Breaking Compliance News Blog

Margaret Scavotto, JD, CHC

Find me on:

Recent Posts

Earn CEUs with MPA's FREE Compliance & HIPAA Webinars!

Posted by Margaret Scavotto, JD, CHC on 1/20/22 11:14 AM

 

 

Sign up for MPA's FREE Compliance & HIPAA webinars:

All webinars are 11:00 a.m. CST - 12:00 p.m. CST and are presented by Margaret Scavotto and Scott Gima.

 

February 9, 2022: How to Conduct a HIPAA Security Risk Analysis

1.2 CCB CEUs

The HIPAA Security Risk Analysis is required by law. It’s also one of the top areas of OCR enforcement: we often see settlements with covered entities and business associates who either failed to conduct a comprehensive HIPAA Security Risk Analysis – or did conduct one, but did not mitigate the risks it identified. That’s the stick, but there’s also a carrot: the best way to identify and reduce security risks and prevent cyber-attacks is by conducting a HIPAA Security Risk Analysis.

Special guest speaker: Scott Wolff, IT expert and president of LanServ!

SIGN UP

 

April 6, 2022: Compliance Lessons from Ted Lasso

1.2 CCB CEUs

“Taking on a challenge is a lot like riding a horse, isn’t it?”

"You know what the happiest animal on Earth is? It's a goldfish. You know why? It's got a 10-second memory."

"If the Internet has taught us anything, it's that sometimes it's easier to speak our minds anonymously."

 

Ted Lasso, the Apple TV series that has earned a host of Emmys and Golden Globes, has become a household staple. For most of us, it’s a 29-minute mental break when our work is done for the day. But America’s favorite soccer coach also brings us some priceless compliance lessons. Leading a compliance program through and beyond a pandemic isn’t too different from leading a downtrodden soccer team in England: it’s challenging and requires continuous sources of motivation.

SIGN UP

 

May 11, 2022: Affordable Care Act Compliance Programs for Nursing Homes

1.2 CCB CEUs

It’s been a long road since the Affordable Care Act mandated compliance and ethics programs for nursing homes in 2010. Since then, we have had rules issued; enforcement delayed; and a pandemic. Compliance is never easy in the highly regulated world of long-term care – but it has only gotten harder since this mandate was announced.

SIGN UP

 

The Compliance Certification Board (CCB)® has approved this event for up to 1.2  live CCB CEUs based on a 50-minute hour. Continuing Education Units are awarded based on individual attendance records. Granting of prior approval in no way constitutes endorsement by CCB of this event content or of the event sponsor.

Read More

Topics: Training and Education, HIPAA, compliance

Breaking News: SCOTUS Rules on Biden's Vaccine Mandates

Posted by Margaret Scavotto, JD, CHC on 1/13/22 7:36 PM

Earlier today, the U.S. Supreme Court (SCOTUS) issued two opinions related to the two federal vaccine mandates issued in 2021:

Read More

Topics: compliance

Earn CEUs with MPA's FREE Compliance & HIPAA Webinars!

Posted by Margaret Scavotto, JD, CHC on 1/13/22 8:00 AM

 

 

Sign up for MPA's FREE Compliance & HIPAA webinars:

All webinars are 11:00 a.m. CST - 12:00 p.m. CST and are presented by Margaret Scavotto and Scott Gima.

 

February 9, 2022: How to Conduct a HIPAA Security Risk Analysis

1.2 CCB CEUs

The HIPAA Security Risk Analysis is required by law. It’s also one of the top areas of OCR enforcement: we often see settlements with covered entities and business associates who either failed to conduct a comprehensive HIPAA Security Risk Analysis – or did conduct one, but did not mitigate the risks it identified. That’s the stick, but there’s also a carrot: the best way to identify and reduce security risks and prevent cyber-attacks is by conducting a HIPAA Security Risk Analysis.

Special guest speaker: Scott Wolff, IT expert and president of LanServ!

SIGN UP

 

April 6, 2022: Compliance Lessons from Ted Lasso

1.2 CCB CEUs

“Taking on a challenge is a lot like riding a horse, isn’t it?”

"You know what the happiest animal on Earth is? It's a goldfish. You know why? It's got a 10-second memory."

"If the Internet has taught us anything, it's that sometimes it's easier to speak our minds anonymously."

 

Ted Lasso, the Apple TV series that has earned a host of Emmys and Golden Globes, has become a household staple. For most of us, it’s a 29-minute mental break when our work is done for the day. But America’s favorite soccer coach also brings us some priceless compliance lessons. Leading a compliance program through and beyond a pandemic isn’t too different from leading a downtrodden soccer team in England: it’s challenging and requires continuous sources of motivation.

