Tag Archives: HIPAA Omnibus Rule

Featured, HIPAA, News and Blog, OSHA

Dental office OSHA and HIPAA – WHAT’S REQUIRED?

Leave a comment

If you don’t know the answer to this question, you are in for a surprise! You are not the only one in the dark regarding compliance deadlines when it comes to OSHA and HIPAA. Let us enlighten you.

Let’s begin at the beginning! Annual OSHA Employee Training is required for Federal OSHA compliance, this you may already know.

In addition to that, there was an International Chemical Safety Module added last year called The Global Harmonization System Law (GHS). It is in fact, is a completely separate training requirement from Annual OSHA Employee Training. Not to worry, don’t be overwhelmed, help is available. There are easy, affordable options to help you achieve the GHS training requirement. Selecting the right training program is key! You want a comprehensive, yet simple program (with hand-holding if necessary). Be sure you choose a company that will walk you through the process and provides outstanding service as well.

If that isn’t enough to make your head spin, there’s more! HIPAA has completely changed as of last year. The new protocols are called HIPAA Omnibus Rule. All training and implementation of new protocols were due in place by September 23, 2013. Dental offices now need to be compliant to the Omnibus Rules. This involves employee training and new patient forms, as well as a new HIPAA manual written to the new Omnibus Rule Standard. Again, choosing a user-friendly compliance training program is key! Choosing a compliance company that will walk you through this process, provide ready-to-use forms and easy-to-understand training is paramount. HIPAA compliance is very complex and overwhelming on its own. Don’t try to navigate this slippery slope on your own, help is only a phone call away! For a free HIPAA consultation for your dental office, call 941-587-2864.

Written by Jill Obrochta and Heather Whitt of Dental Enhancements

 

Featured, HIPAA, News and Blog

Dental office: HIPAA- what paperwork is required?

Leave a comment

 

So you are in charge of HIPAA Compliance for your dental office, now what? If you are wondering where to even start, you are not alone. Knowing what paperwork is required is imperative (and it is extensive!) As of September 23, 2013, federal HIPAA Law was updated to the new Omnibus Rule Standard. 580 pages of revised HIPAA law. You may feel overwhelmed, but there are options to make implementing  HIPAA Omnibus Rule protocols within your dental practice smooth and successful. All of your current HIPAA forms will need to change, and you are responsible for adding a few more! Choosing a HIPAA expert that provides ready-to-use forms is priceless! If you are in charge of making your own HIPAA forms, that is a daunting task. If you do not want that headache and responsibility, you absolutely should choose a HIPAA compliance training company that will create and provide all the forms for you compliant to Omnibus Rule. Training you and all of your employees to HIPAA Omnibus Rule Standards is also imperative. You’ll also need a new  HIPAA manual written to Omnibus Rule. So back to forms, what is required?

1.    New Employee and Business Associate Confidentiality Agreements

2.    New Patient Acknowledgement Forms, Omnibus Rule Compliant

3.    New Notice of Privacy Practices disclosed

4.    Third Party Release Form for Medical Records

5.    Many others

6.    A new HIPAA manual written to Omnibus Rule Requirements

 

Don’t fret. Instead, choose a HIPAA compliance company that specializes in helping dental offices get completely HIPAA Omnibus Rule compliant. Hip hop over to check out this HIPAA Omnibus Rule Complete Package, it’s our favorite!

 

Written by: Jill Obrochta and Heather Whitt of Dental Enhancements

Featured, HIPAA, News and Blog

The Top (10) items to have ready for a HIPAA Auditor

Leave a comment

 

With the sweeping changes that came forth as a result of HIPAA Omnibus Rule (due in place in all healthcare facilities by September 23, 2013), there are some definite items you will want to have ready for any impromptu HIPAA audit. As of January 2014, a federal HIPAA taskforce has been out and about enforcing the new HIPAA Omnibus Rule. Non-compliance can get you into hefty fines (ranging from $10K-1.5M) and a HIPAA audit that can range from 3 – 18 months’ time, continually managed by the HIPAA auditor. Don’t get caught unprepared!

Here are our top 10 recommendations to be looking good during any audit.

1.   Have your team trained to HIPAA Omnibus Rule Standard with proof-of-training

2.   Have a new HIPAA manual written to the new Omnibus Rule Standard

3.   Have required Business Associates Agreement signed by your vendors and on file

4.   Update and utilize a new Patient Acknowledgement Form written to the New Omnibus Rule Standard

5.   Display the new Notice of Privacy Practices in your office and on your website

6.   Complete your Data Backup and Contingency Plan in written format

7.   Make sure you are encrypting outgoing email

8.   Make sure your data backup is offsite and encrypted (cloud off site streaming is preferred)

9.   Implement all protocols regarding Protected Health Information (PHI) within your office

10.Get help from an expert HIPAA coaching service if you are overwhelmed

 

 

Don’t wait for that dreaded phone call or visit from a Federal HIPAA Auditor, make sure you choose a HIPAA coaching service that will give you comprehensive training protocols. We love the comprehensive 2014 HIPAA Omnibus Rule Complete Compliance Package.  Get hip to HIPAA, it’s the law!

