Breaking Compliance News Blog

What are you doing to keep the lights on?

Posted by Margaret Scavotto, JD, CHC on 9/21/21 9:15 AM

This blog was also posted on The Compliance & Ethics Blog, the national compliance blog published by the Health Care Compliance Association and the Society of Corporate Compliance & Ethics.

 

A few weeks ago, a storm came through the St. Louis area. Wind gusts that reached 41 miles per hour snapped telephone poles in half, toppled trees onto power lines and transformers, and left more than 100,000 people without power. We ended up throwing out everything in our fridge. And then everything in the freezer. And then the fridge itself, which did not survive the power surge.

Despite the widespread damage and outages, our power was restored in 48 hours – pretty quickly compared to prior outages. In 2006, a storm left 1.1 million people without power. The outage took a week to fix, and the extreme heat brought 300 Missouri National Guard troops to St. Louis to help with the effort. Several years later, a winter storm left many without power during bitter cold for a week.

And then something changed.

Cities and power companies began a widespread effort to trim trees whose branches loomed over the power lines. Everywhere I turned, I saw tree trimmers hard at work. Years later, I still see this work being done regularly.

Storms still come, and the power still goes out. But it comes back on much sooner! Is it because of the maintenance to lessen storm damage to power lines? Have the storms been less severe? Or is it a combination of both?

Regardless, everyone sleeps a little better during a storm knowing that everything possible has been done to mitigate the damage and keep power systems running. The proactive response to our region’s severe power failures has made these outages far less disruptive.

What is true for bad weather is true for compliance: things will go wrong – and your routine compliance maintenance can minimize the disruption:

Read More

Topics: Culture of Compliance, compliance

Free webinar: HIPAA Security Risk Analysis!

Posted by Margaret Scavotto, JD, CHC on 9/14/21 10:54 AM

 

Sign up for MPA's FREE Compliance & HIPAA webinars:

All webinars are 11:00 a.m. CST - 12:00 p.m. CST

 

October 20, 2021: HIPAA Security Risk Analysis!

The HIPAA Security Risk Analysis is required by law, extremely helpful for reducing security risk - and very daunting. It's a lot of work, but well worth it. MPA will walk through what the Security Risk Analysis is, why you need one, and some practical tips to get you started on your own SRA.

SIGN UP

 

We hope you will also join us for September's webinar:

September 29, 2021: MPA Answers Your Burning Compliance Questions

Got a burning compliance (or HIPAA) question? We will send out an email asking for your questions in advance. We'll also take questions live, and go over our most frequently asked compliance and HIPAA questions. Get your questions answered on September 29!

SIGN UP

Read More

Topics: Training and Education, HIPAA, compliance

Free webinar: HIPAA Security Risk Analysis!

Posted by Margaret Scavotto, JD, CHC on 8/31/21 10:54 AM

 

Sign up for MPA's FREE Compliance & HIPAA webinars:

All webinars are 11:00 a.m. CST - 12:00 p.m. CST

 

October 20, 2021: HIPAA Security Risk Analysis!

The HIPAA Security Risk Analysis is required by law, extremely helpful for reducing security risk - and very daunting. It's a lot of work, but well worth it. MPA will walk through what the Security Risk Analysis is, why you need one, and some practical tips to get you started on your own SRA.

SIGN UP

 

We hope you will also join us for September's webinar:

September 29, 2021: MPA Answers Your Burning Compliance Questions

Got a burning compliance (or HIPAA) question? We will send out an email asking for your questions in advance. We'll also take questions live, and go over our most frequently asked compliance and HIPAA questions. Get your questions answered on September 29!

SIGN UP

Read More

Topics: Training and Education, HIPAA, compliance

TikTok Terror

Posted by Margaret Scavotto, JD, CHC on 8/18/21 9:30 AM

A North Carolina Licensed Practical Nurse (LPN) was fired from a nursing home after she posted a series of videos on TikTok. The videos included the following phrases:

  • “I’d unplug your vent to charge my cell phone.”
  • “Me waking my patient up at 6:55 am to make sure they didn’t [sic] die from all the drugs i gave them to make them go to sleep”
  • “Me on my way to give my patients drugs so WE can get some good sleep tonight”

Wow.

It is not a surprise that the statement the nursing home issued about her termination stated:

Read More

Topics: HIPAA, Social Media, abuse, skilled nursing, compliance

Sign up for MPA's FREE compliance and HIPAA webinars!

