Encrypt Mobile Devices & Clean Up Management Documentation Key HIPAA Compliance Messages In New HIPAA Settlements
“Encrypt your laptops and other mobile devices” is only one of the key lessons leaders of health plans, health care providers, health care clearinghouses (“Covered Entities”) and their business associates should take away from the Department of Health and Human Services Office for Civil Rights (OCR)’s April 22 announcement that Concentra Health Services (Concentra) and QCA Health Plan, Inc. of Arkansas (QCA) collectively are paying $1,975,220 under separate Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rule resolution agreements resulting from thefts of unencrypted laptops. Along with the importance of encryption, however, these Resolution Agreements also contain equally significant, more broadly applicable lessons to Covered Entities, business associates and their leaders about some of the specific processes, actions and documentation that OCR them to implement and be prepared to defend the adequacy of their HIPAA “culture of compliance” if they file a breach report or otherwise face a HIPAA audit or investigation from OCR.
Consequently, while confirming the adequacy of their organization’s existing encryption of laptops and mobile…
View original post 2,838 more words
ACA Does Little To Improve Factors Leading to Medical Debt Among People With Insurance
While helping underinsured Americans struggling to pay medical bills of family members facing serious or chronic illness was one of the goals touted by many supporters of the Patient Protection & Affordable Care Act (ACA), information about the sources of these struggles revealed in a new the findings of the new Kaiser Family Foundation report on Medical Debt Among People With Health Insurance (Report) suggests little will change for Americans that choose to enroll in health coverage through the ACA-created federal or state Health Insurance Exchanges
The Report explores the reasons that one in three Americans continue to report difficulty paying their medical bills. even when they have insurance, by drawing insights from the experiences of nearly two dozen people who recently experienced such problems. According to the Report, cost-sharing provisions like those incorporated into the…
View original post 1,602 more words
Hear Former White House Cybercrime Coordinator, Stamer, Other Leaders On HIPAA & Other Cybersecurity 5/21
SLP Readers Get Discount: Go to://securitysummitla.eventbrite.com/ and enter Promotional Code: Health_Summit_125
Former White House Cybersecurity Coordinator Howard Schmidt and Solutions Law Press, Inc. editor attorney Cynthia Marcotte Stamer are two of an impressive lineup of leaders scheduled to share key HIPAA & other privacy and data security compliance and risk management strategies at the Healthcare HITECH Privacy and Security Summit at the Fifth Annual Information Security Summit on May 21 in Los Angeles. The program offers essential insights for hospitals, physicians, and other health care providers, health plans and insurers, employers and other health plan sponsors, fiduciaries and administrators, their business associates and other business partners and others on what their organizations should do to cope with the rapidly changing and expanding privacy and data security obligations of HIPAA and other federal and state laws.
With the rapidly approaching and privacy and data breach penalties and enforcement rising, health care providers, health plans, health care clearinghouses and their business associates must get moving to update business associate contracts, policies and notices and processes to meet changing HIPAA rules while managing ongoing compliance and risks.
Former Cybersecurity Coordinator Schmidt Keynotes
The Healthcare HITECH Privacy and Security Summit will bring together leaders in Privacy and Security within government and private industry for a day of collaboration, networking and presentations by leading Privacy and Security professionals sharing who HIPAA covered entities and business associates need to know to comply with new HITECH rules and OCR investigations.
Stamer Speaks On Latest HIPAA Rules & Developments
Solutions Law Press, Inc. editor attorney Cynthia Marcotte Stamer will help lay the foundation for the workshop by briefing participants on changes made to HIPAA rules by the new Omnibus HIPAA Rulemaking changes that the Office of Civil Rights (OCR) plans to start enforcing in September, 2013.
Armed with the latest insights from serving as the scribe for the ABA JCEB annual agency meeting with the Office of Civil Rights (OCR), Ms. Stamer, a practicing attorney and widely published author and speaker, will discuss required changes and other recommended steps and strategies that covered entities and their business associates should take to maintain HIPAA compliance and manage HIPAA and other related risks in light of the Omnibus HIPAA Rulemaking changes, new OCR guidance for health care providers about disclosures to avert threats to health or safety, recent audit and enforcement activities and other changing risks and responsibilities including:
The latest on OCRâ€™s regulatory guidance, audit and investigation and enforcement rules, actions and strategies and their implications on covered entities and business associates;
Changes to breach notification rules and their implications on covered entities and their business associates;
Practical implications of new rules on who is covered and their responsibilities;
Required and recommended updates to policies, business associate and other agreements, privacy notices and other HIPAA compliance arrangements;
Effective training and other risk management strategies;
Planning for, investigating and mitigating PHI privacy breaches and other compliance concerns under new rules other selected events; and
Other selected strategies for coordinating HIPAA and other privacy and data breach responsibilities and risk management; and
For a complete agenda, to register, to get details on sponsorship or for other information, see here.
