Group items tagged

Course "Effective and Efficient Internal and Supplier Quality System Auditing for Medical Devices" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: Do you want to understand how to do efficient and effective internal and supplier audits that meet all the requirements of your external auditors, but also add value to your company? Are you confused by all the requirements and guidance documents for medical device quality management systems and are tired of wading through all the regulatory language they contain. This course is for those who will do internal or supplier audits, manage an audit process for these or other company audits. This course will provide you with an easy to understand presentation on the auditing process as well as the requirements you will need to audit under ISO 13485 and the FDA Quality System Regulation (cGMP) Both FDA Quality System Regulation (QSR) and ISO 13485 require that companies do internal audits. However, because the FDA does not look at the content of internal audits, some companies do not get feedback on the true effectiveness of their internal audit system from the FDA during FDA Inspections. ISO 13485 auditors do look at internal audits, but are most concerned that you define a process that meets the requirements of the standard and are following your process. Both require that you define Auditor training is required, but this sometimes just requires reading the company's procedure, although most external auditors will look for more than this. Do you need to train new auditors for yours medical device quality management system or to audit your suppliers? Or do you need to improve the training of your internal and supplier auditors so that they add value to these audits? If you need to do either of these, this seminar will provide this training. In addition to auditing skills and hands-on auditing exercises, this seminar will provide an ove

Overview: In this session we will discuss the HIPAA audit and enforcement programs and how they work, and discuss the areas that caused the most issues in prior audits. We will explore what kind of issues and what kind of entities had the most problems, and show where entities need to improve their compliance the most. We will also explore the typical risk issues that lead to breaches of health information and see how those issues may be a target for auditors in the new 2016 audits. We will review the contents of the HIPAA Audit Protocol used in 2012 to show what documentation needs to be on hand should your organization be selected for an audit in the new round. We will present methods for using the contents of the HIPAA Audit Protocol to build your own compliance plan by extracting and updating the contents and relating your compliance activities directly to the questions that might be asked. In this session we will discuss the HIPAA audit and enforcement regulations and processes, and how they apply to HIPAA covered entities and business associates. We will explain the enforcement regulations and the new, increased fines and new penalty levels, including new penalties for willful neglect of compliance that begin at $10,000. We will discuss what information and documentation must be prepared in advance so that you can be ready for an audit at any time, including sample information request forms and questions asked at prior audits. The session will also cover how to know if you may become the subject of an audit or enforcement action, and what you can do to help limit your exposure. We will discuss how most enforcement actions come about and what can be done to prevent incidents that lead to enforcement activity. The HIPAA Privacy, Security, and Breach Notification regulations (and the recent changes to them) and how they will be audited will be explained. Documentation requirements for compliance will be explored and a framework of security policies necessary

Course "Internal Auditing for the Medical Device Industry" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: This course provides an overview of internal auditing requirements and techniques for medical device companies as a method for risk management and quality improvement. The course will cover auditing requirements, audit planning, preparation, knowledge, auditor skills, interviews, documents and records review, objective evidence, audit report writing and corrective action. Why should you attend: Attendees should attend this seminar for risk management and improvement purposes to identify weaknesses, problems, compliance risks, and improvement opportunities. Who Will Benefit: * Quality Manager * Quality Associate * Quality Engineer * Quality Technician * Regulatory Associate Agenda: Day One Lecture 1: Overview of an auditing program, principles of quality management systems and how they related to auditing, benefits of auditing, and what is auditing. Lecture 2: Types of audits, auditor qualifications, ethics, responsibilities, audit phases, audit planning, and scheduling. Lecture 3: Conducting audits, interview techniques, objective evidence, data collection, tracing, use of checklists, and reviewing documents and records. Lecture 4: Conducting process audits, running closing meetings, audit report writing, corrective actions, and improvement Day Two Lecture 1: Overview to auditing to ISO 13485 and FDA QSR. Global differences which affect auditing approaches, auditing document control and record keeping, management responsibility, and resource management. Lecture 2: Auditing order handling, design control, purchasing, and supplier controls. Lecture 3: Auditing production, validation, and preservation. inspection and testing, control of test equipment, customer property, and sterilization Lecture 4: Auditing customer feedback, internal auditing programs, complaint

