Codapedia is now a division of Find-A-Code

HIPAA|PHI - Articles

Watch out for People-Related ‘Gotchas’
April 15th, 2019 - Wyn Staheli, Director of Research
In Chapter 3 — Compliance of the ChiroCode DeskBook, we warn about the dangers of disgruntled people (pages 172-173). Even if we think that we are a wonderful healthcare provider and office, there are those individuals who can and will create problems. As frustrating as it may be, there are ...

Prior years:  (click bar to view articles)

Are HIPAA Changes Coming?
December 18th, 2018 - Wyn Staheli, Director of Research
On December 14, 2018, the Office for Civil Rights (OCR) issued a Request for Information (RFI). They are considering making changes to some of the HIPAA regulations. Earlier this year at the HIMSS (Healthcare Information and Management Systems Society) meeting, Roger Severino, the head of the Office for Civil Rights ...
HIPAA Handling Patient Requests for Medical Record Restriction
September 26th, 2018 - BC Advantage
Healthcare compliance professionals frequently face confusing situations about sharing of protected health information (PHI). The Health Insurance Portability and Accountability Act (HIPAA) supports the protection of privacy of medical records. However, even when a patient does not authorize sharing of his record, there are permitted uses and disclosures, such as...
Q/A: Do I Have to Accept Any New Patient?
September 24th, 2018 - Wyn Staheli, Director of Research
Question: Is it legal for us to not allow a patient to be seen in our office if their parents have bad debt with us?
Finalized Confidentiality of Alcohol and Drug Abuse Patient Records Regulations
August 31st, 2018 - Wyn Staheli, Director of Research
In January, the U.S. Department of Health and Human Services (HHS) issued updates to the privacy regulations regarding the confidentiality of patient information of substance use disorder patients (42 CFR Part 2).  This notice included references to better alignment with HIPAA regulations, but did state that Part 2 is more protective ...
Q/A: Is it Legal to Shred Archived Patient Records After a Certain Amount of Time?
August 3rd, 2018 - Wyn Staheli, Director of Research
Shredding patient records. When is it appropriate? Read more to find out.
Medicare Claim Submission Exceptions
June 18th, 2018 - Wyn Staheli, Director of Research
There are several exceptions to the Medicare "Mandatory Claim Submission Rule." What are they?
Q/A: How Do I Respond to a Patient's Request to Not Submit the Claim to Their Insurance?
May 7th, 2018 - Wyn Staheli, Director of Research
A number of patients now have high deductible plans. Sometimes, deductibles can be $5000 or $10,000. My payer contract states that I must submit all claims to insurance for covered services. However, sometimes patients with these high deductibles come to my office and state that they would prefer to receive a modest discount for paying cash and in turn, not have their services submitted to insurance. As a doctor, this places me in a tough situation. Do I follow the patient's wishes or the payer contract?
Q/A: Someone Broke into My Office. What do I do Now?
April 23rd, 2018 - Wyn Staheli, Director of Research
My office was broken into last night. I use electronic health records, but we do store some protected health information for my patients in paper files. These files are not secured, so the burglars did have access to them. It did not appear that the files were touched as the burglars were looking for cash. What responsibilities to I have to my patients in a situation like this? Do I need to contact them and advise them that their PHI could have been compromised?
HIPAA Breach Settlements and Ransomware Attacks - Is Your Practice Secure?
February 5th, 2018 - Wyn Staheli, Director of Research
Two recent reports should make providers stop, take notice and make sure their practice's policies and procedures are up-to-date. The first one involves a HIPAA Breach settlement of a company with facilities in several states. The OCR memo stated "In addition to a $3.5 million monetary settlement, a corrective action plan ...
Are Your Computers Vulnerable to Cyber Attacks?
February 1st, 2018 - Wyn Staheli, Director of Research
Healthcare providers must be vigilant in ensuring that software upgrades, also known as patches, are kept current. Failure to do so can lead to a HIPAA Security Breach with all its associated penalties. For example Windows XP no longer has security updates and should not be used in healthcare settings. On ...
Mobile Health: Growing Engagement and New Responsibilities
January 31st, 2018 - Dugan Maddux, MD, FACP
This week I'm blogging about an M-word. Not MACRA or MIPS, but Mobile Health or mHealth....
HIPAA and the Opioid Crisis
January 24th, 2018 - Wyn Staheli, Director of Research
HIPAA and the Opioid Crisis guidance released by HHS.
HIPAA Disclosures to Family, Friends, and Others Involved in an Individual’s Care and for Notification
October 6th, 2017 - Wyn Staheli
In light of recent tragic events, the OIG has released a reminder that HIPAA allows for certain disclosures in these types of situations. The reminder dated October 3, 2017 states the following: Following the recent mass shooting in Las Vegas, the HHS Office for Civil Rights (OCR) is taking this opportunity ...
Medicare Announces New Cards to Be Issued
August 17th, 2017 - ChiroCode
Identity theft has become a major problem in the United States. As a prevention measure, the Centers for Medicare& Medicaid Services (CMS) is readying a fraud prevention initiative that removes Social Security numbers from Medicare cards to help combat identity theft, and safeguard taxpayer dollars. Personal identity theft affects a large ...
Chart Auditing For Beginners
August 11th, 2017 - Michelle West, CPC, CEMC, CPMA, CRC
In the new year, have you found yourself in the new role of performing internal chart audits for your organization? Are you often finding yourself saying "Now What?!" First, take a deep breath and start with the basics. In this week's tip, I will review the very basic tips and ...