For More Information Or Assistance
If you need assistance reviewing or responding to these or other health care related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, may be able to help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 25 years experience advising health industry clients about these and other matters.
A board certified labor and employment attorney widely known for her extensive and creative knowledge and experience with health plan privacy and data security matters, Ms. Stamer serves as the scribe for the ABA JCEB Annual Technical Session meeting with OCR each May and has worked, spoken and published extensively on these and other privacy and data security concerns and controls. Extensively published and a popular speaker on HIPAA and other data security matters, Ms. Stamer works extensively with health care providers, health plans, employers, insurance and financial services, technology and other clients on privacy, data seurity and other privacy and cybercrime concerns. She also serves as the Scribe for the ABA JCEB Agency Techical Sessions Meetings with the Office of Civil Rights which occur each May in Washington, D.C.
Ms. Stamer has extensive experience advising and assisting health care providers and other health industry clients to establish and administer compliance and risk management policies and to respond to DEA and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns including a number of programs and publications on OCR Civil Rights rules and enforcement actions. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. You can get more information about her health industry experience here. If you need assistance with these or other compliance concerns, wish to ask about arranging for compliance audit or training, or need legal representation on other matters please contact Ms. Stamer at (469) 767-8872 or via e-mail here.
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information â€“ including your preferred e-mail â€“ by creating or updating your profile here. For important information about this communication click here.
About Solutions Law Press
Solutions Law Pressâ„¢ provides business risk management, legal compliance, management effectiveness and other resources, training and education on human resources, employee benefits, compensation, data security and privacy, health care, insurance, and other key compliance, risk management, internal controls and other key operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press resources including:
- New Children’s Electronic Health Record Format Shared
- OCR’s Long-Anticipated Omnibus HIPAA Privacy, Security, Breach Notification & Enforcement Rule Tightens Privacy Requirements, Require Action
- OCR Gives Providers Guidance On HIPAA Safety Disclosures
- ONC-Authorized Certification Bodies & Accredited Testing Labs Scope Expansion for 2014 Edition Testing & Certification
- OCR Pops Idaho Hospice In 1st HIPAA Breach Settlement Affecting < 500 Patients
- OIG Recommends CMS, ONC Tighten EMR Incentive Program Rules To Improve Oversight
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here.
THE FOLLOWING DISCLAIMER IS INCLUDED TO COMPLY WITH AND IN RESPONSE TO U.S. TREASURY DEPARTMENT CIRCULAR 230 REGULATIONS. ANY STATEMENTS CONTAINED HEREIN ARE NOT INTENDED OR WRITTEN BY THE WRITER TO BE USED, AND NOTHING CONTAINED HEREIN CAN BE USED BY YOU OR ANY OTHER PERSON, FOR THE PURPOSE OF (1) AVOIDING PENALTIES THAT MAY BE IMPOSED UNDER FEDERAL TAX LAW, OR (2) PROMOTING, MARKETING OR RECOMMENDING TO ANOTHER PARTY ANY TAX-RELATED TRANSACTION OR MATTER ADDRESSED HEREIN. ©2013 Cynthia Marcotte Stamer, P.C. Non-exclusive license to republish granted to Solutions Law Press. All other rights reserved.
ONC is sharing resources to help health care providers see the value of and effectively incorporate and use active patient problem lists as part of the electronic health records systems (EHRs).
Meaningful Use Core Measure 3 calls for physicians and other eligible professionals to design their electronic health record systems to incorporate and maintain an up-to-date problem list of current and active diagnoses of patients.
The Office of the National Coordinator for Health IT (ONC) today (November 8, 2012) announced the release of the Wave 7 2014 Edition Draft Test Methods (test procedures, tools, and applicable test data and files). To review the 2014 Edition draft Test Methods, visit the 2014 Edition Draft Test Procedures webpage. As a follow up to this announcement, ONC is inviting interested parties to participate in a public workshop on the ONC HIT Certification Program and 2014 Edition Test Methods on Tuesday, November 13th, 9AM-4:30PM EST.
The Test Procedures announced today are the latest in a series ONC has issued recently. ONC says all Test Methods will undergo public review and comment before being finalized and approved by ONC for use in testing and certification. ONC typically allows a two week period of public review and comment from the date posted for public review and comment on each Wave.
