HIPAA Privacy and Security standards must be addressed by a series of policies and procedures that work throughout your entire practice, according to federal regulation. These policies and procedures form the basis of an effective compliance program–all activities involving the use, storage, and distribution of protected health information (PHI) are governed by these regulatory standards.
Understanding HIPAA security standards is an important element in becoming HIPAA compliant. HIPAA regulation mandates that covered entities, such as physicians, insurance companies, and health care clearinghouses, implement an effective compliance program that addresses the full spectrum of security standards to safeguard patient health data.
Last week, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced its first HIPAA settlement of 2017 with Presence Health for $475,000.This is the first fine in the history of HIPAA enforcement levied for a failure to notify over 800 patients of a breach of unsecured protected health information (PHI) in accordance with the standards of the HIPAA Breach Notification Rule. PHI includes any health data containing identifiable information like dates of birth, names, addresses, etc.
In today’s world of convenience, it is simple to search for a product or service you need online, order it, and move on with your life with very little interruption. Often, once a consumer has received their product or service, they never have contact with the vendor again. Their transaction over, there is no need for additional communication.
In the health industry, however, particularly in the field of behavioral health, it is much more important that the patient and doctor build a relationship of trust. Several factors can be involved in a patient’s physical and mental state, and past relationships can be crucial in diagnosing and treating the patient and maintaining the patient’s health.
The Medicare Access and CHIP Reauthorization Act of 2015 (otherwise known as MACRA) was signed into law in April 2015. A few months ago, the CMS released its proposed rule for what MACRA entails. What does that mean for behavioral health providers who care for Medicare beneficiaries? Let’s break it down.
- The research and demo process can tell you almost everything you need to know about an EHR vendor. Do you have the time and the staff to traverse this rocky road on your own?
- If this isn’t your first rodeo with an EHR, work with vendors that have nothing to hide
- Avoid vendors that shout out in their marketing material how honest they are, would never hold your data hostage, etc. – professionals don’t need to make these claims in their material
- There’s a diagnosis code for this kind of behavior
Choosing the right behavioral health EHR is one of the most important decisions a mental health organization will make.
Before you dive into purchasing the software that will be running your practice make sure the vendor providing the demo is not really a magician. In our time spent only selling mental health EHRs, we have done demos exactly as trained by the creators of the products. We found out later this was horrendously misleading and when we started doing demonstrations of the products exactly as they worked, sales of these EHRs slowed down to a trickle. As they should.
everythingEHR has been reviewing behavioral health EHRs for the past few years. Many of our clients from mental health billers to behavioral health providers have come to rely on our EHR knowledge to help them during the often painful process of selecting a system that will ultimately run their practice. We have demoed more than forty behavioral health EHRs. Some are 100% mental health focused and others serve many sectors of health care and include a behavioral health component. We found that the process of vetting EHR vendors can and should be a time-consuming journey but often filled with missteps and some landmines. Our clients always report a serious reduction in anxiety by having one of our advisers join them on each and every demo.
HIPAA, HITECH, Omnibus, PCI regulations – these are words that can strike fear into the heart of any Behavioral Health organization. They don’t need to as we found after speaking with our guest today on Mental Health News Radio. We sat down with Marc Haskelson, the President and CEO of Compliancy Group, to find out how easy compliance can be.
Complimentary Webinars on Compliancy in Behavioral Health
Please join us by registering here.
I remember the day I knew I would have a career in the helping field: It was a day like any other in first grade. As I stood in line with all my classmates, our janitor, Mr. Johnson, walked past. His familiar gimp accompanied him, as it always did, with one leg lagging behind him while the opposite arm swayed oddly.
To my dismay, the entire class snickered and called out insults, which—right or wrong—was the popular response by those around me. However, being the empath I am, I just sank inside. A pit the size of a kickball grew in my stomach and I just had to do something to ease his pain. Not having the tools then that I have now, I didn’t know what else to do. So I waved, smiled. A simple token of kindness that would foretell my future as a therapist. I knew then that I could not tolerate human suffering and that I had a gift within me to help ease it.