Group items matching

in title, tags, annotations or url

Overview: Remember spaghetti code? The HIPAA breach area is now almost as convoluted and overlapping and confusing as spaghetti code. Sometimes you think you are both coming and going at the same time when you think through an event to determine if your organization has had a breach. For example: Is a security incident always a beach? Is an ePHI breach a security incident as well? Is a cybersecurity event always a breach? What if it does not steal any clinical information, diagnoses or procedures information, or any payment information? A security incident? Or both? Are all the necessary kinds of notice in the Breach rule? What is Cybersecurity Insurance? Is it really the finger in the dike or itself full of Swiss cheese? Can the loss of patient or member data be a HIPAA breach and identity theft plus a fraud issue? Why should you Attend: HIPAA breaches now number in the multiple thousands, if not multiple millions. Your organization needs to be prepared for the initial sense of panic, a complete investigation, and the federal, state and reputational costs of a mega breach. A breach now costs in money approximately $225/record. And this does not include any fine of any type. The loss and theft of 1000 records may cost you organization from a quarter to $1 M, or more, and 6 months to a year to resolve. You need to know the basics of what PHI and ePHI really are; what puts the event into the breach safe harbor, what breach exceptions keeps the event out of OCR's hands, what the 4 factors are and how they are used. You need to know that your organization's breach plan and your policies and procedures include the need to notify when necessary the police, the FBI and other state and federal organizations beyond the Office for Civil Rights. Your organization needs to know how to protect itself after the fact by considering Cybersecurity Insurance. Areas Covered in the Session: Definition and reporting of a Security Incident Definition of a breach Breach Guidance Br

Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program. If your organization needs to understand the role of the HIPAA Security Official, the requirements, and make sure the current compliance program is adequate and can withstand government scrutiny, please join us for this informative and interactive course. Why should you Attend: The role of the HIPAA Security Official is critically important in complying with the HIPAA Security Rule. Besides being responsible for many of the daily operations within an organization, the Security Official is tasked with managing the HIPAA compliance program. Knowing what is required is part of the Security Official's duties. Attendees will leave the course clearly understanding of all the requirements for a comprehensive HIPAA compliance program and to make sure on organization has the proper policies and procedures in place. After completing this course, a HIPAA Security Official will have a clear understanding for what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: Why was HIPAA created? Who Must Comply with HIPAA Requirements? What are the HIPAA Security and Privacy Rules? The Role of the HIPAA Security Official What is a HIPAA Compliance Program? What is a HIPAA Risk Management Plan? What is meant by "Required" and "Addressable" Implementation Specifications? What are Administrative, Technical, and Physical Safeguards Requirements? What is a HIPAA Risk Asses

Overview: Upon completing this course participants will leave with a preliminary preventive control implementation plan and will: * Understand US FDA final rules for the Preventive Controls for Human and Animal Foods * Define and review your current system to identify gaps in your preventive controls planning. * Be able to develop and implement a valid preventive control company food safety plan to close any gaps * Write and implement appropriate procedures. * Know your requirements for control over your supply chain * Be able to plan and implement HARPC * Be able to perform environmental monitoring * Know how cross contamination can impact your preventive control plan * Know the difference between validation and verification * Understand and be able to use statistical process controls basics * Be able to plan and implement a team approach to preventive controls * Be able to help your food importers to jump through FDA hoops * Develop a system to risk rank your suppliers * Have a plan in hand that will pass any validation check for preventive controls * Understand some of the technology and costs that can help you establish preventive controls * Prove that your system actually prevents food safety problems * Be able to document and report results to upper management, external food safety auditors and FDA auditors * Save your company money Establish simple, low cost complete data collection and reporting systems. * Establish teambuilding between food safety and quality personnel to develop and implement changes to your current system * Understand food safety, security and recall responsibilities in light of cargo theft, adulteration and temperature failures * Learn how to use your system to get some ROI and improve your marketing position * Review current and future technologies designed to improve and simplify data collection * Establish a completely documented system Why should you attend: Validation of preventive co

