Tag Archives: HIPAA
Posted on 25. Aug, 2010 by jennifer.godreau.
CMS says keep patient medical records for 6 years.
Medical practices often hear conflicting advice regarding how long they must hang on to a patient’s medical records, but CMS intends to clear up any misinformation with new MLN Matters article SE1022, issued this month.
Although many physicians follow state laws when determining whether they can discontinue retaining a patient’s records, it’s important to keep in mind that you must hang into the patient’s records for at least six years, according to HIPAA laws. If your state requires
Posted on 31. Jan, 2010 by .
The Health Insurance Portability and Accountability Act (HIPAA) has been around for awhile, but now more than ever, you need to make sure your practice keeps patients’ protected health information (PHI) private and secure.
Eye opener: HITECH, a part of the ARRA stimulus bill passed last year, raises the fines providers must pay if they are responsible for a PHI breach and fail to notify people affected. HITECH also allows state prosecutors to use the federal HIPAA law to prosecute breaches on their own. And the Attorney General in Connecticut is already trying his hand at enforcing HIPAA penalty provisions for security violations.
This past month, AG Richard Blumenthal sued Health Net, a health plan, for breaching private patient medical records and financial information involving 446,000 of its enrollees. To make matters worse, Health Net didn’t notify enrollees about the breach until 6 months after a portable disk drive containing their PHI was stolen from the plan’s corporate office, Blumenthal alleges. Data on the drive was unencrypted, and included sensitive information like social security numbers and bank account numbers.
Posted on 29. Oct, 2009 by .
Not enough hours in the day? Are you always looking for ways to save time? Many medical offices report that sending out new patient packets in advance of the patient’s visit greatly reduces the number of incidents at patient check-in and saves time.
“Normally, it would take patients 15-plus minutes to complete the forms,” says Stephanie Mayer, front desk receptionist for a pediatrician in Queens, NY. “Also, there is the distraction of other patient activity in the waiting room, which could keep patients from concentrating on forms they are supposed to complete.”
Put forms online
If you are not already doing so, talk to your practice administrator about putting new patient packets online.
“Sending or having a patient access our packets from our Web site gives the patient the opportunity to input the information leisurely and accurately, and if needed, the time to research dates, reference medications, and obtain past medical history, says Suzanne E. Keith, practice administrator at Michael W. Goodman, MD, PC, in Chattanooga, TN. “Also, bringing or e-mailing the information in advance allows our office to make a chart and reduces the patients’ wait time.”
Posted on 15. Sep, 2009 by .
New, standardized reports will show you why your claim was rejected and how to fix it.
You’ve got a few years to implement the HIPAA 5010 form, but CMS wants to make sure you’re completely ready by the time it takes effect on Jan. 1, 2012.
The 5010 form, which will make way for the ICD-10 code set, increases the field size for diagnosis codes from five bytes to seven bytes, allowing for ease of use once the ICD-10 transition occurs. But it also includes other changes that you’ll need to know about.
For instance: Once the 5010 goes into effect, you’ll have to get familiar with the potential claims rejection notices.
Posted on 04. May, 2009 by .
Information that does not identify an individual is considered “deidentified.” That means the data is no longer PHI and isn’t subject to the same rules as identifying health information. Think June Thompson in Tulsa (identified) versus white female in Oklahoma (deidentified).
Use this chart to easily recognize and remove patient identifiers from your e-mail. Tip: Distribute the list to all employees with e-mail access. Tell them that any information in their message that also appears in this list must be removed before they click ‘Send.’
Please click “Continue Reading” to see your deidentification checklist.
Posted on 24. Apr, 2009 by .
The scenario: A patient in your financial planner’s office gets too good a look at the planner’s computer screen, which includes other patients’ information. How do you prevent future leaks like this?
The resolution: Use this checklist to help you catch HIPAA violations and track problem areas in your medical office. For each item listed, check whether you observed the activity, the number of occurrences, and any pertinent comments.
• Staff discusses confidential information in public areas.
• Conversations with patient or family regarding confidential information are held in public areas.
• Overhead and intercom announcements include confidential information.
Posted on 21. Apr, 2009 by .
Think the employees at your practice or facility know how to stop an Internet scam in its tracks? Think again. You must educate your staff members on how to react to even the simplest virus or hoax, or risk leaking your patients’ PHI to hackers and identity thieves.
Strategy: Distribute a “Do’s & Don’ts” tip sheet similar to the one below to all your regular e-mail or Web users. Tell them to refer to the sheet each time they spot a suspicious e-mail or are contacted by companies claiming to need personal data, advises Elisabeth Derwin, an information technology specialist with Bennet Health System in San Francisco.
Posted on 05. Mar, 2009 by .
The government’s stimulus bill,known as the “American Recovery and Reinvestment Act of 2009″ (ARRA), strengthens the HIPAA requirements that practices face, increasing penalties for privacy breaches, and creating restrictions on how you can share protected health information (PHI).
Important: The bill will require your practice’s business associates to implement policies that establish administrative and technical safeguards; those associates could face fines or penalties if they breach the HIPAA rules.
Posted on 24. Feb, 2009 by .
The stimulus bill that’s gotten so much press recently offers potentially huge paydays for medical practices, and we’ve got the numbers for you.
The American Recovery and Reinvestment Bill of 2009 (ARRA) has some good news for medical practices across the country–over $25 billion will go toward healthcare initiatives.
Opportunities for Cash: The stimulus bill will offer annual bonuses for five years to physicians who participate in the federal healthcare programs (such as Medicare) that use meaningful electronic health records (EHRs).
Posted on 04. Feb, 2009 by .
Because physician practices submit claims to Medicare, the government has a lot of information to share about the individual doctors you code for. And that information should be used for a ratings system available to the public, argues a group called Consumers Checkbook. In 2007, a federal court agreed.
Hold up, said an appeals court this week. The appeals court sides with the feds, who want to keep individual providers’ Medicare data out of any public ratings system. Some doctors applaud the appeals court ruling, arguing that freely available individual Medicare data would compromise patient privacy and could easily be misinterpreted … More …