Viewing entries tagged
Healthcare compliance

Mining and Sharing Healthcare Data: What you need to know

Mining and Sharing Healthcare Data: What you need to know

New technologies in healthcare means new risk to the security and privacy of patient health data. Though most healthcare companies and providers are aware of the need for internal data security, many may not be in compliance when sharing information with third parties. As providers and vendors find new and innovative ways to work together, the need for data sharing will only increase. It is critically important that all parties know when and how protected health information (PHI) is shared, and when patient authorization is required to do so.

OCR Shifts Focus to HIPAA Compliance Enforcement

OCR Shifts Focus to HIPAA Compliance Enforcement

In October, The Health and Human Services Office for Civil Rights (OCR) shared that future health-care privacy and security audits will shift from an educational focus to an enforcement focus. Previously, OCR performed these audits to educate providers on patient privacy and HIPAA. But now, the priority is enforcement. Instead of relying on complaints and breach notifications, the OCR will be more proactive in identifying problem providers. It’s important for all healthcare provider entities to have a HIPAA compliance plan actively in use. (We can help!)

Reimbursement and Practical Considerations for House Call Practices

Reimbursement and Practical Considerations for House Call Practices

Are you thinking about starting a new house call practice? There will be things you need to prepare for (and budget for), so Nixon Law Group compiled this information. Note that major concerns include whether commercial clients can reimburse, what kinds of safety needs there are, and Medicare requirements for a “practice location.” Read more below and feel free to contact us with questions!

New HHS Fact Sheet on Direct Liability of Business Associates under HIPAA

New HHS Fact Sheet on Direct Liability of Business Associates under HIPAA

As all health care providers know, the HIPAA Privacy Rule applies to their practice. But because many providers outsource some of their health care activities and/or functions, the HIPAA Privacy Rule also applies to these “business associates".” It is important that providers have assurances in writing that all business associates are appropriately safeguarding patient information and following all HIPAA provisions. The HHS Office for Civil Rights has issued a new fact sheet that lays out all provisions where the business associate would be held directly liable for HIPAA Rule violations.

Prepare Against Phishing Attacks!

Prepare Against Phishing Attacks!

We like to find interesting tips and tricks to help our clients improve their health data security. This infographic from Inspired eLearning on "phishing" schemes covers the most common types of phishing attacks, including via email, phone call, text message, or USB baiting.  Read on to learn about how these attacks can occur, common statistics, and prevention tips.

Should I Self-Disclose a Stark or AntiKickback Violation?

Should I Self-Disclose a Stark or AntiKickback Violation?

On September 27, 2018, the Department of Justice (“DOJ”) for the first time announced its own “road map” guiding voluntary self-disclosures and cooperation with government investigations of fraud and abuse in the healthcare industry. By encouraging self-disclosure, the government is incentivizing healthcare entities to come forward early with reports of violations in the hope of negotiating reasonable settlements, avoiding exclusion from Federal healthcare programs, and reducing the severe civil and criminal penalties that would otherwise be imposed for such violations.