Written by Jill Obrochta and Heather Whitt

Featured, HIPAA, News and Blog

HIPAA Audits: Fact or Fiction?

Leave a comment

Is Mr. HIPAA Auditor really out there enforcing compliance? The fact is, he may be closer than you think. With the sweeping changes regarding HIPAA Omnibus Rule, tolerance for non-compliance is next to zero. If you have not completed your training to Omnibus Rule Standard, you may be in the dark, but ignorance in this case is NOT bliss! There are numerous forms, extensive protocols that were due in place in your dental office by September 23, 2013. There is no grace period, and there is no “I’ll get to later” attitude tolerated. This is a pressing issue and should be a priority- NOW! The key to a smooth transition into HIPAA Omnibus Rule compliance is a comprehensive, economical, and easily implemented HIPAA Omnibus Rule Training Program. Seeking this training from a reputable,  knowledgeable company is a must.

Still not convinced this should be priority one in your dental office? Not sure if compliance to HIPAA Omnibus Rule is actually enforced? Allow us to present to you some recent actions as a result of non-compliance according to HHS.gov:

 

1.   “The Hospice of Northern Idaho (HONI) has agreed to pay the U.S. Department of Health and Human Services (HHS) $50,000 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule.  This is the first settlement involving a breach of unsecured electronic protected health information (ePHI) affecting fewer than 500 individuals.”

2.   Alaska Department of Health and Human Services (DHHS) has agreed to pay the U.S. Department of Health and Human Services’ (HHS) $1.7 million to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule.  Alaska also agreed to take corrective action to improve policies and procedures to safeguard the privacy and security of its patients’ protected health information. OCR’s investigation followed a breach report submitted by Alaska DHHS as required by the Health Information Technology for Economic and Clinical Health (HITECH) Act.  The report indicated that a portable electronic storage device (USB hard drive) possibly containing ePHI was stolen from the vehicle of a DHHS employee.  Over the course of the investigation, OCR found that DHHS did not have adequate policies and procedures in place to safeguard ePHI.  Further, DHHS had not completed a risk analysis, implemented sufficient risk management measures, completed security training for its workforce members, implemented device and media controls, or addressed device and media encryption as required by the HIPAA Security Rule.”

3.   Idaho State University (ISU) has agreed to pay $400,000 to the U.S. Department of Health Human Services (HHS) for violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule.  This settlement involves the breach of unsecured electronic protected health information (ePHI) of 17,500 individuals who were patients at an ISU clinic.”

 

If you think your practice is under the radar, think again! HIPAA audits can be kicked-off by disgruntled employees, HIPAA-savvy patients, or perhaps another healthcare provider who may make a complaint. The government is obligated to investigate every complaint, even if suspected untrue.

HIPAA Omnibus Rule is not going to go away, a HIPAA compliance company that will guide you through the twists and turns of compliance will be your greatest asset to protect your practice. Look for a compliance training company that will be your advocate in this cumbersome process. A company that will make compliance easy and stands by you when you need them to. Don’t leave yourself open and ripe for the picking!

 

Written by Jill Obrochta and Heather Whitt of Dental Enhancements

 

Featured, HIPAA, News and Blog

Dental Office HIPAA: 3 Key Factors to Success

Leave a comment

 

Creating a HIPAA Compliance Program for your dental office can be an arduous task.  Just thinking about implementing the new HIPAA Omnibus Rules can be intimidating to say the least.  And yes, HIPAA all changed as of September 23, 2013.  So if you did not yet update your HIPAA Program to the new Omnibus Rule Standards, take-heed to our key recommendations for implementing a successful present-day HIPAA program.   Reading the information below can make the difference between complete, comprehensive HIPAA Omnibus Rule Compliance and a “heaping HIPAA mess”….

 

1.   Comprehensive is Key:  Last September (2013), Federal HIPAA laws all changed.  Make sure to choose a comprehensive HIPAA training solution.  Implementing this without professional guidance may leave too many loose ends.  These new laws are very precocious!  Be sure your program includes:  Employee Training, An new HIPAA Manual (written to Omnibus Rule Standards), Required Paper work for your Employees & Business Vendors, a Breach Reporting Protocol and new updated paperwork for patients too. Note that the new HIPAA law standards may be referred to as either “the Omnibus Rules” or “the Final Rule”.  Choose a program that reflects such.

 

2.   Work with HIPAA Experts:  Make your life easier by choosing experts in this new area of HIPAA law.   One that has had legal guidance when writing their program.  Be sure that your HIPAA coaches will also offer updates to their program and that they can speak to all of the new Omnibus Rules with finesse.

 

3.   Create a Relationship with your HIPAA Coach Be sure you can relate and interact with your new HIPAA coaches with ease.  This subject matter is convoluted and complicated enough!  You want to be sure you have an ally in the HIPAA Coach that you choose, not a heavy militant approach.  Be sure that your HIPAA Guide can make themselves available via phone or email to answer questions and make clarifications as you implement these new cumbersome protocols.

 

HIPAA…It’s the new OSHA!  But the new HIPAA laws are even more intense and expensive.  Don’t be caught off-guard or out-of-sync. Get hip with a comprehensive HIPAA solution.

 

Written by Jill Obrochta & Heather Whitt of Dental Enhancements.