Archives     Advertise     Editorial Calendar      Advertiser Index     Subscribe     Contact Us    


NMGMA Ten Minute Takeaway: September 2016


 

The second Tuesday of each month, practice managers and healthcare industry service providers gather at KraftCPA headquarters for the monthly Nashville Medical Group Management Association (NMGMA) meeting.

During the September luncheon, Christopher Lyons, HCISPP, a consultant with managed security services company Sword & Shield Enterprise Security, discussed the HHS Office for Civil Rights (OCR) random audit program. In July, OCR notified 167 covered entities of their 'selection' to participate in HIPAA desk audits. Lyons said a similar selection process was slated to occur for business associates at the end of September.

He noted the desktop audits are limited to a subset of the Security, Privacy and Breach Notification rules. However, onsite audits, which resume in 2017, will evaluate against the comprehensive set of HIPAA compliance controls. Desk audits do have the potential to turn into onsite audits.

A couple of points to remember, Lyons said, is that OCR will not accept policies and procedures in a paper format so everything must be made available electronically. While full compliance is expected, Lyons added those being audited should "provide only what is requested."

One major tripping point that plagues many covered entities is privacy notifications. "Do you have privacy rules notices hanging on the walls in addition to handing them out in person?" Lyons asked the group. "And," he continued, "It must be posted conspicuously on walls wherever patients come in." Therefore, if there is a front and back entrance to the office, the notification must be hanging in both places. The policy has to be posted on the website, as well.

While it might seem like common sense, Lyons said the best advice is to curb visible annoyance at the amount of extra work an audit entails. Sarcasm, he noted, doesn't typically don't go over well. "Auditors hold your fate in their hand. They are human ... be nice," he counseled with a grin.

For more information on the OCR audits, go online to: hhs.gov/hipaa/for-professionals/compliance-enforcement/audit/index.html. There are a multiple resource links under the Phase 2 Audit heading.

The next NMGMA meeting is scheduled for October 11. For reservations or to learn more about the association, go online to nmgma.site-ym.com.

RELATED LINKS:

Sword & Shield Enterprise Security

 
Share:

Related Articles:


Recent Articles

Tivity Health Takes Meaningful Steps to Keep Seniors Engaged, Connected

At first glance, SilverSneakers might appear to be 'just' a fitness class ... but dig a bit deeper, and it's clear this class is actually a community keeping participants active and engaged.

Read More

AMA Adopts Policy to Combat Public Health Disinformation by Health Care Professionals

New policy aims to address spread of rampant disinformation amid COVID-19 pandemic

Read More

AMA Adopts Policy Aimed at Strengthening U.S. Public Health Infrastructure, Opposing Limits Placed on Public Health Officials

New policy calls for consistent, sustainable funding, a robust public health workforce, and data modernization

Read More

Managing Risk of Cyber Incidents

Cyber threats are here to stay -- and they continue to be one of the topics keeping senior management up at night. With breaches and ransomware attacks still occurring at high rates, the healthcare industry continues to be significantly impacted.

Read More

American Cancer Society, Meharry Team Up to Change the Narrative

Meharry Medical College is one of four HBCUs partnering with the American Cancer Society.

Read More

Navigating Cancer Care

Nashville startup Thyme Care is proving to be an innovator in the cancer navigation space.

Read More

ONcology Rounds

New treatments, research and leadership - Middle Tennessee has a lot going on in oncology care.

Read More

Reducing Surgical Site Infections in Orthopedic & Other Surgeries

Insights from a leading orthopedic trauma surgeon who recently visited Nashville for the Clinical Orthopaedic Society (COS) 2021 annual meeting in early November. Robert Harris, MD serves as First President-Elect for the COS.

Read More

HealthStream Preps the Workforce to Battle the Opioid Epidemic

Fanning the flames of emotional and physical pain, the global COVID-19 pandemic has added fuel to opioid use, driving the epidemic to new heights.

Read More

Fighting Addiction on All Fronts

Substance use disorder knows no racial, economic, sexual orientation, age or gender boundaries. Fighting it requires a concerted effort on all fronts.

Read More

Email Print
 
 

 

 


Tags:
Christopher Lyons, HIPAA Compliance, HITECH, Nashville Medical Group Management Association, NMGMA, OCR Audit, Privacy Notification, Security Breach, Sword & Shield
Powered by Bondware
News Publishing Software

The browser you are using is outdated!

You may not be getting all you can out of your browsing experience
and may be open to security risks!

Consider upgrading to the latest version of your browser or choose on below: