Compliance

HIPAA Helps and FAQs

The Health Insurance Portability and Accountability Act (HIPAA) has been around for quite some time. There are many misconceptions about HIPAA compliance that our office still gets calls about. This page is to help clear up some of these misconceptions.

Compliance Specialists

Compliance specialists are responsible for monitoring health and human services program operations for compliance with federal and state regulations and standards in order to promote health and safety, assure that public services are delivered properly, or prevent fraud. Areas assessed may include service delivery, eligibility determination and payment, medical reimbursement, risk and safety, or operational practices. Responsibilities range from entry level professional to management.

Conducting a job interview for potential new employees is a common occurrence, yet is often done in a manner of disorganization. Employers are frequently asking questions that shouldn't be asked and neglecting to ask those questions that may be more essential for conducting a proper interview. Federal and state laws pose significant liability for employers that ask improper questions that are deemed illegal or that may be interpreted as discriminatory.

All sponsors are required to adopt and implement an effective compliance program, which must include measures to prevent, detect and correct Part C or D program noncompliance as well as FWA.

The compliance program must, at a minimum, include the following core requirements:

 1. Written Policies, Procedures and Standards of Conduct;

 2. Compliance Officer, Compliance Committee and High Level Oversight;

 3. Effective Training and Education;

 4. Effective Lines of Communication;

Effective January 1, 2015, OASIS assessment data will be submitted to CMS via the national OASIS Assessment Submission and Processing (ASAP) system. 

With the implementation of the OASIS ASAP system, Home Health Agencies will no longer submit OASIS assessment data to CMS via their state databases. To access the OASIS ASAP system, you will need a QIES / HHA User ID.  

If you currently have a QIES / HHA User ID no action is required. This User ID will allow access to both the OASIS (ASAP) Submission System and CASPER Reporting System.

Q: Who is a Business Associate and what do we do if they refuse to sign the BAA (Business Associate Agreement)?

A: See the link below, as that will define for you exactly who your business associates would be. When uncertain or in doubt, it is always good to double check the HHS guideline to be confident. The information is defined in the following link:http://www.hhs.gov/ocr/privacy/hipaa/faq/business_associates/#businessassociate

Privacy Rule De-Identifiers

The HIPAA Privacy Rule providers two ways to de-identify information:

Pages

Subscribe to RSS - Compliance