Fall is upon us, and while we love seeing the foliage, going apple picking, carving pumpkins, and watching college football — Nextech has its eye on something else this coming season: future proofing your practice.
The Office of Civil Rights announced in early July that they have settled 11 new HIPAA Patient Right of Access cases, bringing the total number to 38 in the past two and a half years and the total fines to over $3,000,000. These cases occur when providers fail to provide patient records to requestors within the 30 days allotted by HIPAA. The largest of the new fines was $240,000 for failure to provide complete records to one patient. Previously the largest fine for one failure was $130,000.
While a great deal of information has been released on how electronic health records (EHR) will be affected by the Cures Act regulations, there seems to be far less understanding about how the new requirements will affect practices. In this blog article, we will clarify how some of the new requirements will apply to your practice, even if you are not a MIPS participant, as well as how transitioning to the cloud from a server-based system will make complying with these regulations easier for your practice next year and into the future.
HIPAA violations caused by access issues have made news in recent weeks, where current or past employees have abused their access to EHR patient records to snoop on or steal protected health information (PHI). One rather disturbing example of such abuse was uncovered just this week at the Canton, Ohio-based Aultman Health Foundation. In this case, the PHI of roughly 7,300 patients was compromised (including Social Security numbers, health insurance info, home addresses, birthdates and treatment details).
The Centers for Medicare & Medicaid Services (CMS) recently released a wealth of new guidance and resources for MIPS Promoting Interoperability (PI) measures and program requirements for the 2021 reporting period. These changes are based on the IPPS (or inpatient) rule. However, the guidance released in the IPPS rule is usually mirrored in the outpatient rule, which should be released later this summer. As usual, there is a lot to go through. However, most requirements are being carried over from 2020 so only a handful of changes need to be noted by our readers (have no fear; we’ve already done the grunt work, so you don’t have to).
We are entering a new era of healthcare, one where the patient is empowered to direct his or her own treatment. Patients are more informed and involved in their care than ever before and app developers are tapping into people’s desire to be involved in the decision making when it comes to their care. They also expect to be readily provided with their healthcare information upon request, and legislation has been passed that will require such requests be fulfilled in a timely manner.
The submission window for MIPS Performance Year (PY) 2020 closes on March 31, 2021. As one year closes another begins, and now is the time that practices should be preparing for their 2021 MIPS reporting. For the new year, the MIPS annual program requires submission of data in four categories—Quality, Promoting Interoperability (PI), Improvement Activities (IA) and Cost. In this blog, we will briefly go over actions to be taken throughout the year for submission in PY 2021 so that our readers can be better prepared for the next MIPS reporting period.
On December 10th, 2020, the Office for Civil Rights released a proposed rule to modify the current HIPAA Privacy Rule. While this rule is not yet finalized, it is important that practices are aware of the proposed changes and begin to prepare for the new level of interoperability and sharing that is reflected in these proposals. The changes in the proposal align closely with the ONC’s Cures Act final rule, which was finalized almost a year ago, with changes that will increase the ability to coordinate care across systems as well as allow patients to access and direct their own care.