Overview: This lesson will be going into great detail regarding your practice or business information technology and how it relates to the HIPAA Security Rule, in particular portable devices. Areas covered will be texting, email, encryption, medical messaging, voice data and risk factors as they relate to IT. I will uncover myths versus reality as it relates to this very enigmatic law based on over 600 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors. I will also speak to real life audits conducted by the Federal government (I've been on both sides of these audits) what your highest risks are for being fined (some of the risk factors may surprise you). In addition this course will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures. Don't always believe what you read online about HIPAA, especially as it relates to encryption and IT, there are a lot of groups selling more than is necessarily required. Why should you Attend: HIPAA NOW HAS TEETH! Be prepared for what's new in 2016! Protect your practice or business! What factors might spurn a HIPAA audit? …are you doing these things? Why are the Feds enforcing after all these years? It is important to understand the new changes going on at Health and Human Services as it relates to enforcement of HIPAA for both covered entities and business associates as it relates to portable devices, texting, and emailing of PHI. You need to know how to avoid being low hanging in terms of audit risk as well as being sued by individuals who have had their PHI wrongfully discloses due to bad IT practices. I have also been expert witness on multiple court cases where a business or medical practice is being sued for not doing their due diligence to minimize risk. Areas Covered in the Session: Updates for 2016 BYOD Portable devices B

Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the understanding the fundamentals of a HIPAA compliance. If your healthcare practice, business, or organization needs to understand what is required to protect health records or make sure your current safeguards are adequate and can withstand government scrutiny, please join us for this informative and interactive course. Why should you Attend: With a substantial increase HIPAA data breaches, organizations must understand the requirements to safeguard protected health information. Attendees will leave the course clearly understanding of all the requirements that must be in place for protecting the health records their organizations maintain, create, transmit, or store. After completing this course, a Covered Entity or Business Associate will have a clear understanding for what needs to be place when it comes to all of the HIPAA regulations. Areas Covered in the Session: Why was HIPAA created? Who Must Comply with HIPAA Requirements? What are the HIPAA Security and Privacy Rules? What is a HIPAA Risk Management Plan? What is meant by "Required" and "Addressable" Implementation Specifications? What are Administrative, Technical, and Physical Safeguards Requirements? What is a HIPAA Risk Assessment? What are HIPAA training requirements? What is a HIPAA data breach and what happens if it occurs? What are the penalties and fines for non-compliance and how to avoid them? Creating a Culture of Compliance Questions Who Will Benefit: Compliance Of

Patient quality and safety in healthcare: Patient quality and safety are core aspects of healthcare. They need to be administered and assessed in the backdrop of a variety of factors. Many healthcare professionals see patient quality and safety in healthcare as being part of the broad canopy of healthcare. There is some disagreement and confusion as to the exact meaning of the terms patient quality and safety, but that is only when it comes to semantics. In broad terms, one can understand patient quality and safety in healthcare as efforts and steps and processes meant to improve the quality care given to patients. Patient quality and safety in healthcare relates chiefly to: Improving the safety of patients and augmenting the quality of health care in the various areas of health Bringing about a reduction in infections that are sometimes a byproduct of provision of health care Reduction in the incidence of adverse drug events Quality healthcare, of which patient quality and safety in healthcare are an integral part, is defined as "…doing the right thing, at the right time, for the right person, and having the best possible result" by The Agency for Healthcare Research and Quality (AHRQ). The AHRQ also describes patient safety as "the act of doing no harm", and which "…underlies all aspects of quality health care." Measuring patient quality and safety: Measuring patient quality and safety in healthcare is of utmost importance because no system or practice is meaningful unless it is capable of being measured. The level and success of patient quality and safety in healthcare is measured against the following parameters: How many patients who underwent surgery experienced infections? How many patients were required to be admitted for a second or subsequent time following discharge from hospital because of complications such as infections or recurrence of the problems for which the patient was admitted? To what extent did the healthcare

What is HIPAA ? Compliance with the Health Insurance Portability and Accountability Act (HIPAA) is a core requirement of the stakeholders involved in health information. HIPAA has prescribed standards with which to protect critical data relating to patients. Electronic Health Records (EHRs) are important documents that contain sensitive patient data, and are thus considered Protected Health Information (PHI). Since this data is accessible to a number of players involved in the field of healthcare; it extremely important to set regulatory guidelines aimed at ensuring that patient information remains protected. HIPAA compliance is essentially about staying in compliance with these guidelines. Measures needed to show compliance with HIPAA HIPAA requires a healthcare organization dealing with PHI to implement all of the following measures and comply with them: Physical measures Network measures, and Process security measures The role of HIPAA Privacy Rule and HIPAA Security Rule HIPAA has set out two important rules that pertain to compliance. These are the HIPAA Privacy Rule and the HIPAA Security Rule. While the Privacy Rule relates to how the medical information of a patient is saved, accessed and shared; the Security Rule is about how to implement national security safeguards for protecting electronic PHI, or ePHI. Who all need to be HIPAA compliant? Since the aim of HIPAA compliance is to ensure complete safety of patient data, it has requirements for every stakeholder in the EHR process. These stakeholders comprise: Covered Entities (CE): Anyone involved in the treatment, payment and operations in healthcare Business Associates (BA): Any person who has access to patient information and is involved in supporting treatment, payment or operations. These include third-party administrators and private sector vendors Those with whom BA's work, or those that are called subcontractors Hosting providers. These typically include healthcare software pro

