Tag Archives: HIPAA audit

Featured, HIPAA, News and Blog

The Top (10) items to have ready for a HIPAA Auditor

Leave a comment

 

With the sweeping changes that came forth as a result of HIPAA Omnibus Rule (due in place in all healthcare facilities by September 23, 2013), there are some definite items you will want to have ready for any impromptu HIPAA audit. As of January 2014, a federal HIPAA taskforce has been out and about enforcing the new HIPAA Omnibus Rule. Non-compliance can get you into hefty fines (ranging from $10K-1.5M) and a HIPAA audit that can range from 3 – 18 months’ time, continually managed by the HIPAA auditor. Don’t get caught unprepared!

Here are our top 10 recommendations to be looking good during any audit.

1.   Have your team trained to HIPAA Omnibus Rule Standard with proof-of-training

2.   Have a new HIPAA manual written to the new Omnibus Rule Standard

3.   Have required Business Associates Agreement signed by your vendors and on file

4.   Update and utilize a new Patient Acknowledgement Form written to the New Omnibus Rule Standard

5.   Display the new Notice of Privacy Practices in your office and on your website

6.   Complete your Data Backup and Contingency Plan in written format

7.   Make sure you are encrypting outgoing email

8.   Make sure your data backup is offsite and encrypted (cloud off site streaming is preferred)

9.   Implement all protocols regarding Protected Health Information (PHI) within your office

10.Get help from an expert HIPAA coaching service if you are overwhelmed

 

 

Don’t wait for that dreaded phone call or visit from a Federal HIPAA Auditor, make sure you choose a HIPAA coaching service that will give you comprehensive training protocols. We love the comprehensive 2014 HIPAA Omnibus Rule Complete Compliance Package.  Get hip to HIPAA, it’s the law!

Written by Jill Obrochta and Heather Whitt

Featured, HIPAA, News and Blog

Top (6) HIPAA Finable Offenses

Leave a comment

Is your dental office ready for a HIPAA Audit?  Do you know what HIPAA Auditors will be looking for within your dental office?

HIPAA laws all changed as of September 23, 2013.  The new HIPAA Omnibus Rules can be overwhelming, confusing and difficult to implement. 

It’s important to get your entire team trained up on these new HIPAA Omnibus Rules and also be aware of what HIPAA Auditors will be checking for at your dental office.  Finding a HIPAA Compliance Training Company that will provide comprehensive insight on these new HIPAA laws is critical.  Listed below are HIPAA Auditors top (6) favorite finable HIPAA offenses:

1.        Implementing all new HIPAA Omnibus Rules within your office— This means having all new forms and written policies to the new HIPAA Omnibus Rule standard in place and functioning within your dental office.  This will include:  new Patient Forms, New Proof-of-Employee Training and even new Vendor Confidentiality Agreements to protect your patient’s private information.

2.       New HIPAA Manual written to the new Omnibus Rule Standards— With HIPAA laws changing to this new Omnibus Rule Standard all of your HIPAA  required forms and policies within your HIPAA Manual will need to be revised and updated.  Best to update and obtain a new one.  Also, keep in mind that several forms will need to be updated for patients, employees and vendors with regards to HIPAA.

3.       New HIPAA Omnibus Rule Forms— As aforementioned, you will need new forms for all patients to sign, a new notice of these HIPAA Omnibus Rules, and Business Vendors as well as Employees will need proof-of-acknowledgement that they understand how to handle and protect Patient Protected Heath Information (PHI).

4.       Daily Data Back-Up & Contingency Requirements—  This is a grey area that leaves a lot to interpretation.  But it is also one of the first areas that a HIPAA Auditor will look into.  Make sure you understand how to best have your data backed-up to the standard:  “Off-Site & Encrypted”.  Best Practices will have you backing up to a cloud that is either “live-cloud streaming” or “snapshot” of your important business and patient data.  Talk to a HIPAA internet expert to make sure you get this one right!

5.       Encryption on Out-Going Emails from your office— If your office uses outgoing email accounts like:  Gmail, Hotmail, Yahoo or Aol, and you send patient info within these emails, you will need to add an encryption software to your outgoing emails.  Your current dental software provider,  dental supplier or IT tech can help you secure this HIPAA required service.  Good news is that is does not cost much.  Usually just $2-$3 per month.

6.       Updates to your Microsoft XP Software— As of April 8, 2014 dental offices using Microsoft XP will no longer be HIPAA compliant.  Microsoft will stop providing free updates forcing dental offices to comply with the new Federal Standards.   If you are using computers within your dental office, you must have HIPAA compliant software operational within your office.  Upgrading to Windows 7 or 8 will do the trick.  These are written to the new HIPAA compliance standard.  

How do you feel now?  Are you HIPAA Auditor ready?  If not, stop stalling!  Find a HIPAA Expert that can help you scrutinize your HIPAA protocols and provide all of the forms, training and guidance you will need.  Get “hip” to the new HIPAA Omnibus Rules.

Written by Jill Obrochta and Heather Whitt of Dental Enhancements.