Course "New HIPAA Audit and Enforcement Activities: Being Prepared to Show your Compliance " has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: We will be discussing the history and evolution of HIPAA Privacy/Security and the major points you need to understand to proactively protect your practice or business from the imminent federal auditing process: * History of HIPAA * HITECH * HIPAA Omnibus Rule * How to perform a HIPAA Security Risk Assessment * What is involved in a Federal audit and how is it conducted * Risk factors for a federal audit * How to avoid a Federal audit * Business Associates and HIPAA audits * EHR and HIPAA * Business Continuity/Disaster Recovery Planning * Assessing your contractors and sub-contractors * In depth discussions on IT down to the nuts and bolts * Risk factors that can cause an audit (low hanging fruit) * New rules which grant states ability to sue citing HIPAA on behalf of a patient * New funding measures Why should you attend : The evolutions of this enigmatic law and how what was once relative benign in terms of enforcement is now fully funded and aggressive. Learn what you can do to be prepared for an audit and how to lower risks of ever being audited. It is absolutely imperative that you are proactive and not reactive with your compliance program, this is a necessary evil and you need to protect your practice or your business and limit risks from the imminent Federal audits. Join me in keeping up with this very confusing law and take advantage of all the templates and information provided as part of the seminar. Areas Covered in the Session: * HIPAA -Brief History * HIPAA Privacy Rule vs HIPAA Security Rule * HITECH Act * Breach Notification Rule * Omnibus Rule and audits * Business Associates and audits * Current Court Cases (precedence) * Paper Based PHI Concerns and how to lower risk

Overview: You need to attend in order to control your own destiny. Get involved up front instead of being a "sitting duck". More Audits are coming and government & private payers are increasing their budgets for increased audit activity around the health care provider industry. The Department of Justice is zeroing in on providers who are aberrant. Private insurance special investigations units are also gearing up and local prosecutors who are hungering for these types of prosecutions are all part of building machinery to eliminate fraud and abuse in the nation's health care system. The concern about the audit/investigative machine that has been developed should create horrendous concern for the health care provider community, because these entities will have to come up with results. Don't become one for their "results". Areas Covered in the Session: Overview of audit risks 14 Strategies to tackling auditors: i.e. Appoint Audit Manager Appoint Audit Committee Proactively seek out info from audit visitors Respond quickly to audit visitor requests Identify On Site control person Provide strong support for onsite control person Onsite control person must be close to the visitors Audit committee to meet daily with visitors Respond quickly to early findings Request feedback from visitors Request Exit conference Carefully review preliminary findings Respond to final report Correct problem findings Who Will Benefit: Health Care Professionals Health Service Providers Compliance Officers CEO's Corporate Attorneys Speaker Profile Joseph R. Batte is president of Kristall Associates, a compliance, and risk assessment specialist for the health care provider community as well as the litigation support community. He is a former special agent with the US Office of Inspector General and participated in the development of that Departments compliance guidance's. He is a nationally known speaker on compliance and has authored the book "Doctors are from Jupiter, Compliance is from

The federal Health Insurance Portability and Accountability Act (HIPAA) was legislated in 1996 with the primary aim of ensuring that employees who are in the process of changing or leaving their jobs do not lose their health insurance benefits. Additionally, HIPAA sought to bring down health care fraud and abuse by mandating pan-industry standards for the protection of health care information and automated billing and other related processes, and for ensuring the security of Protected Health Information (PHI). What is a HIPAA Security Audit? A HIPAA Security Audit is a program under the HIPAA Privacy, Security, and Breach Notification Audit Program of the Office of Civil Rights (OCR). A HIPAA Security Audit is carried out to make sure that the policies, processes and controls on the part of Covered Entities comply with the provisions of the HITECH Act of 2009. Adherence to the requirements laid out by HITECH is mandatory. Given the high degree of continued use of new technologies that go into and will continue to go into electronic records of patients and the criticality of the data contained in them; the US Department of Health and Human Services (HHS) recognizes that there could be chances of data breach of Protected Health Information. It is to prevent the occurrence of these breaches that a HIPAA Security Audit is mandated by the HITECH Act. Reporting of data breaches is mandatory The foremost highlight of the HITECH Act is the requirement that Entities covered by HIPAA report data breaches that affect 500 or more employees to the HHS. The OCR lays out an Audit Protocol, with whose policies, protocols and processes a facility has to comply if it is said to be compliant with the HIPAA Security Audit. Why is it necessary to carry out a HIPAA/HITECH Security Audit? Compliance with HIPAA Security Audit is necessary to demonstrate that a practice or business is well protected. The most important reason for which such entities need to be HIPAA/HITECH Security

Overview: The webinar will concentrate on topics that HHS has announced will be the focus of the first round of "desk audits". They reflect significant areas of non-compliance revealed in the 2012 pilot audits and HHS HIPAA violation investigations concluded by Resolution Agreements and Corrective Action Plans. They include: HIPAA Risk Analysis Risk Management based on Risk Analysis Breach Notification Notice of Privacy Practices (for Covered Entities) Minimum Necessary Standard Access of Individuals to their PHI Authorizations Workforce Training This webinar is vital because, in focusing on preparation for a HIPAA Compliance Audit, Covered Entities and Business Associates may review, prioritize and structure their HIPAA Compliance programs. If you have HIPAA Compliance documentation ready to submit on two weeks notice to HHS you are implementing an effective HIPAA Compliance program. In addition, every Covered Entity or Business Associate may face an HHS HIPAA Compliance investigation at any time due to a complaint or a Breach. If you are "audit ready" you will be ready for an investigation - and better able to avoid complaints and prevent breaches. Why should you attend: Every Covered Entity and Business Associate is liable - without prior notice - to be audited for HIPAA Compliance by HHS You will have only 2 weeks after receiving your HIPAA Compliance Audit notification and data request to upload all requested documents to an HHS HIPAA Compliance Audit Portal The HIPAA Compliance Audit data request you receive will specify content and file organization, file names and any other document submission requirements Auditors will not contact an audited entity for clarifications or ask for additional information - it is essential that submitted documents are current, accurately reflect the entity's HIPAA Compliance program and demonstrate HIPAA Compliance Only data submitted on time will be assessed Failure to respond on time may be referred to the HHS regional

Overview: Section 13411 of the Health Information Technology for Economic and Clinical Health (HITECH) Act, requires Health and Human Services (HHS) to conduct periodic audits of providers and business associates to ensure their compliance with the HIPAA Security and Privacy Rule, and breach notification standards. To implement this mandate, the Office of Civil Rights (OCR) has conducted HIPAA/HITECH audit program with KPMG of 115 health care organizations to assess privacy and security compliance. This webinar will focus on the implementation and tracking of HIPAA audit best practices in a healthcare setup in order to prepare for the federal audit using published OCR audit protocols. Every audit begins with interviews, a questionnaire, and a thorough policy and procedures review. Presenter, with his decades of knowledge in the compliance, legal, auditing and security areas, will walk the attendees through the audit process, documentation requirements, and implementation specifications of the HIPAA privacy, security and breach rules. This presentation not only provides opportunity for the participants to prepare for the federal HIPAA audit but also to improve the security posture of their organizations by adopting to changing technology (mobile, social media, Health Information Exchange(HIE), cloud services, etc.) and threat landscape perspective as well. This presentation will uncover reasons why many health information breaches are occurring and help organizations better secure and comply with electronic protected health information by meeting the required and addressable HIPAA/HITECH security rules. The presenter will also share the best practices used for HIPAA security implementation and continuous risk assessment which is considered as "due diligence" by auditors for the HIPAA security compliance program. Areas Covered in the Session: Healthcare Technology Adoption/Trends Healthcare Regulatory (HIPAA/HITECH) and OCR/HHS Audit Overview Differences between

