In addition to physical and technical safeguards, the HIPAA Security Rule requires covered entities and business associates to implement administrative protections, including workforce training and management.
Four years after they were proposed, CMS has finalized a series of discharge planning changes that went into effect on October 29. The final rule, called Revisions to Discharge Planning Requirements [CMS-3317-F], imposes a number of new requirements—ranging from how to notify patients about their choice in postacute providers to prioritizing patient preferences when developing discharge plans and treatment goals.
OCR enforces the HIPAA Privacy, Security, and Breach Notification rules. Failing to properly manage and oversee remote access to and the protection of health information can be costly, as the following three cases demonstrate.
In today’s virtual environment, with its focus on flexible schedules, organizing the coding function requires consideration of time zones, team member skills, volume of work, and claim-processing schedules.
