HIPAA Changed…Again: Are You Compliant?
Bryan Meek, JD
This auditing and compliance “Tip of the Week” was originally published by the National Alliance for Medical Auditing Specialists (NAMAS), a division of DoctorsManagement.
- Tier One: The provider did not know and could not reasonably have known of the breach.
- Penalties now capped at $100-$50,000/violation, capped at $25,000/year the issue persisted.
- Tier Two: The provider “knew, or by exercising reasonable diligence would have known” of the violation, but the provider did not act with willful neglect.
- Penalties now capped at $1,000-$50,000/violation, capped at $100,000/year the issue persisted.
- Tier Three: The provider acted with “willful neglect” and corrected the issue causing the violation within a 30-day time period.
- Penalties now capped at $10,000-$50,000/violation, capped at $250,000/year the issue persisted.
- Tier Four: The provider act with “willful neglect” and failed to make a timely correction.
- Penalties now capped at $50,000/violation, capped at $1.5 million/year the issue persisted.
- Review and revise (or otherwise implement) their HIPAA compliance plan policies and procedures and Notice of Privacy practices.
- Ensure all employees and contractors have received training on HIPAA requirements.
- Review or implement the system and procedures for recognizing and reporting HIPAA violations.
- Review and revise all business associate agreements to ensure compliance with current rules and regulations. If providers have not revised their business associate agreements since 2013, the agreements are no longer compliant with the new business associate rules that were passed in 2013 and new agreements will need to be drafted and signed.
What to do next…
- Contact us to discuss your audit needs by calling (800) 635-4040 or email info@drsmgmt.com.
- Read more: What can you expect from a coding and compliance review?
Here’s why thousands of providers trust DoctorsManagement to help improve their coding and documentation.
Quality of coders and auditors. Our US-based auditors receive ongoing training and support from our education division, NAMAS (National Alliance of Medical Auditing Specialists). All team members possess over 15 years of experience and hold both the Certified Professional Coder (CPC®) as well as the Certified Professional Medical Auditor (CPMA®) credential.
Proprietary risk-assessment technology – our auditing team uses ComplianceRiskAnalyzer(CRA)®, a sophisticated analytics solution that assesses critical risk areas. It enables our auditors to precisely select encounters that pose the greatest risk of triggering an audit so that they can be reviewed and the risk can be mitigated.
Synergy – DoctorsManagement is a full-service healthcare consultancy firm. The many departments within our firm work together to help clients rise above the complexities faced by today’s healthcare professionals. As a result, you receive quality solutions from a team of individuals who are current on every aspect of the business of medicine.