Vendor Zone

Home/Vendor Zone

Overview of a Corporate Integrity Agreement (CIA)

Health care fraud recoveries for fiscal years 2009- 2014 exceeded previous records with five straight years of more than $2 billion in annual recovery from cases involving fraud and false claims against federal health care programs such as Medicare and Medicaid.  Most healthcare providers are aware of significant civil liability due to recent enforcement. However,

Are You Prepared for the HIPAA Phase 2 Audits?

After reviewing the HIPAA Privacy case investigations from 2009-2011, the Office of the Inspector General sent a strong message to the Office of Civil Rights in regard to the administration and enforcement of the HIPAA Privacy Rule. The OIG recommendation is clear in the September 2015 executive summary, “OCR Should Strengthen Its Oversight of Covered

Are you trying to prevent medical identity theft?

Medical identity theft continues to be major problem in the US with approximately 2.32 million adults or close family members falling victim in 2014. According to the Fifth Annual Study on Medical Identity Theft by the Ponemon Institute, medical identity theft is on the rise with a 21.7% increase since last year.      

Do You Meet the Security Rule Requirements for a Covered Entity?

Covered entities should be aware of differences between the Privacy and Security Rule requirements regarding protected health information. One major distinction is that the HIPAA Security Rule only applies to electronic protected health information (e-PHI). A covered entity is responsible for maintaining confidentiality, integrity and availability of all e-PHI. Under the HIPAA Security Rule, covered

Do You Meet the Privacy Rule Requirements for a Covered Entity?

Covered entities have several requirements under the Privacy Rule. The purpose of the rule is to protect and secure individually identifiable patient information and the covered provider has the ultimate responsibility for HIPAA compliance. Compliance with the Privacy Rule was required on April 14, 2003. According to the OCR’s HIPAA Audit Program Protocol for covered

Are You a Covered Entity?

HIPAA defines a covered entity as one of the following: Healthcare provider who transmits information in an electronic form Health Plan Healthcare clearinghouse Most providers are covered entities, managing insurance-related transactions electronically, like submitting claims to a health plan. What Are Your Responsibilities as a Covered Entity? Covered entities must comply with all of the

What Is the OIG List Of Excluded Individuals and Entities (LEIE)?

According to the OIG’s “Roadmap for New Physicians: Avoiding Medicare and Medicaid Fraud and Abuse”, the OIG is legally required to exclude individuals and entities from all Federal healthcare programs who have been convicted of the following criminal offenses: 1. Medicare or Medicaid fraud or offenses related to delivery of items or services under Medicare

Who are your Business Associates?

Most practices are aware that the HIPAA Omnibus Rule requires them to take necessary steps to prepare for the enforcement date of September 23.  They reali­ze the importance of having Business Associate Agreements in place.  Some even have an updated template Business Associate Agreement (BAA) prepared and available.  However, many find it challenging to determine