000. Fast forward a little over 2 years to late last year  the OCR assigned five more fines and corrective actions plans for non-compliance with Patient Access, now totaling 25 covered entities with settlements with fines. This is a wake-up call for the entire healthcare industry regardless of specialty that having a defined process in place to respond to a patient’s request for information is a must. HIPAA is very clear in the regulations regarding patient access. The main components of the Patient Access Regulation are that:  Patients have a right to inspect and get a copy of their… . . . read more.

TAGGED WITH: ,
COMPLIANCE

5 things to do before a HIPPA audit happens to your medical office

January 10, 2022 by

By Jordan MacAvoy The Health Insurance Portability and Accountability Act (HIPAA) was introduced to safeguard sensitive patient data. As expected, a good number of covered entities and business associates are yet to implement the safeguards fully. Most of these healthcare providers, business associates, and organizations that are struggling to implement the compliance guidelines, think that they might not be audited. It might not happen today, but eventually, the Office of Civil Rights (OCR) will get to you. Since you’ve no idea when the OCR will decide to audit your business, the best decision is to prepare for the audit. When the OCR decides to audit your business, they’ll send you an email, and you’ll have 10 business days to compile and provide the relevant documents. Here is how you do… . . . read more.

TAGGED WITH: ,
COMPLIANCE

Fraud recoveries grow as feds target telemedicine and COVID-19 add-on test scams

August 8, 2021 by

Despite the COVID-19 pandemic and continued sequestration of enforcement funds, the federal Health Care Fraud and Abuse Control Program (Program) reversed recent trends and recovered more money in FY 2020 than it had the year before. In fact, recoveries for the year reached nearly $3.1 billion, the highest return since 2016. Here’s a briefing for medical office managers on the July 14 OIG report and what it says about the current state of federal health care fraud enforcement. ROI increases for second year in a row The Program was created as part of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) under the joint direction of the Attorney General and HHS Secretary, acting through the OIG, to coordinate federal, state and local law health care fraud and abuse… . . . read more.

TAGGED WITH: , ,
CYBERSECURITY

Healthcare data breaches hit a new high in first half of 2021

August 8, 2021 by

While healthcare data breaches have become an all-too-common occurrence, the problem seems to be getting worse. According to the HHS’ Office for Civil Rights (OCR), there have already been 360 federally reported data breaches involving health information in the first half of 2021, the highest total for the first six months of a year since the government began tracking this data over a decade ago. Protected health information of nearly 23 million patients have been exposed as a result of this breach-fest. By comparison, there were 270 reported breaches involving 8 million patients in all of 2020. The breaches are getting bigger  The OCR tracks breaches across all industries. But, as in past years, healthcare was the number one culprit in the first half of 2021, accounting for 162, or… . . . read more.

TAGGED WITH: , ,
HIPAA

Could your organization’s website reveal your HIPAA non-compliance?

July 8, 2021 by

By Danika Brinda Did you know that your organization’s website can reveal to the world that you are out of compliance with HIPAA? A quick look at your organization’s website could reveal to a HIPAA auditor that your organization is struggling with HIPAA compliance. Wondering what I am referring to? The Notice of Privacy Practices! The regulations state that your organization must ensure that the most current version of your Notice of Privacy Practices is posted on the organization’s website (if one exists). Here is the specific language of the regulations: CFR 164.520(c)(3)(i) – A covered entity that maintains a website that provides information about the covered entity’s customer services or benefits must prominently post its notice (of privacy practices) on their website and make the notice available electronically through their website. Go… . . . read more.

TAGGED WITH: , ,

(-0)