Overview: New changes modifying the HIPAA Privacy and Security Regulations are going into place to meet the privacy and security mandates within the HITECH Act in the American Recovery and Reinvestment Act of 2009. The changes include establishing new rights for individuals as well as changes to the limitations on uses and disclosures. New requirements for patient access to records and requirements to notify individuals in the event of a breach are only two of the many areas affected in the new law, including new requirements for restriction and accounting of disclosures and increased enforcement activity. Covered entities that use electronic health records (EHRs) will need to meet new access and disclosure rules and all kinds of business associates and their subcontractors will need to establish compliance programs. And if you are required to have a HIPAA Notice of Privacy Practices, you will need to update that to show all the new rights that patients will have, such as electronic copies, new rights to restrict disclosures, and much more. Business associates are now directly covered by the HIPAA privacy and security regulations and are liable for fines and penalties if they do not comply. If a business associate supplies services that interact with the new changes to the rules, the BA will need to be aware of the new requirements. We will explain what a Business Associate needs to do differently under the new regulations. Electronic records have new demands placed on them, in both providing access and in accounting for all disclosures of health information - the electronic age in health care brings new obligations to serve individuals as well as manage health information for healthcare professionals. We will discuss how disclosures must be tracked in an EHR and review the various ways patient records can be supplied electronically. The new regulations will be reviewed and their effects on usual practices will be discussed, as will what policies need to be chang

Course "Supplier Management for Medical Device Manufacturers" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: Supplier selection and management is one of the critical issues for medical device manufacturers. Suppliers provide materials and services to the device manufacturer, which means that they can be critical to performance and delivery of your device. Neither the FDA nor your notified body regulates your suppliers (with a few exceptions). They expect you to have an effective process to ensure your suppliers perform in the regulatory environment. How well do you understand the requirements for supplier management? Could you pass a regulatory audit or inspection without any issues? This course delivers the tools, templates, and methods to help participants implement an effective and efficient supplier management program. This two-day hands-on course provides a clear understanding of the underlying principles of supplier management. The course uses exercises to solidify understanding. In addition, the course uses FDA Warning Letters to illustrate the points and help you learn from others. As part of the practical implementation, the course includes receiving acceptance activities, outsourced processes, process validation at the suppliers' location, supplier auditing techniques, and supplier issues in management review. The course uses the Global Harmonization Task Force (GHTF) framework, but expands it to cover other issues and techniques important in effective implementation. Why should you attend: Since FDA regulations do not allow them to audit your suppliers unless they make finished medical devices, they require that you have sufficient control over them. But from time to time the FDA makes a reinterpretation of what this means. This happened within the last f 5 years, so if you supplier management program is older than that, you need to make major changes in you supp

Course "The A to Z's of HIPAA Privacy, Security, and Breach Notification Rules" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: This session is designed to provide intensive, two-day training in HIPAA compliance, including what's new in the regulations, what's changed recently, and what needs to be addressed for compliance by covered entities and business associates. The session provides the background and details for any manager of healthcare information privacy and security to know what are the most important privacy and security issues, what needs to be done for HIPAA compliance, and what can happen when compliance is not adequate. Audits and enforcement will be explained, as well as privacy and security breaches and how to prevent them. Numerous references and sample documents will be provided. Who Will Benefit: * Information Security Officers * Risk Managers * Compliance Officers * Privacy Officers * Health Information Managers * Information Technology Managers * Medical Office Managers * Chief Financial Officers * Systems Managers * Legal Counsel * Operations Directors Agenda: Day One Day one sets the stage with an overview of the HIPAA regulations and then continues with presentation of the specifics of the Privacy Rule, recent changes to the rules, and the basics of the Security Rule Lecture 1: Overview of HIPAA Regulations * The Origins and Purposes of HIPAA * Privacy Rule History and Objectives * Security Rule History and Objectives * Breach Notification Requirements, Benefits, and Results Lecture 2: HIPAA Privacy Rule Principles, Policies and Procedures * Patient Rights under HIPAA * Limitations on Uses and Disclosures * Required Policies and Procedures * Training and Documentation Requirements Lecture 3: Recent and Proposed Changes to the HIPAA Rules * New Penalty Structure * New HIPAA Audit Program * New Patient Rights

Overview: I will uncover myths versus reality as it relates to this very enigmatic law based on over 600 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors. I will also speak to real life audits conducted by the Federal government (I've been on both sides of these audits) what your highest risks are for being fined (some of the risk factors may surprise you). In addition this course will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures. Don't always believe what you read online about HIPAA, especially as it relates to what the government expects, I will uncover what is and isn't considered a high risk. Why should you Attend: HIPAA NOW HAS TEETH! Be prepared for what's new in 2016! Protect your practice or business! What factors might spurn a HIPAA audit? …are you doing these things? Why are the Feds enforcing after all these years? It is important to understand the new changes going on at Health and Human Services as it relates to enforcement of HIPAA for both covered entities and business associates as it relates to portable devices, texting, and emailing of PHI. You need to know how to avoid being low hanging in terms of audit risk as well as being sued by individuals who have had their PHI wrongfully discloses due to bad IT practices. I have also been expert witness on multiple court cases where a business or medical practice is being sued for not doing their due diligence to minimize risk. Areas Covered in the Session: Factors that can get you audited What to do if audited How to avoid an audit altogether Business associates and the increased burden Emailing of PHI Texting of PHI BYOD Updates for 2016 Who Will Benefit: Practice Managers Any business associates who work with medical practices or hospitals (i.e. billing companies, transcription companies, IT comp

Course "HIPAA for the Compliance Officer" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: I will be going into great detail regarding you practice or business and how it relates to the HIPAA Security/Privacy Rule, Areas covered will be history of HIPAA, privacy vs security, business associates, changes for 2016, audit process, paper based PHI, HIPAA and suing, texting, email, encryption, medical messaging, voice data and much, much, more I will uncover myths versus reality as it relates to this very enigmatic law based on over 600 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors. I will also speak to real life audits conducted by the Federal government (I've been on both sides of these audits) what your highest risks are for being fined (some of the risk factors may surprise you). In addition, this course will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures. Don't always believe what you read online about HIPAA, especially as it relates to encryption and IT, there are a lot of groups selling more than is necessarily required. Why you should attend: This lesson will be addressing how practice/business managers (or compliance offers) need to get their HIPAA house in order before the imminent audits occur. It will also address major changes under the Omnibus Rule and any other applicable updates for 2016. There are an enormous amount of issues and risks for covered entities and business associates these days. I will speak on specific experiences from over 17 years of experience in working as an outsourced compliance auditor, expert witness on HIPAA cases, and thoroughly explain how patients are now able to get cash remedies for wrongful disclosures of private health information. More im

Overview: Participants will understand the importance of responding to the OCR pre-audit requests and how to respond. Our discussion will cover how to prepare for an anticipated OCR HIPAA privacy audit, by discussing how to conduct an internal self-assessment of your privacy program. We will discuss how to conduct the self-assessment, whether it be the need for policies, procedures or obtaining all of your business associates information. Why should you Attend: If you have received a request from the OCR to provide the name of your entities privacy official and additional criteria, you are already aware that you are on the OCR's radar and may be the focus of an audit. If you haven't received a request yet, anticipate receiving one soon. In addition to ensuring that your HIPAA program is audit ready, you also need to ensure that you know all of your business associates and have their information readily available to provide to the OCR. Your entity needs to be ready now, as the OCR will either conduct focused desk audits, on-site audits or both in effort to review documentation of evidence of your compliance with the HIPAA regulation. Areas Covered in the Session: Office of Civil Rights "OCR" requests for privacy official and additional information and timeline for response Internal assessment criteria of privacy program in anticipation of an OCR audit Conducting the assessment using the template based upon HIPAA regulations Discuss methods to address any found deficiencies Workforce training Who Will Benefit: Healthcare providers Compliance and Internal Audit professionals or office staff responsible for ensuring patient privacy Healthcare Administrators Business Associates and all HIPAA Covered Entities Speaker Profile Gail Madison Brown is a registered nurse and an attorney with over 25 years of experience in health care. For the last 15 years she has focused on health care compliance and revenue cycle management operations. Gail's experience ranges

