Compliance with the Health Insurance Portability and Accountability Act (HIPAA) is not only required by law, but it is also essential for the proper management and profitability of healthcare providers. The HIPAA Privacy Rule, the HIPAA Security Rule, and HIPAA risk assessment requirements were developed by the U.S. Department of Health and Human Services’ Office of Civil Rights. HIPAA is comprised of three parts: security, privacy, and EDI (code sets, transactions, and identifiers). All areas must be in compliance to ensure the privacy of patient health information.
We can help ensure that you meet those compliance standards.
HIPAA Risk Analysis
We identify potential threats and vulnerabilities in order to provide an understanding of the risks to protected health information. We also review and assess both technical and non-technical privacy and security measures. The results become the basis for a dynamic and ongoing risk management process, which will lay the foundation for compliance with HIPAA requirements.
Coding and Documentation Audit
Following the audit guidelines established by the Office of the Inspector General, we perform a comprehensive review of the accuracy of coding, billing and reimbursement practices. This process helps to ensure compliance, which ultimately enhances the quality of data submitted to third-party payers. We also assist the organization in taking any appropriate corrective actions.
We help our clients comply with the requirements necessary to achieve meaningful use (MU), from the planning to attestation stages, with minimal disruption to patients, staff, and office workflow. Our MU consulting services not only help clients maintain complete health records for patients, but also to meet MU goals and qualify for maximum reimbursement amounts.
Because HIPAA compliance is an ongoing, dynamic process, additional areas of operations also affect your risk management. As part of our commitment to our clients, we also provide the following services:
- Policy reviews
- Educational material reviews
- Coding education and training
The Health Information Technology for Economic and Clinical Health (HITECH) Act, enacted and signed into law in 2009, also addresses security and privacy concerns that arise when health information is transmitted electronically. Several provisions in the HITECH Act relate to and strengthen the enforcement of HIPAA. We also provide the services listed above in relation to HITECH compliance.
HITRUST Compliance and Certification
For any healthcare organization, protecting sensitive information must be a priority. But between the latest security threats and complex regulations, it’s difficult to stay aware of new security measures while also remaining compliant. HITRUST sets the standard for healthcare information security, so any entity that handles PHI or other sensitive data should be intimately familiar with it. Learn more about our HITRUST compliance and certification services.