HIPAA originally recognized the business associate (BA) as a contractor of a covered entity (CE), but did not mandate direct accountability to the regulations. This put the onus on a CE to ensure, contractually, that its BAs met applicable requirements and supported their CE clients' compliance. When the Privacy and Security Rules first became effective, many CEs accepted BA contracts (BAC) (sometimes also called BA agreements [BAA]) from their BAs. Some BAs were actually quite adamant about having the CE sign their BAC. Although it was the obligation of a CE to initiated the BAC and the CE was liable under the law for compliance, in most cases, BAs offered a BAC that met the legal requirements and often looked like the model offered by HHS. If this was not the case or if either party wanted additional provisions, the CE and the BA negotiated a contract. No provisions required by HIPAA could be removed or changed, but other provisions could be added.
Q: Is it permissible to write down a patient's pending exams (e.g., MRI, ultrasound) on the patient boards located by the patient's bed in his or her room even if that patient has a roommate?
1. The audit is intended as an educational tool, but if auditors discover serious noncompliance issues, they may request OCR conduct an investigation to determine if enforcement action is necessary.
When you're starting a population health program, a critical component is information?the data you collect to assess patient risk factors. Having a computer system to sort through information and help you identify high-risk patients is a huge asset to any program, says Gavin Malcolm, LCSW, director of Population Health for Broward Health ACO Services in Florida. "You have to be able to access and manage data to be successful," he says.
Starting a population health program can not only help organizations improve patient health, but can also help a hospital's bottom line by reducing readmissions and cutting down on costly emergency department visits. But many case managers may wonder what it takes to get a population health program off the ground.
The 2-midnight rule may get a little tweak if the proposals in CMS' 2016 OPPS proposed rule comes to fruition. The rule proposes that physicians now be granted a little more flexibility when it comes to ordering inpatient admissions, even when the stay is expected to be less than two midnights?provided of course that the stay is justifiable from a medical standpoint and the physician clearly documents his or her thinking on the case.