In keeping with this process, ONC is inviting interested persons to submit comments and suggestions to ONC.Certification@hhs.gov. All submissions should include “2014 Test Methods” in the subject line. ONC asks that parties submitting input to be as specific as possible in their comment submissions.
ONC says it expects the final set of Test Methods to be available for use in early 2013.
To help interested parties stay informed about the Test Messages, ONC also announced today it will host a virtual public workshop on the ONC HIT Certification Program and 2014 Edition Test Methods on Tuesday, November 13th, 9AM-4:30PM EST. According to ONC, the topics to be covered include 2014 Test Procedures, Test Tools, Test Data, ONC Timeline, and the Certified Health IT Product List (CHPL). ONC says additional details regarding access and agenda will be forthcoming. Watch the ONC website.
For Help With Monitoring Developments, Compliance, Investigations Or Other Needs
If you need help reviewing or commenting on the Tests Procedures or monitoring or responding to these or other health care or health IT related risk management, compliance, enforcement or management concerns, the author of this update, attorney Cynthia Marcotte Stamer, can help. Vice President of the North Texas Health Care Compliance Professionals Association, Past Chair of the ABA Health Law Section Managed Care & Insurance Section and the former Board Compliance Chair of the National Kidney Foundation of North Texas, Ms. Stamer has more than 24 years experience advising health industry clients about these and other matters. Ms. Stamer has extensive experience advising and assisting health care providers, health plans, their business associates and other health industry clients to establish and administer medical privacy and other compliance and risk management policies, to health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. She regularly designs and presents HIPAA and other risk management, compliance and other training for health plans, employers, health care providers, professional associations and others.
Ms. Stamer also regularly works with OCR and other agencies, publishes and speaks extensively on medical and other privacy and data security, health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her publications and insights appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, World At Work, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications. For instance, Ms. Stamer for the second year will serve as the appointed scribe for the ABA Joint Committee on Employee Benefits Agency meeting with OCR. Her insights on HIPAA risk management and compliance frequently appear in medical privacy related publications of a broad range of health care, health plan and other industry publications Among others, she has conducted privacy training for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, the American Bar Association, the Health Care Compliance Association, a multitude of health industry, health plan, insurance and financial services, education, employer employee benefit and other clients, trade and professional associations and others.
You can get more information about her HIPAA and other experience here.
Other Recent Updates & Resources
If you found this information of interest, you also may be interested in the following recent updates on health care, health plan and employee benefits, human resources and other risk management and compliance matters. Recent examples on health care compliance and risk management matters include:
- Health Care Providers Warned To Raise Defenses As Feds Charge 91 Individuals Bilked Medicare For Approximately $430 Million
- Recent OIG Audit Reports Provide Insights Where Fraud Audits Likely To Look Next
- Hospital Chain HCA Inc. Pays $16.5 Million to Settle False Claims Act Allegations That Hospital
- Detroit-Area Doctor Charged for Role in Alleged $40 Million Medicare Fraud Scheme
- Five More Individuals Charged in Detroit for Alleged Roles in $24.7 Million Medicare Fraud Scheme
- With Risks Rising, Listen To 9/19 OCR Webinar On Civil Rights Enforcement In Health Care
- Massachusetts Ear Group To Pay $1.5 Million To Resolve HIPAA Charges
- Personal Consumer Information Protection In Health Care Operations Topic of Stamer’s 11/1 Speech
- ONC Releases First Wave of EHR Test Procedures; More To Come
- OCR Releases HIPAA Compliance Training Tool As Enforcement Risks Rise
- Health Care Orgs Disability Exposure High As $475K Paid To Settle Justice Department Charges Medical Fitness Screenings of EMTs, Others Violated ADA
- HIPAA & Texas Require HIPAA Training! Register for 8/14 HIPAA Update Workshop Now
- HHS/DOJ Partner With Private Health Plans To Further Ramp Up Health Care Fraud Heat!
- AHRQ Issues New Guide for Use of Interactive Preventive Care Record
- Nextcare Inc. $10 Million False Claims Act Settlement Shows Qui Tam Role In False Claims Act Prosecutions
For additional resources and publications training materials by Ms. Stamer, see here.
If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile here. For important information concerning this communication click here. If you do not wish to receive these updates in the future, send an e-mail with the word “Remove” in the Subject to here.
©2012 Cynthia Marcotte Stamer, P.C. nonexclusive license to republish granted to Solutions Law Press, Inc. All other rights reserved.
Here’s the latest from the National Institutes of Health Health Information Spotlight: