Defining Covered Entities, Business Associates, and HIPAA Breaches

By Jill Brooks, MD, CHCO and Julie Sheppard, BSN, JD, CHC
Are you a covered entity? HIPAA defines a covered entity as one of the following: healthcare provider who transmits transactional information in an electronic form; health plan; or healthcare clearinghouse. Most providers are covered entities, managing insurance-related transactions electronically, like submitting claims to a health plan. Covered entities have several requirements under HIPAA, such as managing the business associate relationship and complying with the breach notification rule.

OIG Exclusions Database: The List of Excluded Individuals and Entities

By Jill Brooks, MD, CHCO and Julie Sheppard, BSN, JD, CHC
The Exclusion Statute is one of five major federal fraud and abuse laws. Exclusion is an administrative remedy that is in the form of a penalty imposed on a provider. You may have never heard of it or have only recently become aware of it, but Congress first mandated exclusion of practitioners convicted of program related crimes from participation in Medicare and Medicaid in 1977.

Social Media & Mobile Technology in the Healthcare Setting

By Angela Vest, BS, JD Candidate 2016
When faced with social media and mobile technology that appears everywhere, what’s a healthcare provider to do? HIPAA no longer allows the healthcare provider to ignore the quickly evolving world of social media and mobile technology. The risk of exposure to large fines and possible criminal or civil liability means you must learn how to effectively manage it to keep your protected health information (PHI) confidential.

Fall 2015: The State of Healthcare Compliance Management Survey

By First Healthcare Compliance
During the latter two weeks of September 2015, an online survey was conducted by Marketing Matters on behalf of First Healthcare Compliance to learn more about the current state of healthcare compliance management from those involved in compliance. This executive summary reports the results and findings from the survey.

New DOJ Investigative Measures Target Individuals for Corporate Misconduct: The Yates Memo

By Sheba E. Vine, Esq.
On September 9, 2015, the Department of Justice (DOJ) Deputy Attorney General Sally Yates released a policy memorandum, titled “Individual Accountability for Corporate Wrongdoing,” also known as the “Yates Memo.” Essentially, the Yates Memo shifts the DOJ’s approach to fighting corporate fraud and misconduct by focusing its investigative efforts on those individuals within a corporation who perpetrated wrongdoing. To this end, the Yates Memo sets out six new guidelines for DOJ attorneys to adopt in pursuing civil and criminal claims against culpable individuals.

HIPAA Breaches Continue to Rise: Avoid Becoming a Casualty

By Jill Brooks, MD, CHCO and Katelyn Byrne, BSN, RN
2015 breach reports for HIPAA have already surpassed the 100 mark with 110 reported June YTD. The average total cost of a data breach
is $3.8 million-an increase of 23% since 2013 according to IBM’s tenth annual Cost of Data Breach Study. The study also reports that the cost incurred for each lost or stolen record containing sensitive and confidential information increased 6% to $154 average cost per record breached. Yet in healthcare, the cost is more than double at $363/ record!

Compliance Challenges: The Best Defense is a Good Offense

By Julie Sheppard, BSN, JD, CHC 
Heightened scrutiny from federal regulators is increasing the pressure felt throughout the healthcare industry for compliance. Most healthcare organizations already strained by time, resources and finances, are challenged to keep pace with the rules and regulations and to ensure the compliance program they have in place is effective. In response, many organizations are adopting an ad-hoc approach to compliance program management—one which often adds time, costs, and resources. This is not the best approach to establishing an offensive stance to compliance management. Instead, organizations must focus their time and resources on addressing the seven critical elements covered in this paper for establishing an effective compliance program.

OSHA: Back to the Basics – Are you Compliant?

By Jill Brooks, MD, CHCO and Katelyn Byrne, BSN, RN
Sometimes we get so caught up in the big picture that we forget about the important details along the way. This holds true when it comes to OSHA compliance. It is important to revisit the basics periodically to instill the core elements of OSHA. A serious OSHA violation occurs when substantial probability exists that death or serious physical harm could result from a hazard about which the employer knew or should have known. This white paper will explore the basic fundamentals that can help prevent the the ten most frequently encountered OSHA citations.