A Hospital Incident Command System is a wonderfully effective system for handing disasters and emergency situations: A Hospital Incident Command System is an absolute must for hospitals when they have to carry out unforeseen emergencies. Having a process-oriented Hospital Incident Command System is an effective tool for dealing with situations and saving lives. A Hospital Incident Command System (HICS) is a standardized process that helps hospitals deal with emergencies, natural or manmade. HICS is common across hospitals in the US and have common terminology and organizational structure. It is a single system that all hospitals have to use. Since emergencies can happen at any time and can be of any gravity; it is imperative for physicians to have a command of how to deal with emergencies by understanding the Hospital Incident Command System and its role in disaster situations. HICS goes beyond patient care. Physicians and other staff need to both have access to disaster-specific and related information to the Hospital Incident Command System, as well as know how to handle it, in order to bring about an effective response and augment an existing one. Advantage of having a Hospital Incident Command System The biggest advantage of having a Hospital Incident Command System is that its practices and processes are similar to those used by external agencies in times of emergency. This makes sharing incident command systems that much more effective and easier to coordinate, and facilitates information flow. Features of a Hospital Incident Command System A Hospital Incident Command System provides a flexible reporting structure with defined roles and responsibilities It sets up and facilitates communication flow and documentation protocol It provides the hospital operations a concrete strategic direction-oriented support by leveraging and optimizing additional resources such as staff and equipment, so that these are used where they are needed the most. A Hospital Incident

Dealing with Medicare and Medicaid Overpayments : Medicare and Medicaid overpayments are pretty common. If they are not dealt with properly, they invite penalties. Medicare and Medicaid Overpayments happen when a person, provider or supplier receives a payment that is in excess of the amount due to him or her under Medicare statutes and regulations. This overpayment becomes a federal debt that is owed by the individual to the State. So, Centers for Medicare and Medicaid Services (CMS) is required by federal law to recover this amount. Overpayments routinely occur in Medicare and Medicaid. Many a time, these are unintended and are usually a result of oversight, but could also happen due to intent. Some of the most common reasons for which Medicare and Medicaid overpayments occur can be when: Duplicate submissions of the same service or claim are made Excessive or non-covered services are billed or furnished for billing Services that are not necessary medically or are excluded are paid for The wrong payee gets paid. How are Medicare and Medicaid overpayments processed? Obamacare has amended the federal False Claims Act (FCA), which is part of the Fraud Enforcement Recovery Act of 2009 (FERA), to add provisions relating to recovery of Medicare and Medicaid overpayments. This is How the process of Medicare and Medicaid overpayments works: Whenever Medicare comes to know that any overpayment of $10 (raised to $25 from July 2014) or more is made, it directs the Medicare Administrative Contractor (MAC) to initiate the process of recovery of this overpayment. The MAC starts the process by initially mailing a demand letter in which repayment is requested If no action is taken, a second and third demand letters are mailed in a month following the first one. Contents of a demand mail from Medicare/Medicaid: The demand letter sent by the MAC will explain the details of the Medicare and/or overpayment. When repayment is not made in full within 30 days, interest starts get

How to Know if Outsourcing Medical Billing Can Improve Practice Revenue. Medical practitioners are usually in denial or unaware of the issues they face with in-house billing. Most of them hesitate to take the decision to outsource their...

Balanced diet is an essential part of healthy eating during pregnancy as it is from this diet that the nutrients are passed on to the developing baby inside the womb. But the question is, how much weight gain is healthy and how do you know if you have crossed the mark?

