Archives     Advertise     Editorial Calendar     Subscribe     Contact Us    


NMGMA Ten Minute Takeaway: September 2016


 

The second Tuesday of each month, practice managers and healthcare industry service providers gather at KraftCPA headquarters for the monthly Nashville Medical Group Management Association (NMGMA) meeting.

During the September luncheon, Christopher Lyons, HCISPP, a consultant with managed security services company Sword & Shield Enterprise Security, discussed the HHS Office for Civil Rights (OCR) random audit program. In July, OCR notified 167 covered entities of their 'selection' to participate in HIPAA desk audits. Lyons said a similar selection process was slated to occur for business associates at the end of September.

He noted the desktop audits are limited to a subset of the Security, Privacy and Breach Notification rules. However, onsite audits, which resume in 2017, will evaluate against the comprehensive set of HIPAA compliance controls. Desk audits do have the potential to turn into onsite audits.

A couple of points to remember, Lyons said, is that OCR will not accept policies and procedures in a paper format so everything must be made available electronically. While full compliance is expected, Lyons added those being audited should "provide only what is requested."

One major tripping point that plagues many covered entities is privacy notifications. "Do you have privacy rules notices hanging on the walls in addition to handing them out in person?" Lyons asked the group. "And," he continued, "It must be posted conspicuously on walls wherever patients come in." Therefore, if there is a front and back entrance to the office, the notification must be hanging in both places. The policy has to be posted on the website, as well.

While it might seem like common sense, Lyons said the best advice is to curb visible annoyance at the amount of extra work an audit entails. Sarcasm, he noted, doesn't typically don't go over well. "Auditors hold your fate in their hand. They are human ... be nice," he counseled with a grin.

For more information on the OCR audits, go online to: hhs.gov/hipaa/for-professionals/compliance-enforcement/audit/index.html. There are a multiple resource links under the Phase 2 Audit heading.

The next NMGMA meeting is scheduled for October 11. For reservations or to learn more about the association, go online to nmgma.site-ym.com.

RELATED LINKS:

Sword & Shield Enterprise Security

 
Share:

Related Articles:


Recent Articles

Amidst Growing Measles Outbreaks, AMA Urges Public to Get Vaccinated

Reminds physicians to discuss the safety and efficacy of vaccines with patients, as well as educate them on health risks associated with not vaccinating children

Read More

Pivotal Clinical Trial Investigates New Technology for Managing Uncontrolled Hypertension

Read More

The Biggest Threats to Public Health

Noted public health expert Dr. William Schaffner shares insights on three of his top public health threats.

Read More

Covering Kids

A new study finds higher rates of uninsured children in Tennessee and other non-expansion states.

Read More

Severe Asthma Disparities

A recent study found racial disparities in ED usage for severe asthma become statistically insignificant when factoring out socioeconomic elements, paving the way for more emphasis on differences in community than biology.

Read More

Mark Your Calendar for Music City SCALE

The 14th Annual Music City SCALE meeting featuring up to 22 hours of CME for medical practitioners is set for May 9-11 at the Music City Center.

Read More

Public Health Happens in the Community ... Not Just the Clinic

Public health continues to lead the way to eliminate health disparities and create a system that focuses not just on the absence of illness but the promotion of wellbeing.

Read More

Gum Disease and Tooth Loss Associated With Higher Risk of Pancreatic Cancer in African-American Women

Poor oral health was associated with increased risk of pancreatic cancer in African-American women.

Read More

A New Vision for Safety Net Care

After 14 months of study, the Indigent Care Stakeholder Work Team has released their vision for safety net care in Nashville.

Read More

Modern Healthcare & Critical Connections Present Social Determinants of Health Symposium

Read More

Email Print
 
 

 

 


Tags:
Christopher Lyons, HIPAA Compliance, HITECH, Nashville Medical Group Management Association, NMGMA, OCR Audit, Privacy Notification, Security Breach, Sword & Shield
Powered by Bondware
News Publishing Software

The browser you are using is outdated!

You may not be getting all you can out of your browsing experience
and may be open to security risks!

Consider upgrading to the latest version of your browser or choose on below: