Medicare Compliance & Reimbursement
Is the HIPAA Audit Program Gone for Good?
Question: With all the recent news on increased HIPAA enforcement, should we be worried about a federal audit of our privacy controls? Codify Subscriber Answer: Though the U.S. Department of Health and Human Services Office for Civil Rights (OCR) Audit Program online resource is still available for review, the HIPAA Phase 2 program isn’t up and running anymore. “The HIPAA Audit Program has, essentially, been terminated, which is too bad, because the audits, when implemented properly, can be a valuable tool for discovering where there are weaknesses in compliance, either by the fault of covered entities, or through inappropriate regulatory requirements,” says Jim Sheldon-Dean, founder and director of compliance services at Lewis Creek Systems, LLC in Charlotte, Vermont. He adds, “Phase 2 was terminated without coming to a conclusion, and ‘Phase 3,’ yet to come, was identified in the fall of 2018 as a report generating recommendations based on Phases 1 and 2.” OCR did update 13 questions on its Audit Protocol website last summer, with no major changes to HIPAA. The information was “based on the experience gained in questioning during the 2016 round of audits,” Sheldon-Dean notes. “Despite promises from HHS staff, a change history has not been provided, and the update itself was never announced.” Remember: “Audits are meant to be a learning tool for covered entities and HHS,” reminds Sheldon-Dean. “I don’t think the Audit rules will be used for enforcement purposes, as it would require developing a program, while simply responding to complaints and breaches provides plenty of fruit for making examples of rule violators.” Tip: Whether or not the HIPAA Audit Program makes a comeback, there’s never been a better time to up your compliance capital with updated policies. Take advantage of this reprieve to assess your risks and act on them with concrete management tactics. And remember, document everything — because if OCR does roll out the audit patrol, the first thing they’ll ask for is written proof of your compliance plan. Check out the OCR guidance on the HIPAA Audit Program at www.hhs.gov/hipaa/for-professionals/compliance-enforcement/audit/index.html#when.
Medicare Compliance & Reimbursement
- Enforcement:
OIG Doubles Down on False Claims
Report highlights importance of medical necessity. If you’ve ever wondered whether the U.S. Department of [...] - Telemedicine:
Tackle Telemedicine Coding With 2 Top Tips
Know the rules on ‘face-to-face’ care. Telemedicine has quickly emerged as a great option for [...] - Compliance:
Master Addenda Requests With This Advice
Tip: Explain why changes are necessary to the documentation. When a coder receives a chart, [...] - Reader Question:
Use ICD-10-CM Codes for Signs and Symptoms
Question: We have a coder who wants to hold charts when patients don’t have definitive diagnoses. [...] - Reader Question:
Is the HIPAA Audit Program Gone for Good?
Question: With all the recent news on increased HIPAA enforcement, should we be worried about a [...] - Industry Note:
MBI Usage Remains Steady
If you haven’t started transitioning your practice from using Health Insurance Claims Numbers (HICNs) to [...] - Industry Note:
CMS Uploads New IRF Appeals Program
Last summer, the Centers for Medicare and Medicaid Services (CMS) commenced a short-term voluntary initiative [...] - Industry Note:
MAC Sees Uptick in Late Signature Issues
One Medicare Administrative Contractor (MAC) warns that late signatures may lead reviewers to the wrong [...] - Industry Note:
EHRA Urges Feds to Rein in EHR Mandates
Industry insiders believe the proposed interoperability rule’s quicker-than-usual required timeline for implementation will likely sink [...]
