Georgia's Trusted Healthcare
& Medical Provider Attorneys

Avoid Being A Target Of HIPAA Audits | Here’s How

HIPAA AuditPhase 2 OCR HIPAA Audits Are Here – What Providers Should Do to Prepare

The Office of Civil Rights (OCR) has taken the first step in the next round of HIPAA audits.

OCR has begun to send out surveys in order to collect information from providers, health plans, and clearinghouses in preparation for phase 2 of their HIPAA audits. From the hundreds of entities receiving surveys, OCR will select over 200 providers and over 100 health plans to be audited.

It is more important than ever to make sure that you have complied with the HIPAA Rules. Here are the top 3 areas every provider should address:

1. When was the last time you conducted a Risk Assessment? If it has been more than a year or two, you should conduct a comprehensive Risk Assessment now.

If you are a small to medium sized office you can take advantage of HHS’s security risk assessment tool available on their website: HHS.gov SRA Tool

2. Have you recently reviewed your HIPAA policies and procedures to ensure that they are up to date and are being followed? There are three main areas that need to be addressed in your policies: Security Standards, Privacy Standards and Breach Notification Standards.

    • Security Standards – focus on how you keep Protected Health Information (PHI) secure, whether it is stored and/transmitted electronically or in some other form. Your practice must have appropriate safeguards in place (for example, requiring the use of secure passwords to access electronic health records and encrypting all devices that might contain e-PHI).
    • Privacy Standards – do you conduct periodic trainings for personnel regarding privacy practices? Do you have records that such trainings have been completed by all personnel? Is your Notice of Privacy Practices current and made available to your patients?
    • Breach Notification Standards – do you have a policy in place that outlines the steps for identifying and reporting a breach? Such a policy should address steps to take to investigate and contain the problem, as well as a means for identifying how many people were affected, who those individuals are, and how to send out breach notices. Keep in mind that under the Breach Notification Rule, providers must provide notice of a breach within a certain time frame. Your procedures for responding to a breach should allow for adequate time to meet this deadline.

3. Keeping track of your Business Associates and Business Associate Agreements – During the audit process OCR might ask for a list of business associates and their contact information. All providers should have this readily available. It is also important to have written Business Associate Agreements that are up to date and can be made available to OCR upon request.

If you have any questions about any HIPAA requirements or the approaching OCR audits our attorneys can help. Please contact Danielle Hildebrand at dhildebrand@jeylaw.com.

________________

The information on this site should not be construed as formal legal advice and is not intended to create or constitute a lawyer-client relationship.

 

Special Needs Trusts & Estate Plans – When’s The Right Time?

DownSyndromeGirlNow.

As a parent or guardian of a child or adult with special needs, one of our main concerns is what will happen to our loved ones when we pass? Who will take care of them? Will they have enough money? Will they be OK?

And while most of us try NOT think about dying, it’s an important step in ensuring that our loved ones will be protected and cared for upon our passing. Putting into place a special needs trust is something we can do to help ensure that our child or adult ward will be well cared for and have a high quality of life.

Too many times we’ve seen families devastated by the sudden loss of parents or guardians. Now is the time to plan and put into place a legal plan that will help protect your loved ones and their government benefits.

Eligibility for many government benefits are determined based on the resources your child or adult ward holds in their name. If they have too many resources, even by just one dollar, they may not qualify for, or may even lose, benefits such as Supplemental Security Income (SSI) and Medicaid.

Even if your child or ward does not currently receive government assistance, he or she may need it in the future. A special needs trust is a way to protect their current resources and future benefits. Through a special needs trust you can leave assets to your child or ward without negatively impacting his or her government benefits.

Government benefits only cover basics such as food, clothing and shelter. Through a special needs trust, a designated trustee for your loved one will be able to provide your child or adult ward with access to things such as:

  • a personal care attendant
  • out of pocket medical and dental expenses
  • vacations
  • home furnishings
  • vehicles
  • hobbies
  • and education.

Jeyaram & Associates has extensive personal and legal experience with setting up special needs trusts and estate plans. Please contact DJ Jeyaram at DJ@Jeylaw.com or 678.325.3872

Medical Group Management Association: Governmental/Third Party Payer Forum This Friday

Stop by our booth this Friday, November 9th, at the Medical Group Management Association (MGMA) Governmental/Third Party Payer Forum to learn more about how Jeyaram & Associates can help medical practice managers with issues such as Medicaid and Medicare audits, reimbursement disputes, litigation and appeals and how Jeyaram & Associates can serve as your in-house counsel.

https://m360.gmgma.com/event.aspx?eventID=58989&instance=0