Overview: This lesson will be going into great detail regarding you practice or business information technology and how it relates to the HIPAA Security Rule, in particular portable devices and personally owned devices. Areas covered will be texting, email, encryption, medical messaging, voice data and risk factors as they relate to IT. I will uncover myths versus reality as it relates to this very enigmatic law based on over 600 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors. I will also speak to real life audits conducted by the Federal government (I've been on both sides of these audits) what your highest risks are for being fined (some of the risk factors may surprise you). In addition this course will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures.  Don't always believe what you read online about HIPAA, especially as it relates to encryption and IT, there are a lot of groups selling more than is necessarily required.  Why should you Attend: HIPAA NOW HAS TEETH! Be prepared for what's new in 2016! Protect your practice or business! What factors might spurn a HIPAA audit? …are you doing these things? Why are the Feds enforcing after all these years?  It is important to understand the new changes going on at Health and Human Services as it relates to enforcement of HIPAA for both covered entities and business associates as it relates to portable devices, texting, and emailing of PHI. You need to know how to avoid being low hanging in terms of audit risk as well as being sued by individuals who have had their PHI wrongfully discloses due to bad IT practices. I have also been expert witness on multiple court cases where a business or medical practice is being sued for not doing their due diligence to minimize risk.  Areas Covered in the Session: Update

Overview: This webinar will cover the changes to the PQRS program in 2016 and will provide tips and strategies to help you select the best measures and reporting approach for your practice. Why should you Attend: Your future Medicare payments are at risk. Failing to report quality measures to CMS for Calendar Year 2016 will result in a reduction of up to 6% in your 2018 Medicare payments. The PQRS program carries a potential 2% penalty for each provider who does not report quality measures to CMS - physicians, mid-level providers, therapists, psychologists, social workers, even dieticians. In addition, if your practice has physicians and mid-levels, at least half the physicians must meet the PQRS requirements or the group will face an additional 2-4% penalty from the Value Based Modifier program. Areas Covered in the Session: Understand the difference between a reporting rate and a performance rate? Get access to useful tools to help you identify measures applicable to your specialty. Learn how to choose among the various reporting approaches - what are the pros and cons of each. Understand how CMS will evaluate your submission if you report less than 9 measures. Who Will Benefit: Practice Administrators All providers who bill to Medicare including Physicians (All specialties), Podiatrists, Physician Assistants, Nurse Practitioners, Psychologists, LCSW, Physical and Occupational Therapists, Speech/Language Pathologists, etc. Quality Officers Nurse leaders Finance Directors Speaker Profile Jeanne J. Chamberlin Jeanne Chamberlin is currently a Practice Management Consultant with MSOC Health. During her 30 years in the healthcare industry, Jeanne has worked in independent medical practices, health systems, state government, and software development. She holds a Masters Degree in Public Policy from Duke University and is a fellow in the American College of Medical Practice Executives. She has been a leader in both state and local MGMA chapters. As practice ad

Overview: Today's health care delivery occurs in a diverse, fast-changing, multidisciplinary health care environment. This often presents challenges to the health care professional that are not easy to navigate. Medical records and their confidentiality have long been the exclusive province of state law, but has now been recognized for some time in the federal HIPAA statutes and federal regulations. Differing and even conflicting sources of requirements at the state level still exist for the retention and disposition of medical records. These sources may vary based upon the specific health care practitioner - whether physicians, dentists, psychologists, or other health care providers, including mental health practitioners. As to the specific, individual health care practitioner, state laws mandate their confidentiality, retention, and even their specific content with regards to patient, clinical records. In addition to these clinical requirements, additional state laws set forth the content and retention of other types of records kept by the professional, such as supervisory agreements with other professionals subordinate to them as well as their own unique record content requirements. With the majority of medical records moving to an electronic format, special rules now exist with regard to the confidentiality, security, retention, and disposition of electronic medical records. This is particularly important as state laws continue to allow for and regulate the provision of telemedicine by various health care practitioners. For example, while psychotherapy and mental health services are ideal treatments to offer over the internet, that is, by simultaneous audio-visual transmission between the doctor and the patient, the risks of breaches of confidentiality also vastly increase. And when the successful doctor-patient relationship is over, how does the health care practitioner providing a mental health service dispose of these electronic records? In addit

Overview: I will uncover myths versus reality as it relates to this very enigmatic law based on over 600 risk assessments performed as well as years of experience in dealing directly with the Office of Civil Rights HIPAA auditors. I will also speak to real life audits conducted by the Federal government (I've been on both sides of these audits) what your highest risks are for being fined (some of the risk factors may surprise you). In addition this course will cover the highest risk factors for being sued for wrongful disclosures of PHI and the manner in which patients are now using state laws to sue for wrongful disclosures. Don't always believe what you read online about HIPAA, especially as it relates to what the government expects, I will uncover what is and isn't considered a high risk. Why should you Attend: HIPAA NOW HAS TEETH! Be prepared for what's new in 2016! Protect your practice or business! What factors might spurn a HIPAA audit? …are you doing these things? Why are the Feds enforcing after all these years? It is important to understand the new changes going on at Health and Human Services as it relates to enforcement of HIPAA for both covered entities and business associates as it relates to portable devices, texting, and emailing of PHI. You need to know how to avoid being low hanging in terms of audit risk as well as being sued by individuals who have had their PHI wrongfully discloses due to bad IT practices. I have also been expert witness on multiple court cases where a business or medical practice is being sued for not doing their due diligence to minimize risk. Areas Covered in the Session: Factors that can get you audited What to do if audited how to avoid an audit altogether Business associates and the increased burden Emailing of PHI Texting of PHI BYOD Updates for 2016 Who Will Benefit: Practice Managers Any business associates who work with medical practices or hospitals (i.e. billing companies, transcription companies, IT comp