Cybersecurity - Are you sure you are secure?
August 4th, 2017 - Wyn Staheli
An article by Medical Economics highlights the June report of the Health Care Industry Cybersecurity Task Force. Their report confirmed once again that healthcare providers are not adequately addressing cybersecurity as part of the compliance programs. The threat of hackers is very real and providers need to ensure that they have taken ...
Case Law Update: Just Because HIPAA Does Not Provide a Private Right of Action, Doesn't Mean that Other Avenues Exist
August 4th, 2017 - NAMAS
Simply stated, the Health Information Portability and Accountability Act (HIPAA) does not provide a private cause of action[1]. And, prior to the 2009 passage of the Health Information Technology for Economic and Clinical Health Act (HITECH Act)[2] and the more robust chain of liability (e.g. covered entities, business associates and ...
HIPAA Training Requirements
August 1st, 2017 - Wyn Staheli
HIPAA Training must be an ongoing effort in every healthcare organization.
To Disclose or Not to Disclose… That is the Question
June 29th, 2017 - Sean Weiss
The biggest questions I receive these days are in regard to handling potential overpayments regarding internal or external audits is whether or not the errors constitute a self-disclosure protocol. The short answer is, avoid this process unless you have verifiable fraudulent activity to report. Section 1128J(d) of the Act created ...
False Claim Penalties Increase Again
April 10th, 2017 - Wyn Staheli
On February 3, 2017, the Department of Justice (DOJ) issued a Final Rule to increase the civil monetary penalties assessed under the False Claims Act (FCA), due to inflation for the year 2017, to an all-time high of $10,957 (minimum) to $21,916 (maximum). Thirty years ago, in 1986, Congress amended the False ...
How to Properly Dispose Protected Health Information (PHI)
February 27th, 2017 - InstaCode Institute
HIPAA requires covered entities to properly dispose of Protected Health Information (PHI) in the following manner: Paper, film, or other hard copy media has been shredded or destroyed such that the PHI cannot be read or otherwise cannot be reconstructed. Electronic media has been cleared, purged, or destroyed consistent with NIST Special Publication 800-88, Guidelines for Media ...
Mobile Devices are HIPAA Security Concern
February 22nd, 2017 - Wyn Staheli
Mobile devices are one of the most problematic areas for HIPAA security. Their ease of portability also makes it easy for them to be stolen or hacked. Because so many of the HIPAA breaches reported involved mobile devices, additional guidance has been issued by HealthIT.gov. Their informative web page offers additional ...
Psychotherapy Notes Provision of HIPAA
February 2nd, 2017 - Wyn Staheli
Of special interest to all behavioral health practitioners (both Covered Entities and NON-covered entities) is HIPAA's provision for psychotherapy notes. The privacy rule recognizes that psychotherapy notes need more protection than other types of PHI. Even if you are not a covered entity, we recommend understanding and implementing office procedures ...
HIPAA Exempt Offices (Paper)
January 23rd, 2017 - Wyn Staheli
It is a common misconception that every doctor’s office is (or must become) a HIPAA covered entity; however, the list of those who still qualify for exemption from HIPAA is rapidly shrinking. There are exceptions to the HIPAA requirements; if a practice sends or receives no transactions electronically, it is ...
Medical Billing and Coders Professional Liability
November 29th, 2016 - Find-A-Code
Companies who regularly handle such sensitive information as patient medical records have a particular responsibility to maintain the confidentiality of the data. Failure to exercise the appropriate degree of care – whether intentional or not – can have a significant adverse financial impact on your firm. The Federal Health Insurance Portability ...
Security Risk Assessment Wizard - are you at risk?
August 4th, 2016 - Chris Woolstenhulme, CPC, CMRS
Attention:  Any Any healthcare organization that stores, transmits or maintains PHI (Protected Health Information) in electronic formats is required to adhere to the HIPAA Security Rule... see if your organization is at risk with security compliance. Visit SRAWizard.com for a Security Risk Assessment (SRA) Tool complete with training and other guidance to ...
HIPAA: Breaches much more likely to require disclosure under Mega Rule
December 4th, 2013 - Scott Kraft
One of the biggest changes under the HIPAA Omnibus Final Rule – known as the HIPAA Mega Rule – that was finalized earlier this year and took effect last month is a significant change to how you are required to handle breaches of patient protected health information (PHI). The change...
New HIPAA rule gives patient the right to “refuse” to use insurance, receive PHI electronically
November 18th, 2013 - Scott Kraft
The HIPAA Omnibus Final Rule, known in the industry as the HIPAA mega rule, affords patients two key rights that your practice needs to be prepared to implement. Patients now have the right to request and receive their own protected health information (PHI) from your practice electronically and they...
ICD-10: The Wave (or Tsunami) of the Future
March 22nd, 2013 - Allison Singer, CPC
ICD-10: The Wave (or Tsunami) of the Future For many people, simply hearing the words “ICD-10” is enough to cause headaches, indigestion and a sudden compulsion to find a new career. It is the looming healthcare change that many professionals hope will go away completely or be delayed...

Article categories




About Codapedia & Find-A-Code Contact Us Terms of Use Privacy Policy Advertise with Us

Codapedia™/Find-A-Code™ - 62 E 300 North, Spanish Fork, UT 84660 - Phone 801-770-4203 (9-5 Mountain) - Fax (801) 770-4428

Copyright © 2009-2019 Find A Code, LLC - CPT® copyright American Medical Association