Compliance with the Health Insurance Portability and Accountability Act (HIPAA) is not only required by law, but it is also essential for the proper management and profitability of healthcare providers. The HIPAA Privacy Rule, the HIPAA Security Rule and HIPAA risk assessment requirements were developed by the U.S. Department of Health and Human Services’ Office of Civil Rights. HIPAA is comprised of three parts: security, privacy and EDI (code sets, transactions and identifiers). All areas must be in compliance to ensure the privacy of patient health information. KraftCPAs Nashville HIPAA & HITECH Compliance Healthcare Team can help.
HIPAA Risk Analysis
We identify potential threats and vulnerabilities in order to provide an understanding of the risks to protected health information (PHI). We also review and assess both technical and non-technical privacy and security measures. The results become the basis for a dynamic and ongoing risk management process, which will lay the foundation for compliance with HIPAA requirements.
Coding & Documentation Audit
Following the audit guidelines established by the Office of the Inspector General (OIG), we perform a comprehensive review of the accuracy of coding, billing and reimbursement practices. This process helps to ensure compliance, which ultimately enhances the quality of data submitted to third-party payers. We also assist the organization in taking any appropriate corrective actions.
We help our clients comply with the requirements necessary to achieve Meaningful Use, from the planning to attestation stages, with minimal disruption to patients, staff and office workflow. Our MU consulting services not only help clients to utilize certified EHRs to maintain complete health records for patients, but also to meet MU goals and qualify for the maximum reimbursement amounts.
Because HIPAA compliance is an ongoing, dynamic process, additional areas of operations also affect your risk management. As part of our commitment to our clients, we also provide the following services:
- Policy Reviews
- Educational Material Reviews
- Coding Education & Training
The Health Information Technology for Economic and Clinical Health (HITECH) Act, which was enacted and signed into law in 2009, also addresses security and privacy concerns that arise when health information is transmitted electronically. Several provisions in the HITECH Act relate to and strengthen the enforcement of HIPAA. We are also able to provide the services listed above in relation to HITECH compliance.
HITRUST Compliance & Certification
For any healthcare organization, protecting sensitive health information must be an absolute priority. But between ever-evolving security threats and increasingly complex government regulations, it’s difficult to stay on top of the necessary security measures to keep patients’ information safe while remaining compliant. HITRUST sets the standard for healthcare information security, so any entity that handles PHI or other sensitive data should be intimately familiar with it. Learn more about our HITRUST compliance & certification services.