SIGN UP

 

May 11, 2022: Affordable Care Act Compliance Programs for Nursing Homes

1.2 CCB CEUs

It’s been a long road since the Affordable Care Act mandated compliance and ethics programs for nursing homes in 2010. Since then, we have had rules issued; enforcement delayed; and a pandemic. Compliance is never easy in the highly regulated world of long-term care – but it has only gotten harder since this mandate was announced.

SIGN UP

 

The Compliance Certification Board (CCB)® has approved this event for up to 1.2  live CCB CEUs based on a 50-minute hour. Continuing Education Units are awarded based on individual attendance records. Granting of prior approval in no way constitutes endorsement by CCB of this event content or of the event sponsor.

Read More

Topics: Training and Education, HIPAA, compliance

Have you upped your HIPAA game during COVID?

Posted by Margaret Scavotto, JD, CHC on 1/11/22 8:00 AM

HIPAA was a high priority for most healthcare providers before the pandemic.

 

COVID-19 stretched resources and lengthened to-do lists, and has made it harder to keep up with HIPAA compliance.

 

Which is tricky, because HIPAA risk has only increased during the pandemic, for two reasons.

 

First, hackers are opportunists.

They know the pandemic strains healthcare facilities, and a cyberattack might be more successful on a provider facing a COVID-19 surge. In March 2020, U.S. authorities warned that hackers were focusing their efforts on the three states hit the hardest by coronavirus: California, New York, and Washington – and hackers were targeting employees working from home.

Second, the pandemic has brought new ways to violate HIPAA.

Providers and vendors have scrambled to implement testing sites and vaccine clinics, ways to manage the data flowing in and out of testing sites and vaccine clinics, and software programs to sign up for testing and vaccines – to name a few. Many of these methods had to be put together hastily, as they were urgently needed. Was HIPAA the first consideration? Probably not. This inevitably led to breaches.

For example:

  • Denton County, Texas announced a breach involving a third-party application used by the County for COVID-19 vaccination clinics. This application had a configuration error that exposed information about individuals who received vaccinations.
  • An agency employee at Atacadero State Hospital in California improperly accessed patient and employee information, including COVID-19 test results. The records involved 1,735 employees and former employees, and 1,217 job applicants. The improper access was discovered during an “annual review of employee access to data folders, and the employee is believed to have been improperly accessing the information for about 10 months….”
  • The Lake County Health Department and Community Health Center in Illinois announced that 24,000 patient names were on a spreadsheet sent attached to an unencrypted email to an employee’s personal email address. 
  • Indiana’s COVID-19 online contact tracing survey was breached, compromising the data of hundreds of thousands of Indiana residents. The breach was caused by a software misconfiguration that left the information visible to the public.

I know resources are stretched thin, and people are exhausted. But it is still important to ask: Have you upped your HIPAA game during the pandemic? Has your organization addressed evolving threats that COVID-19 has brought the healthcare industry?

Here are some more questions to ask:

Read More

Topics: HIPAA, data breach, security, compliance, webinar

No Compliance Monkey Business: Compliance Lessons from Jane Goodall

Posted by Margaret Scavotto, JD, CHC on 12/16/21 9:30 AM

This blog was also posted on The Compliance & Ethics Blog, the national compliance blog published by the Health Care Compliance Association and the Society of Corporate Compliance & Ethics.

Jane Goodall is a British primatologist and anthropologist who is world renowned for her study of chimpanzees, and her commitment to conservation and animal welfare.

And, my kids are obsessed with her. They have picture books about her, t-shirts and jigsaw puzzles with her face on them. I’ve learned a lot about Jane Goodall this past year. It is because of my daughters’ heroine that I can share with you this quote from their dear Jane:

“Every individual matters. Every individual has a role to play. Every individual makes a difference.”

This insight is from Goodall’s book: With Love: Ten Heartwarming Stories of Chimpanzees in the Wild. It also appears on the website for Roots and Shoots, Goodall’s not-for-profit designed to help youth make a difference in their communities. So, when Goodall says “every individual has a role to play”, she is talking about chimpanzees – but she’s also talking about people (very much so).

After many months working at home in some degree of isolation due to the pandemic, this quote struck a chord with me. Disconnected from the usual flow of teamwork, meetings and conferences, the daily routine at home started with me, my to-do list, and the same question: What will I accomplish at home today?

Do you see how that question is all about me?

Read More

Topics: Culture of Compliance, compliance

Earn CEUs with MPA's FREE Compliance & HIPAA Webinars!

Posted by Margaret Scavotto, JD, CHC on 12/14/21 10:45 AM

 

 

Sign up for MPA's FREE Compliance & HIPAA webinars:

All webinars are 11:00 a.m. CST - 12:00 p.m. CST and are presented by Margaret Scavotto and Scott Gima.

