Healthcare organizations can give third-parties (“business associates”) access to patient data, including an independent medical transcriptionist hired by a physician, outsourced claims services, a consultant, or a CPA firm whose services require access to protected patient information. HIPPA regulations state that you must enter into a contract with these third parties in which they agree to protect the data. Building a systematic way to distribute and collect these contracts, or Business Associate Agreements, should be an essential part of any vendor risk management strategy. Not doing so exposes your organization to a huge amount of liability, as the government puts the burden for protecting patient data on healthcare organizations.
Stay in Touch
Get the latest healthcare news, advice from industry experts, and all things related to monitoring solutions delivered straight to your inbox.
Yesterday at ProviderTrust, we had Thanksgiving in the office. And boy did we celebrate!
Stories, a powerful mode of communication, have been used throughout history to communicate simple yet powerful truths – and when told right, leave lasting impressions you will never forget.
The labor-intensive process of healthcare credentialing combines combing through public records and obtaining peer references, medical malpractice history, sufficient malpractice coverage, and a plethora of other documents.
You’ve worked hard to implement and manage a strategy that mitigates compliance risk across your organization. Then, just when you start to think you’ve got it all figured out, new layers of regulations are added causing you to scramble to figure out how you are going to keep your organization in compliance.
* This blog post has been adapted from an article I wrote for the Nashville Business journal on authentic leadership. Running a startup is a challenge unlike any other. I would compare it to riding a roller coaster during a thunderstorm while trying to catch rain in a bucket full of holes.
When HR leaders from the healthcare industry gather each year at the annual ASHHRA Conference, great things happen. From hearing thought leaders from around the nation to networking and re-connecting with familiar faces and friends, the 2013 ASHHRA conference in Washington, D.C. was amongst the best.
It's no secret that performing an OIG exclusion check on a monthly basis is industry best practice and the best way to reduce your organization's overall risk and liability. But what role does your HR department play in ensuring your OIG exclusion check is done most effectively? Your compliance department typically handles ongoing an OIG exclusion check for all of your employees, referring physicians, and vendors in addition to monitoring the SAM dataset and all available state exclusion lists. However, it's really your HR department that plays the single most cohesive role in the process. Here's why…
You might hesitate to self-disclose fraud and exclusions to the OIG due to the time-investment and immediate fines; however, according to the OIG the process does not take as long as you might think.
A Report of Medicare Compliance survey issued July 15, 2013 polled over 100 compliance professionals, lawyers and risk consultants on the top 30 compliance risks issues facing healthcare today. Ranking #19 was Vendor Risk Management.