Archives     Advertise     Editorial Calendar     Subscribe     Contact Us    


NMGMA Ten Minute Takeaway: September 2016


 

The second Tuesday of each month, practice managers and healthcare industry service providers gather at KraftCPA headquarters for the monthly Nashville Medical Group Management Association (NMGMA) meeting.

During the September luncheon, Christopher Lyons, HCISPP, a consultant with managed security services company Sword & Shield Enterprise Security, discussed the HHS Office for Civil Rights (OCR) random audit program. In July, OCR notified 167 covered entities of their 'selection' to participate in HIPAA desk audits. Lyons said a similar selection process was slated to occur for business associates at the end of September.

He noted the desktop audits are limited to a subset of the Security, Privacy and Breach Notification rules. However, onsite audits, which resume in 2017, will evaluate against the comprehensive set of HIPAA compliance controls. Desk audits do have the potential to turn into onsite audits.

A couple of points to remember, Lyons said, is that OCR will not accept policies and procedures in a paper format so everything must be made available electronically. While full compliance is expected, Lyons added those being audited should "provide only what is requested."

One major tripping point that plagues many covered entities is privacy notifications. "Do you have privacy rules notices hanging on the walls in addition to handing them out in person?" Lyons asked the group. "And," he continued, "It must be posted conspicuously on walls wherever patients come in." Therefore, if there is a front and back entrance to the office, the notification must be hanging in both places. The policy has to be posted on the website, as well.

While it might seem like common sense, Lyons said the best advice is to curb visible annoyance at the amount of extra work an audit entails. Sarcasm, he noted, doesn't typically don't go over well. "Auditors hold your fate in their hand. They are human ... be nice," he counseled with a grin.

For more information on the OCR audits, go online to: hhs.gov/hipaa/for-professionals/compliance-enforcement/audit/index.html. There are a multiple resource links under the Phase 2 Audit heading.

The next NMGMA meeting is scheduled for October 11. For reservations or to learn more about the association, go online to nmgma.site-ym.com.

RELATED LINKS:

Sword & Shield Enterprise Security

 
Share:

Related Articles:


Recent Articles

Attacking the Dysfunction in Health Care

Read More

THA Honors 26 Hospital Leaders at Annual Meeting

Tennessee Hospital Association (THA) today honored 26 hospital administrators, employees and volunteers during its 2018 Annual Meeting. The awards luncheon was held at the Franklin Marriott Cool Springs.

Read More

AMA Announces Playbook to Successfully Adopt Digital Health

Best practices based on lessons learned from multiple sources are combined into an authoritative resource

Read More

PYA Publishes New White Paper: "Urgent Care Centers: A Solution to Overuse of Hospital Emergency Rooms--Valuation Considerations"

PYA, a national management consulting and accounting firm, recently released a white paper that offers insights on valuation considerations related to urgent care centers.

Read More

Corker: PEPFAR Reauthorization Bill Passes Committee, Extends Successful U.S. Program to Combat HIV/AIDS

U.S. Senator Bob Corker (R-Tenn.), chairman of the Senate Foreign Relations Committee, today praised committee passage of legislation he authored with U.S. Senator Bob Menendez (D-N.J.) to extend the President's Emergency Plan for AIDS Relief (PEPFAR) for another five years.

Read More

TDH Issues Public Health Advisory On Cannabis

Evidence, Known Harms Increase Concerns about Risks to Health

Read More

HHS Secretary Addresses Nashville Health Care Council Audience

On Thursday, Sept. 27, Health and Human Services Secretary Alex M. Azar II flew to Nashville to share thoughts and updates on healthcare coverage in America during a Nashville Health Care Council Event held at Lipscomb University.

Read More

The War Against Opioids in Pain Management

Awareness, innovative therapies are effective tools to manage pain and ward against addiction.

Read More

Designed to Disinfect: The Relation Between Interior Design & Infection Control

About one in 25 patients in America has at least one healthcare-associated infection (HAI) on any given day, according to the most recent statistics from the Centers for Disease Control and Prevention.

Read More

Physician Spotlight: Changing Minds

Acadia Healthcare CMO Michael Genovese, MD, JD, tackles misconceptions around mental health and addiction.

Read More

Email Print
 
 

 

 


Tags:
Christopher Lyons, HIPAA Compliance, HITECH, Nashville Medical Group Management Association, NMGMA, OCR Audit, Privacy Notification, Security Breach, Sword & Shield
Powered by Bondware
News Publishing Software

The browser you are using is outdated!

You may not be getting all you can out of your browsing experience
and may be open to security risks!

Consider upgrading to the latest version of your browser or choose on below: