Breach

Home/Breach

Individual’s Rights to Access PHI

An individual’s right to access their protected health information (PHI) should be nothing new to covered entities. In 1996, HIPAA Privacy Rule detailed an individual’s right to access PHI. As part of HITECH and the Final Omnibus Rule, modifications to the Privacy Rule have included additional requirements for covered entities and business associates. Unfortunately, recent

Jumpstart Your Compliance Program

The beginning of the New Year is a popular time for new initiatives. Many healthcare organizations are looking for ways to improve quality and reduce risk. A compliance program is an effective way to detect, deter and prevent wrongdoing in the healthcare setting and an ongoing system assures conformity with governing laws and regulations. An

Is Your Compliance Program Effective?

Having a compliance program in place is a start but having an effective compliance program is the goal. Proactively assessing the effectiveness of one’s own compliance program is better than the Department of Justice making a determination of the adequacy as a result of an investigation for alleged misconduct. To set benchmarks for an effective

Deadline for Breach Reporting Coming Soon

As the end of the year approaches, keep in mind that all breaches of unsecured protected health information involving less than 500 individuals must be reported to the Secretary at the Department of Health and Human Services (HHS) within 60 days of the end of the calendar year. If the organization already reported a breach

OIG WORKPLAN 2016

The Office of the Inspector General (OIG) is responsible for protecting the integrity of the programs in Health and Human Services against fraud, waste and abuse as well as recommending improvements to the system that would promote efficiency and efficacy within the limits of the health care laws.   Although OIG oversight includes programs such as

Overview of a Corporate Integrity Agreement (CIA)

Health care fraud recoveries for fiscal years 2009- 2014 exceeded previous records with five straight years of more than $2 billion in annual recovery from cases involving fraud and false claims against federal health care programs such as Medicare and Medicaid.  Most healthcare providers are aware of significant civil liability due to recent enforcement. However,

Are You Prepared for the HIPAA Phase 2 Audits?

After reviewing the HIPAA Privacy case investigations from 2009-2011, the Office of the Inspector General sent a strong message to the Office of Civil Rights in regard to the administration and enforcement of the HIPAA Privacy Rule. The OIG recommendation is clear in the September 2015 executive summary, “OCR Should Strengthen Its Oversight of Covered