Much of today's healthcare industry is reliant on third-party vendors. If you haven't asked your vendors whether they are compliant with HIPAA and have implemented sound information privacy and security programs, you are likely facing unknown?and possibly significant?risks. Covered entities (CE) and business associates (BA) are required by HIPAA to exercise due diligence when it comes to their BAs and BA subcontractors. Assessing the risk of those vendors is necessary, especially if those vendors support critical functions in support of CE operations.
Q: I recently received a customer satisfaction survey from a medical supply company. The survey was printed on a postcard, not enclosed in an envelope. The survey is generic and doesn't include information about what services or supplies were received, but it does show my name and address and the name of the company. Anyone looking at it could know, or assume, that I received medical supplies. I don't feel this is appropriate, but I'm not sure if this is a HIPAA concern.
This week’s Medicare updates include the release of FY 2017 Dialysis Facility Reports and End Stage Renal Disease Core Survey Materials; the Denial of Home Health Payments When Required Patient Assessment Is Not Received; a Quality Payment Program fact sheet, and more!
Orders for services are a vital component of ensuring Medicare coverage. With the advent of computerized provider order entry (CPOE), it is important to review order templates in the electronic medical record (EMR) and the resulting order produced or printed in the formal legal medical record to ensure the templates meet requirements.
Just like the lyrics to the popular Gap Band song say, "You dropped a bomb on me… I won't forget it," there are definitely some changes in the 2017 ICD-10-CM Official Guidelines for Coding and Reporting that some of us may wish the Cooperating Parties will forget were ever mentioned.
