Blog

Performing a regular Security Risk Assessment (SRA) will help an organization ensure it is compliant with HIPAA’s administrative, physical, and technical safeguards. A risk assessment also helps practices discover areas where protected health information (PHI) could be at risk. To learn more about the assessment process and how it can benefit your organization, we recommend visiting the Office for Civil Rights' official guidance.

As the pandemic winds down and cases of COVID-19 continue dropping in the United States, new rounds of regulatory changes should be expected as part of the return to normalcy. Among the most recent are new OSHA guidelines for healthcare workers per the U.S. Labor Department. In this blog, we will examine some of the main points of this new guidance.

The Centers for Medicare & Medicaid Services (CMS) recently released a wealth of new guidance and resources for MIPS Promoting Interoperability (PI) measures and program requirements for the 2021 reporting period. These changes are based on the IPPS (or inpatient) rule. However, the guidance released in the IPPS rule is usually mirrored in the outpatient rule, which should be released later this summer. As usual, there is a lot to go through. However, most requirements are being carried over from 2020 so only a handful of changes need to be noted by our readers (have no fear; we’ve already done the grunt work, so you don’t have to).

While the HIPAA Right of Access rule was first passed into law as part of the 2013 HIPAA Omnibus Rule, the Office for Civil Rights (OCR) has been cracking down hard on violators of this rule in recent years. This provision requires covered entities to provide patients with a copy of their medical records in the form and format requested, or another agreed upon form, within 30 days of the initial request. If the covered entity is unable to fulfill the request in that timeframe, they may notify the patient in writing that they will need a 30-day extension. This notification must also notify the requestor of the date on which the records will be provided and only one extension is permitted.

We are entering a new era of healthcare, one where the patient is empowered to direct his or her own treatment. Patients are more informed and involved in their care than ever before and app developers are tapping into people’s desire to be involved in the decision making when it comes to their care. They also expect to be readily provided with their healthcare information upon request, and legislation has been passed that will require such requests be fulfilled in a timely manner.

The submission window for MIPS Performance Year (PY) 2020 closes on March 31, 2021. As one year closes another begins, and now is the time that practices should be preparing for their 2021 MIPS reporting. For the new year, the MIPS annual program requires submission of data in four categories—Quality, Promoting Interoperability (PI), Improvement Activities (IA) and Cost. In this blog, we will briefly go over actions to be taken throughout the year for submission in PY 2021 so that our readers can be better prepared for the next MIPS reporting period.

As we hit the end of 2020, there was a lot of confusion as to what COVID-19 relief was going to look like in the new year. This was mostly due to delays in passing new relief legislation. Luckily, in the last week of December, the powers that be passed a new COVID-19 Economic Relief Bill. As one might assume, there’s a lot involved in this giant bill. You probably do not want to read through all 5,593 pages of the entire bill (but feel free to use that link if you do want to do that). So, in this blog, will just go over a few of the highlights of the bill as well as some other important dates and info that you should know for 2021.

On December 10th, 2020, the Office for Civil Rights released a proposed rule to modify the current HIPAA Privacy Rule. While this rule is not yet finalized, it is important that practices are aware of the proposed changes and begin to prepare for the new level of interoperability and sharing that is reflected in these proposals. The changes in the proposal align closely with the ONC’s Cures Act final rule, which was finalized almost a year ago, with changes that will increase the ability to coordinate care across systems as well as allow patients to access and direct their own care.