Maintain compliance with ongoing efforts
HIPAA Weekly Advisor, July 3, 2003
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
Your facility could have policies and procedures for every privacy rule requirement. But those policies and procedures must work for you to be in compliance.
Compliance efforts aren't finished, says Becky Buegel, RHIA, privacy officer and HIM director at Casa Grande Regional Medical Center, in Casa Grande, AZ. "You have to make sure what you put into place works," she says. "It's still early, and we're not sure how it's all going to shake out. I don't want to be blind-sided and find out that our plans didn't work."
You'll notice problem areas more now, since staff members must actually follow the policies and procedures, says Buegel. If any policies or procedures don't work, you want to discover the problem yourself, rather than having a patient complain or the government investigate a complaint, she says.
In many cases, you'll need to rewrite some policies and procedures. "I've already revised a policy on investigating a complaint and a form for requesting an amendment to a record," she says. "A patient requested an amendment and agreed to be my test case, since she was also an employee. She let me know what she thought of the process and whether it worked for her," she explains. "I realized I had left off a space on the form for the patient's address."
Buegel also found some typos in the hospital's notice of privacy practices. "That happens, but we wanted it to be pristine right from the beginning," she says. "A patient called to tell us about a typo, but I was happy she read the notice."
Right now, pay the most attention to whether you've fully rolled out procedures related to the patients' rights portion of the privacy rule, says Jill Callahan Dennis, JD, RHIA, principal of Health Risk Advantage in Denver. "That's the portion of the rule where violations place a covered entity at the most risk of a complaint."
Go to http://www.himinfo.com/news/feature.cfm?content_id=33868 to read more.
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
Related Products
Most Popular
- Articles
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- Catch up on what's new with injections and infusions
- Topic: CMS, OESS post new security compliance review information, checklist
- Capturing all necessary codes for IUD insertion and removal can be challenging
- HIPAA Q&A: Level of encryption needed for email
- Identify potential Medicaid RAC target areas
- What does case-mix index mean to you?
- QA:Coding multiple initial infusions
- OB services: Coding inside and outside of the package
- E-mailed
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- HIPAA Q&A: Level of encryption needed for email
- Q&A: Follow CMS' coding guidelines when using modifier -25
- CMS has reformulated payments for some bilateral procedures
- Catch up on what's new with injections and infusions
- New conflicts of interest create new challenges
- Q/A. One injection code or two?
- What does case-mix index mean to you?
- ED-to-inpatient transfers are flawed with safety gaps
- Searched