Entries by

HIPAA Compliance Lessons Learned from OCR Civil Monetary Penalties

$70,000. That was the amount of one Office of Civil Rights (OCR) Civil Monetary Penalty (CMP) for non-compliance with HIPAA. To date, there have been 20 CMPs issued by OCR. Don’t be the next healthcare provider to be faced with a fine. All it takes is due diligence and a commitment to rigorous compliance. So […]

Patient Right of Access: Six lessons learned from some of OCR’s most recent civil monetary penalties

Ease of access. It’s what every patient deserves when it comes to their protected health information. It’s also what’s legally required of covered entities under HIPAA. Yet many healthcare providers—particularly small facilities, physician practices, and behavioral health providers—continue to make mistakes, resulting in thousands of dollars in civil monetary penalties (CMP) from the Office for […]

The 5 T’s of a Best-in-Class HIM Compliance Program

In response to the urgent need to address COVID-19, the Centers for Medicare and Medicaid Services (CMS) has introduced multiple policies to allow providers the flexibility to focus attention on care delivery. One such type of flexibility is the 1335 waiver, which allows CMS to waive sanctions and penalties against a covered hospital for certain […]

Location, location, location – 5 Things to Consider When Evaluating At-home vs. On-site Staff

As we start to see states across the U.S. begin to lift COVID-19 shelter-in-place or self-quarantine directives, our focus will naturally shift to so many unknowns. What is our new normal? What will our organizations look like? How will our teams and staff be impacted? Honestly, we cannot even begin to fully appreciate how many […]

How transparent is your relationship with your business partners?

This is the question that every covered entity should ask themselves on a daily basis. Building and maintaining trust is a key objective for any healthcare provider, or any business for that matter. It’s especially important for entities that hold protected health information (PHI) to craft a compelling message about their security and privacy. As […]