Course "Texting and E-mail with Patients: Patient Requests and Complying with HIPAA " has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: With the recent advances in portable technology, more and more organizations and their users are taking advantage of mobile devices to save time and get work done more efficiently. Texting, portable e-mail, and Apps are revolutionizing the ways health care providers interact with their patients and get their work done. But the use of these devices comes with hidden costs of compliance, especially if they lead to a reportable breach under HIPAA or state laws. HIPAA Privacy and Security Officers have been struggling to keep up with the use of the devices to protect patient privacy and avoid compliance issues. Even if these devices aren't in formal use in your organization, you need to act now to anticipate their use and make sure they are used properly. This session is designed to provide intensive, two-day training in HIPAA compliance as it relates to the use of mobile devices, including how to use them with Protected Health Information, the policies and procedures you need to have in place to use them securely, and how to manage issues of the "BYOD" phenomenon. The session provides the background and details for any manager of health information privacy and security to know what issues to look for with mobile devices, what needs to be done for HIPAA compliance, and what can happen when compliance is not adequate. Audits and enforcement will be explained, as well as privacy and security breaches and how to prevent them. Numerous references and sample documents will be provided. The session will be valuable for both newcomers to HIPAA compliance as well as seasoned veterans. HIPAA compliance will be explained and discussed in detail, from the basics through the latest changes and new technology issues, so that the attendee will have a coherent u

Overview: With the recent advances in portable technology, more and more organizations and their users are taking advantage of mobile devices to save time and get work done more efficiently. Texting, portable e-mail, and Apps are revolutionizing the ways health care providers interact with their patients and get their work done. But the use of these devices comes with hidden costs of compliance, especially if they lead to a reportable breach under HIPAA or state laws. HIPAA Privacy and Security Officers have been struggling to keep up with the use of the devices to protect patient privacy and avoid compliance issues. Even if these devices aren't in formal use in your organization, you need to act now to anticipate their use and make sure they are used properly. This session is designed to provide intensive, two-day training in HIPAA compliance as it relates to the use of mobile devices, including how to use them with Protected Health Information, the policies and procedures you need to have in place to use them securely, and how to manage issues of the "BYOD" phenomenon. The session provides the background and details for any manager of health information privacy and security to know what issues to look for with mobile devices, what needs to be done for HIPAA compliance, and what can happen when compliance is not adequate. Audits and enforcement will be explained, as well as privacy and security breaches and how to prevent them. Numerous references and sample documents will be provided. The session will be valuable for both newcomers to HIPAA compliance as well as seasoned veterans. HIPAA compliance will be explained and discussed in detail, from the basics through the latest changes and new technology issues, so that the attendee will have a coherent understanding of not only the rules, but also how to think about compliance and make sound compliance decisions on a day-to-day basis in the context of mobile devices. Agenda Day One Day one sets the stage with an ov

HIPAA Breach Notification Rules and its new version : Let us begin at the beginning: What is breach notification? The term is pretty simple to understand. It means notifying the authorities whenever there is a breach of Protected Health Information (PHI). Covered Entities (CE's) and Business Associates (BA's), who are closely associated with PHI, and individuals whose PHI data are breached, are required to bring such data breaches to the notice of the authorities, whenever there is one. A breach notification is a mechanism that is aimed at ensuring that BA's and CE's meet requirements in the HITECH Act in the American Recovery and Reinvestment Act of 2009 (ARRA). To whom should the affected individuals and CE's and BA's complain? Whenever there is a breach of PHI by a CE or a BA, or if there is violation of the Privacy, Security, or Breach Notification Rules, the affected individual can complain to the Office for Civil Rights (OCR), which will initiate investigation into these complaints. Whenever a CE or a BA detects a breach, it can complain to the Secretary of Health and Human Services (HHS). In addition, the HIPAA breach notification rules have clear guidelines on how to report breaches in the following classifications: HIPAA's definition of a breach A breach of PHI is said to have taken place when any unpermitted use or disclosure that compromises the security of the data in the PHI takes place. Any such action, resulting in the breach of any kind of data contained in a PHI, big or small, is considered a breach, unless the CE or BA can explain that the data that got breached into was not serious enough, from its risk assessment point of view, to warrant immediate intervention. The new HIPAA breach notification rules The HHS embarked on a new HIPAA breach notification program, the HIPAA Privacy, Security, and Breach Notification Audit Program, with which it seeks to bring a few changes into the existing HIPAA breach notification rules. This new Audit Pr

