Prepare for HIPAA Audits: Privacy and Security Checklists and Free HIPAA Consultations

Recent news reports as well as a report from the Office of the Inspector General indicate that the Office of Civil Rights (OCR) for the Department of Health and Human Services (HHS) has chosen a vendor and plans to move forward with phase II of its audit program of covered entities and business associates. This is an excellent time for health care providers to revisit HIPAA Compliance to ensure that all of the HIPAA Privacy and Security regulatory requirements are… Read More >

OIG Report Recommends Implementation of Permanent HIPAA Audit Program

The Office of Inspector General (OIG) for the Department of Health and Human Services (HHS) recently conducted a study to assess the Office of Civil Rights’ (OCR) oversight of compliance with the HIPAA Privacy Rule. The OIG recommended that OCR strengthen its oversight by becoming proactive rather than reactive.  The OIG criticized OCR for not fully implementing its required HIPAA audit program.  Further, the OIG found that OCR was not consistent in documenting covered entities’ corrective actions in its tracking… Read More >

Avoid HIPAA Violations by Assessing Risk and Encrypting Portable Media

A stolen laptop recently led to an investigation of a physician group and the payment of a $750,000 penalty to resolve the HIPAA violations. The case involved Cancer Care Group, P.C. (CCG), one of the larges radiation oncology private physician practices in the country. As required by the HIPAA Breach Notification Rule, CCG notified the Office of Civil Rights of a stolen laptop bag in July 2012.  According to the resolution agreement, the laptop itself did not contain protected health… Read More >

When is an Overpayment Identified?

The Affordable Care Act (“ACA”) amended the False Claims Act (FCA) “reverse false claims” provision to include an obligation that providers report and return any overpayment within 60 days of identification.  However, the ACA did not define identification which has caused considerable confusion among health care providers. In the recent whistleblower/false claims case of Kane v. Healthfirst, Inc., a federal district court judge has defined the term very narrowly, to mean that the overpayment is identified when the provider is… Read More >