Thursday, July 28, 2011

The Clock is Ticking on the Debt Ceiling

It is time to get serious in Washington. Many people throughout the United States are waiting for a deal or compromise to be reached on the debt ceiling. The most sensitive population among those is the elderly that Medicare services. It is unfair for elected officials to rely on their votes to be placed into office, and then fail them when the going gets tough, so to speak. Everyone needs to adjust their thinking and keep in mind that people's parents or grandparents are sitting at home watching this calamity unfold in the media.

Many seniors have voiced a fear of losing their Social Security - which is their only source of income in many cases - as well as their Medicare benefits. As we know, a means test has been proportioned into Medicare via the Affordable Care Act. This test increases the premiums of the well off in Medicare. Invoking any additional increase to this means test at this point is uncalled for.

The Washington crowd needs to be open minded, roll up their sleeves, and serve up a solution that will work for all, and especially for our senior citizens who are fearful of losing at every turn.

-------------------------------------------------------------------------------------------

Pam Argeris is a thought leader in the Healthcare Industry and possesses extensive, hands-on experience with CMS compliance, and multiple regulatory bodies such as NCQA, JACHO, and DOI. In her role at Merrill Corp., Pam focuses on developing solutions for compliance and quality assurance, delivered in a cost effective manner to improve beneficiary and prospect communications. You can contact Pam at Pamela.Argeris@merrillcorp.com.

Thursday, July 21, 2011

HIPAA Regulations and New Technology: HIPAA, HITECH, and Electronic Compliance

HIPAA and HITECH violations are on the rise, and as more and more technology pushes medical records into the realm of EHRs and cloud storage, things will not likely improve. Why exactly is this happening? Sarah E. Swank has a few ideas (free registration required to view article):
In the old paper world before HIPAA, people often guarded patient medical records with good old-fashioned common sense…Our HIPAA policies are stale and our workforce members receive training often created with a focus on paper medical records. In addition, the technology has not caught up with expectations of electronic health record systems to audit access in real time.
It has been said, time and time again, that HIPAA is behind the times when it comes to new forms of communication. This has been most evident in the realms of social media, where companies and facilities are forced to choose between posting what they think is OK while hoping to dodge the compliance axe, or ignoring the platform altogether. So what can medical organizations do to keep their information secure while HIPAA catches up?

Swank lists seven strategies in her article on lexology.com;
  1. Conduct Regular and Routine Audits
  2. Review Incident Reporting Procedures
  3. Conduct Timely and Complete Investigations
  4. Review and Update Policies and Procedures
  5. Reevaluate Training
  6. Rethink Discipline Determination
  7. Mitigation
What these strategies boil down to is essentially this: Change, Vigilance, and Consistency. Organizations must step up to develop methods of tracking and protecting data in an electronic environment, which can be a complex and daunting task for a group used to handling paper records. HIPAA may have been old hat a few years ago, but we are all back in unfamiliar territory, and it is necessary to give your compliance strategies a second look.

-------------------------------------------------------------------------------------------

Pam Argeris is a thought leader in the Healthcare Industry and possesses extensive, hands-on experience with CMS compliance, and multiple regulatory bodies such as NCQA, JACHO, and DOI. In her role at Merrill Corp., Pam focuses on developing solutions for compliance and quality assurance, delivered in a cost effective manner to improve beneficiary and prospect communications. You can contact Pam at Pamela.Argeris@merrillcorp.com.

Friday, July 8, 2011

HIPAA Regulations and New Technology: Where Does Mobile Fit In?

There are plenty of obvious compliance issues presented by healthcare’s move toward mobile technology. This recent article from Mobi Health News points out one of the less blatant struggles that any health facilities face.
The [HIPAA] Privacy, Security, and Breach Notification Rules can be a daunting challenge. Sometimes, the biggest question facing mobile application developers is not how to comply with (or make sure users are complying with) HIPAA, but rather whether HIPAA even applies.
It seems that the twisting and complex labyrinth that is HIPAA compliance has more backdoors, pitfalls, and secret exits than anyone could have predicted. The good news is that many mobile software efforts may not even fall under HIPAA’s compliance jurisdiction. The bad news is that it can be very tricky figuring out what side of that line you fall on.

In the article, Adam Greene explains that, “The HIPAA Rules only apply to HIPAA ‘covered entities’ and their ‘business associates.’ They do not apply to health care consumers or to other types of entities.” This means that the people that have access to the software are the first determinate of whether or not HIPAA compliance applies to your software. He explains further that:
A mobile application developer will need to analyze whether the software will be used by a covered entity, such as physician, hospital, or health plan, and whether it will include any protected health information: individually identifiable information about health, health care services, or payment for health care services. An application that assists a physician with following up with patients would need to be designed to allow the physician to comply with HIPAA. Likewise, a mobile application for use by health plan employees to obtain an individual’s enrollment information remotely would need to be designed in accordance with HIPAA.
The take-away here is that health facilities can distribute software that monitors medication schedules, important general health information, and other information, so long as it is not directly linked to any “covered entities.” Obviously, this is a complicated matter that should not be tackled without a lot of thought and research, but it is good to know that – on the surface, anyway – HIPAA is not preventing health facilities from helping the public get the best medical information possible.

-------------------------------------------------------------------------------------------

Pam Argeris is a thought leader in the Healthcare Industry and possesses extensive, hands-on experience with CMS compliance, and multiple regulatory bodies such as NCQA, JACHO, and DOI. In her role at Merrill Corp., Pam focuses on developing solutions for compliance and quality assurance, delivered in a cost effective manner to improve beneficiary and prospect communications. You can contact Pam at Pamela.Argeris@merrillcorp.com.