Overview:   Review 6 points of high quality evidence based clinical documentation Review of 7 criteria that all entries in a patient record should include Impact of documentation on coding and claims Impact on audits and ability to defend an audit When an audit is initiated, the completeness of documentation becomes critical in the ability to support what you have reported. Let's take a look at areas in which weaknesses are often found.  Why should you Attend:  The granularity and accuracy of the ICD-10 code set is supported by quality clinical documentation. It is anticipated that payers will increasingly become less flexible in allowing non-specific codes. The use of unspecified codes will likely lead to rejected claims if it is possible to report the more definitive condition. In most cases, unspecified should not be reported unless there is clear evidence to support the inability to report the detailed option.  Is your E & M level supported in the documentation? If you have never experienced scrutiny of your billing patterns by payers and other entities, you may not be aware of weaknesses that lead to recovery of funds or other costly consequences. Your documentation will be key in supporting diagnoses, service codes and acuity of the patient. It is not just payers who engage in audits. Others include State medical boards, Qui Tam and possible reporting of questionable practices by patients. Do your billing patterns and documentation stand up under reporting scrutiny? This presentation will review areas in which you may not be as strong as you think!  Areas Covered in the Session: Significance of abnormal lab results Measurement of lesions, when taken and inclusion of margins Start & stop times & methodology for infusions & discrepancies in billing Diagnostic testing and medications should be supported in a diagnosis Depth of wounds and cause should be clear Severity of illness Diagnosis present on admission? Who Will Benefit: Coders Billers Rev

Overview: As the healthcare industry moves toward a value based reimbursement model rather than fee for service, it is crucial that the provider and ancillary staff understand how ineffective reporting can lead to dollars lost. We will review the 3 critical areas that require skilled management. Understand that patients are more educated about their healthcare and are increasingly responsible for more out of pocket costs. High dollar deductibles may result in self pay realities and bad debt increases. Learn areas that increase your chances for an audit. Are you ready for the challenge? Why should you Attend: Revenue is dependent upon proficiency in multiple areas. In today's environment, it is risky to maintain the status quo and increasingly important to obtain and maintain skilled business staff. The granularity of the ICD-10 code set requires understanding of the official coding conventions and guidelines, the ability to apply those guidelines, and the ability to recognize when reporting may lead to revenue delay, reduction or loss. Additionally, other factors affect your revenue stream. This includes patients with high deductible plans, collection of much more than a small co-pay, and staff understanding of regulations that govern telephone collection activity. Don't leave money on the table or invite an audit into your practice. Audits are often the result of weak billing and coding skills. This program will review several areas that will cost you money if poorly handled. Areas Covered in the Session: Required specificity in coding Documentation necessary for ICD-10 reporting Why coders must frequently query for clarification How ambiguous diagnosis reporting affects you r bottom line Internal collections versus outsourcing. What should you consider Staff effective in handling problem claims? Developing appeals? Who Will Benefit: Coders Billers Revenue cycle Physicians Mid-level providers Nurses Claims follow-up Managers Managers Speaker Profil

Seminar on Analytical Instrument Qualification and Validation: Understanding to Prepare for FDA Audits to become Part 11 Compliant at Boston, MA Course "Analytical Instrument Qualification and Validation: Understanding to Prepare for FDA Audits to become Part 11 Compliant" has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion. Overview: In this two day workshop conference you will learn the different global agencies expectations of analytical equipment qualification along with the development of a sound process validation program in order to develop and implement bulletproof solutions that are accepted, effective, and efficient. Through case study analysis we will examine best practices to provide thoughts and ideas to develop or improve the performance of your current system. Additionally, case studies will explore how your management practices of your analytical equipment qualification/ validation and process validation programs can help or hurt your legal liability and the legal issues that arise from nonconformance with regulators and Auditors. This seminar will help attendees understand the instrument qualification and system validation processes and will provide instruction on how to prepare for FDA audits and how to become part 11 compliant. Why should you attend? The cost of non-compliance is therefore more than that of compliance. Are you in compliance with the FDA regulations for analytical equipment qualification and validation in your facility? Areas Covered in the Session: * Learn about the regulatory background and requirements for laboratory instrument qualification and system validation * Understand the logic and principles of instrument qualification and system validation from validation planning reporting * Understand and be able to explain your company's qualification and validation strategies * Be able to independently prepare execute test protocols, this includes s