In the Medicare Claims Processing Transmittal 2903, April 2014 Update of the Hospital Outpatient Prospective Payment System (OPPS), CMS discusses the current policy regarding billing for certain devices that are received by facilities at no cost, full credit, or partial credit.
You hear it over and over again. Covered Entity (CE) A failed to produce an ongoing risk assessment for HIPAA security compliance. CE B had an incomplete risk analysis, leading to a failure to recognize security weaknesses and vulnerabilities. And in come the fines.
The HIPAA Security Rule preamble reinforces training "criticality" and restates the standard, "We require training of the workforce as reasonable and appropriate to carry out their functions in the facility." Security training is essential.
Healthcare-associated infections (HAI) rack up millions of dollars in healthcare costs each year. HAIs are not only costly, but increase LOS and are often a source of preventable readmissions.