Posted by Margaret Scavotto, JD, CHC on 8/17/21 9:45 AM

 

Sign up for MPA's FREE Compliance & HIPAA webinars:

All webinars are 11:00 a.m. CST - 12:00 p.m. CST

 

August 25, 2021: HIPAA Lessons from the Headlines

SIGN UP

 

September 29, 2021: MPA Answers Your Burning Compliance Questions

SIGN UP

Read More

Topics: Training and Education, HIPAA, compliance

* Guest Blog: My Quarter Problem by Adam Turteltaub

Posted by Margaret Scavotto, JD, CHC on 8/11/21 9:30 AM

This week's blog was written by guest blogger Adam Turteltaub, CCEP CHC, Chief Engagement & Strategy Officer for the Society of Corporate Compliance and Ethics. This blog was orginally published on The Compliance and Ethics Blog. Not reading the Compliance and Ethics Blog? Check it out.

There’s a quarter sitting on my desk. It’s been there for over a year at this point. It’s a problem quarter.

How did it get there? One day I took a bucket of change to the Coinstar machine to get all those coins turned into an Amazon gift certificate. While the machine was happy to gobble up all the other quarters, dimes, nickels and pennies, it wanted nothing to do with that one quarter.

I couldn’t figure out why at first, and then I noticed it’s from 1956, which makes it one of the rare things in my life that is actually older than I am.

I figured it must be different enough from modern quarters that the machine rejected it. So, I put it in my pocket, figuring I would just spend it in a parking meter.  But then, on the way home, I thought to myself, “I wonder if, given its age, it may be worth something?”

So, I did a quick search on the internet and found out that it’s worth its weight in silver. As I write this, that’s about $4.60.

And that’s my problem.

Read More

Topics: compliance

Earn 5 CEUs with MPA’s Virtual HIPAA Training!

Posted by Margaret Scavotto, JD, CHC on 8/10/21 9:15 AM

HIPAA is a lot!

MPA's e-course makes it easier to keep up with privacy, security, breach notification, and social media.

Sign up for MPA's Virtual HIPAA Training Course

*** Approved for 5 hours of NAB CEUs***

Read More

Topics: Training and Education, HIPAA, Social Media, security, breach notification, privacy, webinar

Earn 5 CEUs with MPA’s Virtual HIPAA Training!

Posted by Margaret Scavotto, JD, CHC on 8/5/21 11:40 AM

HIPAA is a lot!

MPA's e-course makes it easier to keep up with privacy, security, breach notification, and social media.

Sign up for MPA's Virtual HIPAA Training Course

*** Approved for 5 hours of NAB CEUs***

Read More

Topics: Training and Education, HIPAA, Social Media, security, breach notification, privacy, webinar

Sign up for MPA's new Compliance & HIPAA Webinars!

Posted by Margaret Scavotto, JD, CHC on 8/3/21 10:00 AM

 

Sign up for MPA's FREE Compliance & HIPAA webinars:

All webinars are 11:00 a.m. CST - 12:00 p.m. CST

 

August 25, 2021: HIPAA Lessons from the Headlines

SIGN UP

 

September 29, 2021: MPA Answers Your Burning Compliance Questions

SIGN UP

Read More

Dumpster diving: Why you need a HIPAA PHI inventory

Posted by Margaret Scavotto, JD, CHC on 7/29/21 9:30 AM

Patient specimens thrown out with the trash

Recently, a dermatology provider discovered that it was inappropriately discarding empty specimen bottles (which list patient name, DOB, specimen date, provider, and part of the body where the specimen was taken). How were the specimen bottles disposed? In the trash – for ten years.

When the organization realized this practice was improper, it self-reported the potential HIPAA breach to the OCR, and revisited its practices.

Hospital employee puts patient meal tickets in the garbage

For more than four months, a hospital employee put patient meal tray tickets in the trash – rather than shredding them. As a result, more than 1,000 patients’ personal information was potentially breached. The meal tickets listed patient names, day and month of birth, hospital unit and bed number, and diet and menu information. 

Are you overlooking PHI?

Protected health information (PHI) exists beyond the medical record. It includes patient names written on a rounding whiteboard. It includes data surrounding your medical devices. It includes specimen bottles with labels containing patient information. And yes, it can include meal tickets.

How can we know if our HIPAA compliance program addresses ALL of our PHI?

Read More

    Privacy Policy           Terms of Use