5 Ways to Minimize HIPAA Liabilities

July 12th, 2019 - BC Advantage
Categories:   Acupuncture|Alternative   Allergy|Immunology   Anesthesia|Pain Management   Behavioral Health|Psychiatry|Psychology   Billing   Cardiology|Vascular   Chiropractic   Dental   Dermatology|Plastic Surgery   Emergency Medicine   Endocrinology   ENT|Otolaryngology   Gastroenterology   Home Health|Hospice   Internal Medicine   Laboratory|Pathology   Interventional Radiology   Neurology|Neurosurgery   Obstetrics|Gynecology   Oncology|Hematology   Optometry   Oral and Maxillofacial Surgery   Orthopedics   Pediatrics   Physical Medicine|Physical Therapy   Podiatry   Primary Care|Family Care   Pulmonology   Radiology   Rheumatology   Skilled Nursing   Urology|Nephrology  
0 Votes - Sign in to vote or comment.

Last year was historic for HIPAA enforcement. The HHS Office of Civil Rights collected a record $23.5 million in settlements and judgments against providers guilty of HIPAA violations. To avoid becoming part of that unwanted statistic, it’s important to pay extra close attention to five key areas of HIPAA vulnerability.

Take Advantage of Refresher Training
The best way to protect against liabilities is to continually educate and train staff. A practice may feel confident that it understands HIPAA. But while close to 90 percent of doctors believe their practices are fully compliant, at least 75 percent of them still have rudimentary questions about HIPAA. That indicates that the vast majority of providers can benefit from a HIPAA compliance refresher course. Participants should include everyone from top administrators to community volunteers. Training everyone with access to PHI isn’t just a good idea; it’s the law.

Encrypt Data
Any lost, stolen, or hacked electronic device containing protected patient information can be an expensive liability. All electronic PHI should be securely encrypted. That includes data communicated via email, text messages, and smartphone messaging apps. Even though an app like the popular WhatsApp may boast that it offers encryption, it may still lack proper authentication controls. Before using any text messaging service to communicate patient information, make sure the practice has a signed HIPAA-compliant business associate agreement with the service provider.

Control Devices
Most healthcare employees understand that they should never share passwords or log-in information. But these credentials should never even be written down. Another way that HIPAA violations frequently occur is because a computer screen is left on where unauthorized persons can see it. Front office staff and nurses may step away from a computer to handle an emergency, leaving the screen temporarily visible or photographable. Physicians sometimes make the mistake of leaving a laptop open at home, where others – including family members or friends – can see patient information. Those are innocent mistakes, but are still liabilities.

Secure Online Portals and Safeguard Paper Records
Paper records continue to represent potential liability as long as they exist. They must be securely handled and archived until shredded. Practices that have not transitioned from paper documents such as invoices and monthly statements can avoid HIPAA liability – and the effort that paper documents require – by going digital. Electronic records are easier to manage, search, store, and protect. There are fully compliant platforms that can safeguard patient records while also giving patients easier 24/7 access. That reduces liability and front office calls from patients. Patients gain greater control over their care with more transparency. A patient portal can also enhance doctor/patient interaction and communication.

Beware Social Media
Most healthcare workers know not to post photos of patients online. But sometimes sharing photos that don’t include patients can still be a liability because confidential information is accidentally included. Criminals often blow up photos that include a work station or home office, for example, to focus in on relatively obscure and minor details. A piece of paper or file in the background may contain PHI. That’s why it’s good policy to be extra vigilant regarding tweets, Facebook posts, and pictures uploaded to sites like Instagram. When in doubt, don’t upload it, share it, or talk about it.

###

Questions, comments?

If you have questions or comments about this article please contact us.  Comments that provide additional related information may be added here by our Editors.


Latest articles:  (any category)

Healthcare Common Procedure Coding System (HCPCS)
August 13th, 2019 - Chris Woolstenhulme, QCC, CMCS, CPC, CMRS
There are three main code sets and Healthcare Common Procedure Coding System (HCPCS), is the third most common code set used. They are often called Level II codes and are used to report non-physician products supplies and procedures not found in CPT, such as ambulance services, DME, drugs, orthotics, supplies, ...
Q/A: I Billed 2 Units of L3020 and Claim was Denied. Why?
August 13th, 2019 - Brandy Brimhall, CPC, CMCO, CCCPC, CPCO, CPMA
Question: We billed 2 units of L3020 but were denied for not using the right modifiers. What should we do? Answer: Rather than submitting two units of the L3020 to indicate that the patient one orthotic for each foot, you would need to use modifiers identifying left foot and right foot. Appropriate coding ...
Will Medicare Change Their Rules Regarding Coverage of Services Provided by a Chiropractor?
August 13th, 2019 - Wyn Staheli, Director of Research
Two separate pieces of legislation introduced in the House of Representatives (H.R. 2883 and H.R. 3654) have the potential to change some of Medicare’s policies regarding doctors of chiropractic. Find out what these two bills are all about and how they could affect Medicare policies.
The OIG Work Plan: What Is It and Why Should I Care?
August 9th, 2019 - Namas
The Department of Health and Human Services (HHS) founded its Office of Inspector General (OIG) in 1976 and tasked it with the responsibility to combat waste, fraud, and abuse within Medicare, Medicaid, and the other HHS programs. With approximately 1,600 employees, HHS OIG is the largest inspector general's office within ...
CMS Proposes to Reverse E/M Stance to Align with AMA Revisions
August 6th, 2019 - Wyn Staheli, Director of Research
On July 29, 2019, CMS released their proposed rule for the Medicare Physician Fee Schedule for 2020. Last year’s final rule “finalized the assignment of a single payment rate for levels 2 through 4 office/outpatient E/M visits beginning in CY 2021.” It also changed some of the documentation requirements (e.g., ...
Q/A: What if my Patient Refuses to Fill out the Outcome Assessment Questionnaire?
August 6th, 2019 - ChiroCode
Question: What if my Medicare patient refuses to fill out the outcome assessment questionnaire? Answer: Inform the patient that Medicare requires that you demonstrate functional improvement in order for them to determine if the care is medically necessary. In other words, they may have to pay for the care out of pocket if ...
The Slippery Slope For CDI Specialists
August 2nd, 2019 - Namas
Who knew that when Jack & Jill when up the hill to fetch a pail of water, they would have to ensure that in order to keep the level of water the same on the way back down, they would need to both support the pail. Many of you in this industry are ...



About Codapedia by InnoviHealth Systems Contact Us Terms of Use Privacy Policy Advertise with Us

Codapedia™ by InnoviHealth Systems™ - 62 E 300 North, Spanish Fork, UT 84660 - Phone 801-770-4203 (9-5 Mountain) - Fax (801) 770-4428

Copyright © 2009-2019 Find A Code, LLC - CPT® copyright American Medical Association