Overview: Being in compliance with HIPAA involves not only ensuring you provide the appropriate patient rights and controls on your uses and disclosures of protected health information, but you also have the proper policies and procedures in place. If audited or the subject of a compliance review you will be required to show the government you have all the necessary documentation in place for safeguarding patient Protected Health Information and indicate how you addressed all required security safeguards. This starts with the fundamentals of a HIPAA compliance program. If your healthcare practice or office manager needs to understand what all the HIPAA requirements are or make sure the current program is adequate and can withstand government scrutiny, please join us for this informative and interactive course.  Why should you Attend: The practice or office manager is the backbone of any healthcare office. Besides being responsible for many of the daily operations within an office, the practice manager is often tasked with managing the HIPAA compliance program. Knowing what is required is critically important.  Attendees will leave the course clearly understanding of all the requirements for a comprehensive HIPAA compliance program and to make sure the practice has the proper policies and procedures in place. After completing this course, a practice or office manager will have a clear understanding for what needs to be place when it comes to all of the HIPAA regulations.  Areas Covered in the Session: Why was HIPAA created? Who Must Comply with HIPAA Requirements? What are the HIPAA Security and Privacy Rules? The Role of the HIPAA Security and Privacy Official What is a HIPAA Compliance Program? What is a HIPAA Risk Management Plan? What is meant by "Required" and "Addressable" Implementation Specifications? What are Administrative, Technical, and Physical Safeguards Requirements? What is a HIPAA Risk Assessment? What are HIPAA training requirements?

What causes nausea and how can you avoid/treat it at home? You feel nauseous when your stomach either stops contracting or... Ever wonder why you feel so uneasy while driving across a rough, bumpy road? how does nervousness lead to nausea? Patients with nausea make up 6.7% of all cases treated...

Today was an exceptionally bright day. At least the morning. The rest of the day was marred by Kate throwing up on me nonstop. She felt a strong sensation of nausea and dizziness. But why does she eat at that weird Mexican place when she knows it makes her stomach sick? Every time she goes there, she feels a gut-wrenching, stomach-turning urge to release all that her belly holds. I mean, the stomach is an elastic bag made of muscular walls containing acid. We read that in science once. But why does Kate's stomach hold a serious grudge against Mexican food?

This blog speaks of how social media can affect people and how a detox ones in a while helps with maintaining a healthy balance with reality.

Medical tourism is growing by leaps and bounds as people realize the benefits of cost saving and the excellent treatment they receive in countries other than their own. People from the CIS, for instance, had to look to European countries like Germany, France, and the UK for treatment and in all these countries the treatment is expensive not to speak of stay and travel. Asian countries like India, Thailand and Sri Lanka are proving to be the better alternatives. The deterrent is how to find the best facility at the best cost and proceed. This is where a healthcare facilitator steps in and takes care of everything much to the relief of the patient and his family. The vital bridge Healthcare facilitators act as the vital bridge between the patient and the treatment facility that matches their needs. If you are in the US, UK, Australia, the CIS countries or in any African country and wish to find the best facility in India, for instance, the facilitator is the one to get in touch with. They maintain a database of hospitals and surgeons across the country, know their specialization and how much treatment can cost. Healthcare facilitators put you in touch with a medical institution that will give the best in terms of quality of treatment and cost. They do this by first going through your medical records and getting their panel of medical experts to match the ailment with a hospital. Patients get the benefit of expertise and save time and a great deal of money in the process. Patients receive invaluable assistance in: * Travel to the hospital * Scheduling appointments * Recommendations so that they receive personalized care * Supervision by the facilitator's own doctor to ensure that everything is being done right and, if not, patients may be switched to another hospital * Assistance with documentation and paperwork * Assistance with the procurement of medications * Negotiating the best rate with a discount for stay and treatment * Assistance to fam