 

February 9, 2022: How to Conduct a HIPAA Security Risk Analysis

1.2 CCB CEUs

The HIPAA Security Risk Analysis is required by law. It’s also one of the top areas of OCR enforcement: we often see settlements with covered entities and business associates who either failed to conduct a comprehensive HIPAA Security Risk Analysis – or did conduct one, but did not mitigate the risks it identified. That’s the stick, but there’s also a carrot: the best way to identify and reduce security risks and prevent cyber-attacks is by conducting a HIPAA Security Risk Analysis.

SIGN UP

 

April 6, 2022: Compliance Lessons from Ted Lasso

1.2 CCB CEUs

“Taking on a challenge is a lot like riding a horse, isn’t it?”

"You know what the happiest animal on Earth is? It's a goldfish. You know why? It's got a 10-second memory."

"If the Internet has taught us anything, it's that sometimes it's easier to speak our minds anonymously."

 

Ted Lasso, the Apple TV series that has earned a host of Emmys and Golden Globes, has become a household staple. For most of us, it’s a 29-minute mental break when our work is done for the day. But America’s favorite soccer coach also brings us some priceless compliance lessons. Leading a compliance program through and beyond a pandemic isn’t too different from leading a downtrodden soccer team in England: it’s challenging and requires continuous sources of motivation.

SIGN UP

 

May 11, 2022: Affordable Care Act Compliance Programs for Nursing Homes

1.2 CCB CEUs

It’s been a long road since the Affordable Care Act mandated compliance and ethics programs for nursing homes in 2010. Since then, we have had rules issued; enforcement delayed; and a pandemic. Compliance is never easy in the highly regulated world of long-term care – but it has only gotten harder since this mandate was announced.

SIGN UP

 

The Compliance Certification Board (CCB)® has approved this event for up to 1.2  live CCB CEUs based on a 50-minute hour. Continuing Education Units are awarded based on individual attendance records. Granting of prior approval in no way constitutes endorsement by CCB of this event content or of the event sponsor.

Read More

Topics: Training and Education, HIPAA, compliance

What Your Holiday Shopping Says About Your Compliance Planning

Posted by Margaret Scavotto, JD, CHC on 11/30/21 9:15 AM

Do you start shopping for holiday gifts in October? Or do you drive to the mall the day before Christmas, Hanukkah, Kwanzaa, or the Winter Solstice, frantically trying to buy presents for everyone on your list and *maybe* getting into a fender bender in the Whole Foods parking lot on the way home?

I’m a planner, and I’m done with my holiday shopping for 2021. I like to know that I have gifts for everyone on my list. I don’t like to worry that the book I really want to get for my dad is sold out at the local bookstore.

My premature holiday shopping mirrors my approach to compliance. I like a 12-month calendar of tasks. I like to see what’s planned monthly, quarterly, and annually. That way I can see what is coming up and know we will be ready.

The training scheduled for April? I can see it now, from back here in November, and know that I need to start asking department heads about real-world examples I can put into the training.

Read More

Topics: compliance

Raffle: Are you ready for Compliance Week?

Posted by Margaret Scavotto, JD, CHC on 10/21/21 9:15 AM

November 7-13, 2021 is the Health Care Compliance Association's national Corporate Compliance & Ethics Week.

Healthcare providers around the country will be celebrating Compliance Week.

It's certainly not mandatory to hold a Compliance Week the first week of November - you can have one any time that works for you. Some providers schedule Compliance Week at the same time as annual compliance training. Other providers hold Compliance Week six months after compliance training, to provide a second compliance "blast" during the year. Whatever time you choose, get a Compliance Week on the calendar every year.

If you took a break from Compliance Week during the pandemic, consider planning one during the next six months to boost your compliance culture.

To help you celebrate, MPA is hosting a raffle for everything you need to plan a successful compliance week! Click here to enter to win:

Why Compliance Week?

There are so many reasons why Compliance Week is good for your organization! Compliance Week will...

  • Boost your culture of compliance
  • Promote the visibility of your compliance program
  • Increaseemployees’ familiarity with the Compliance Officer & Committee
  • Provide compliance education
  • Inspire employees to recognize non-compliance and report it internally
  • Show employees that your compliance program is here to help them do their jobs better
  • Show employees that your organization and leaders are serious about doing the right thing
  • Reinforce compliance principles and keep compliance top of mind
  • Reward compliance successes

Short on ideas? MPA can help

Read More

Topics: Culture of Compliance, compliance, compliance week

Sign Up: Top 10 Compliance Tips for a Sucessful 2022

Posted by Margaret Scavotto, JD, CHC on 10/20/21 9:45 AM

 
Read More

Topics: Training and Education, HIPAA, compliance, COVID-19, webinar

Sign Up: Top 10 Compliance Tips for a Sucessful 2022

Posted by Margaret Scavotto, JD, CHC on 10/13/21 3:12 PM

Read More

Topics: Training and Education, HIPAA, compliance, COVID-19, webinar

    Privacy Policy           Terms of Use