One reader questioned whether reporting CQMs using the Physician Quality Reporting System and reporting patient level data in the Quality Reporting Data Architecture (QRDA) format would require sending protected health information to CMS in violation of the HIPAA Privacy Rule. The QRDA format does require some identifying information. However, Paula Stannard, a health care … [Read more...] about CQM reporting and HIPAA
HIPAA
How the new OIG 2014 Work Plan affects your medical office
The OIG, Office of Inspector General, oversees Medicare and Medicaid enforcement and highlights areas of focus in its enforcement efforts in a Work Plan. The 2014 Work Plan was released at the end of January and contains some items of note for medical practices. Some items are new and others have been on the OIG Work Plan in prior years and are a continuing project. The … [Read more...] about How the new OIG 2014 Work Plan affects your medical office
Model Tool: Links for more on Office of the Investigator General Workplan
Why you need this list of links: The OIG, Office of Inspector General, oversees Medicare and Medicaid enforcement and highlights areas of focus in its enforcement efforts in a Workplan. The 2014 Workplan was released at the end of January and contains some items of note for medical practices. How this list of links helps you: Some items are new and others have been on the OIG … [Read more...] about Model Tool: Links for more on Office of the Investigator General Workplan
Government issues NEW resources to help ensure safety of electronic health records
Continuing to encourage the use of electronic health records, on January 15, 2014, HHS issued new resources to help providers address Electronic Health Record safety. HHS’s Office of the National Coordinator for Health Information Technology (ONC) issued the Safety Assurance Factors for EHR Resilience (SAFER) Guides. These SAFER Guides are tools such as checklists and … [Read more...] about Government issues NEW resources to help ensure safety of electronic health records
HIPAA resources and guidance
Complying with HIPAA’s privacy and security requirements can be complex and overwhelming. But the Department of Health and Human Services does provide some helpful guidance. Here’s a list of resources we found that might help you understand what’s required and plan your security programs: 1. HHS Security Rule … [Read more...] about HIPAA resources and guidance
Model Policy: HIPAA notice of privacy practices
Why you need this policy: HIPAA requires medical practices to prepare and post a Notice of Privacy Practice (NPP) notifying patients of their rights to their own personal health information (PHI) and how the practice uses and discloses the PHI it collects from patients. The NPP is as old as the HIPAA law itself; but recent changes (contained in a law called the HITECH … [Read more...] about Model Policy: HIPAA notice of privacy practices
Are your business associate agreements up to date with the latest HIPAA requirements?
The Omnibus Final rule implementing HITECH made some changes affecting Business Associate (BA) agreements. While Sept. 23 was the compliance deadline for most obligations under the Final Rule, some agreements enjoy a grace period and may not need to be updated until September 2014. But you should take the opportunity now to make sure you haven’t overlooked any issues concerning … [Read more...] about Are your business associate agreements up to date with the latest HIPAA requirements?
Editor watches staggering changes in medical office management
By Susan Crawford Founding Editor Dear Readers: Medical Office Manager’s first issue came out in November 1987. And now after 26 years as your editor, I have retired. This is a good time to look at the issues and conundrums you as manager have faced during all that time and to congratulate you on a job well done. The changes have been staggering. You have kept up with them … [Read more...] about Editor watches staggering changes in medical office management
The 3 keys to better HIPAA compliance: risk assessment, training, revised notice
Three HIPAA items need every manager’s immediate attention. They are: • Risk Analysis; • documentation of HIPAA training; and • a revised Notice of Privacy. HIPAA’s enforcer is the Office for Civil Rights (OCR), and it’s taking the job seriously, says Nathan A. Kottkamp, a health care attorney with McGuireWoods in Richmond, VA. When the OCR comes to call, it will ask to see … [Read more...] about The 3 keys to better HIPAA compliance: risk assessment, training, revised notice
HIPAA: it’s time to update the office’s privacy notice
The mega rule deadline is September 23, 2013 What should managers be doing right now for HIPAA? They should be updating the Notice of Privacy Practices and getting patients to sign off on the revision. And they have only until September 23, 2013 to get it done. Along with that, they need to be paying close attention to some other HIPAA requirements that are getting … [Read more...] about HIPAA: it’s time to update the office’s privacy notice