The American Health Information Management Association (AHIMA) wants improved and unified health information governance to standardize EHR use. AHIMA says the move will lead to technology that provides better, more efficient patient care.
It has been quite a year in the privacy world, hasn't it? The OCR website has reported 500 breaches of unsecured PHI affecting 500 or more individuals, totaling more than 12 million patients. There has been an increase in HIPAA-related criminal sentences involving jail time. And private lives are no longer private.
You're reviewing a case file and discover that a patient's recent readmission is due to a medication prescribing error made by a physician. Do you report it?
As part of the 2013 OPPS final rule, CMS finalized a clarification to 42 CFR 419.2(b) that could cause confusion in the future if hospitals are audited by third-party payers or by Medicare contractors who do not fully understand the intent of the language or how CMS develops payment rates, says Jugna Shah, MPH, president of Nimitt Consulting based in Washington, D.C.
One thing is certain: You don't want to wait until you receive a notification letter from OCR before you begin preparing for a HIPAA audit, says Dena Boggan, CPC, CMC, CCP, HIPAA privacy/security officer at St. Dominic Jackson (Miss.) Memorial Hospital.
There are six generic approaches to managing risk, and the approach an organization chooses to use will depend on many factors. For example, how real is this risk? Can it actually become a problem, or is it merely theoretical? Management will want to decide whether the risk is likely to happen and whether it is possible to determine when it may happen. This will also assist in appropriate allocation of resources to focus on material risk areas.
