Breaking Compliance News Blog

Margaret Scavotto, JD, CHC

Find me on:

Recent Posts

Plan a Successful Compliance Week with MPA's free webinar!

Posted by Margaret Scavotto, JD, CHC on 9/29/20 11:20 AM

Sign up for the next webinar in MPA's Free Compliance Webinar Series:

October 14th at 12 p.m. CST: Plan a Successful Compliance Week!

Your compliance program is only as strong as the culture behind it - and the knowledge and buy-in of your team. It takes year-round activities and awareness to support that culture. In this webinar, we will discuss approaches to plan a fun and engaging Compliance Week for your staff. Whether it's been a year since you held Compliance Week - or whether compliance has been back-burnered during the pandemic and your culture needs a boost - it's time to schedule a Compliance Week!

Learn how to plan a Compliance Week that reinforces compliance as a positive force in your organization.

Sign up here.

Read More

Topics: Training and Education, Culture of Compliance, compliance

Enroll in MPA’s Virtual Nursing Home Compliance Officer Training!

Posted by Margaret Scavotto, JD, CHC on 9/21/20 9:15 AM

With CMS resuming routine nursing home surveys, it’s time to get your compliance and ethics program ready for future surveys.

Whether you are new to compliance or want to make sure you are ready to lead a Phase 3 Compliance and Ethics Program, MPA’s 4-part virtual how-to course can help. Sign up now and receive:

  • Four 75-minute classes. We will keep the class going until all your questions are answered!
  • One free compliance tool per class
  • A 20% discount on MPA’s SNF Compliance Program (save $350)

Sign up for one course, or all four.

Price: $95 per course or $325 for all four. Sign up now.

Those enrolled in all four courses will receive a digital step-by-step compliance program implementation guide.

Can’t attend live? All attendees will receive access to the recorded classes for 6 months.

Read More

Topics: Training and Education, Affordable Care Act, compliance, compliance officer, Phase 3, webinar

Sign up for MPA's free webinar: Plan a Successful Compliance Week!

Posted by Margaret Scavotto, JD, CHC on 9/17/20 9:30 AM

Sign up for the next webinar in MPA's Free Compliance Webinar Series:

October 14th at 12 p.m. CST: Plan a Successful Compliance Week!

Your compliance program is only as strong as the culture behind it - and the knowledge and buy-in of your team. It takes year-round activities and awareness to support that culture. In this webinar, we will discuss approaches to plan a fun and engaging Compliance Week for your staff. Whether it's been a year since you held Compliance Week - or whether compliance has been back-burnered during the pandemic and your culture needs a boost - it's time to schedule a Compliance Week!

Learn how to plan a Compliance Week that reinforces compliance as a positive force in your organization.

Sign up here.

Read More

Topics: Training and Education, Culture of Compliance, compliance

Enroll in MPA’s Virtual Nursing Home Compliance Officer Training!

Posted by Margaret Scavotto, JD, CHC on 9/15/20 9:00 AM

With CMS resuming routine nursing home surveys, it’s time to get your compliance and ethics program ready for future surveys.

Whether you are new to compliance or want to make sure you are ready to lead a Phase 3 Compliance and Ethics Program, MPA’s 4-part virtual how-to course can help. Sign up now and receive:

  • Four 75-minute classes. We will keep the class going until all your questions are answered!
  • One free compliance tool per class
  • A 20% discount on MPA’s SNF Compliance Program (save $350)

Sign up for one course, or all four.

Price: $95 per course or $325 for all four. Sign up now.

Those enrolled in all four courses will receive a digital step-by-step compliance program implementation guide.

Can’t attend live? All attendees will receive access to the recorded classes for 6 months.

Read More

Topics: Training and Education, Affordable Care Act, compliance, compliance officer, Phase 3, webinar

HIPAA Lessons from Uber: Don't Sweep Data Breaches Under the Rug

Posted by Margaret Scavotto, JD, CHC on 9/10/20 10:57 AM

I

n 2016, Uber suffered a data breach affecting the personal information of 57 million drivers and customers. Uber did not announce the breach until November 2017. In August 2020, the United States Department of Justice (DOJ) filed a criminal complaint against Joseph Sullivan, Uber’s Chief Security Officer at the time of the breach. The DOJ has charged Sullivan with obstruction of justice and misprision of a felon for his alleged role in concealing the 2016 breach.

Read More

Topics: Board Involvement, HIPAA, data breach, breach notification

Stay compliant with MPA's Monthly Compliance Newsletter

Posted by Margaret Scavotto, JD, CHC on 9/9/20 9:15 AM

MPA scours OIG, DOJ, FBI, and OCR enforcement updates and news headlines so you don't have to.

We summarize enforcement trends and deliver the latest compliance and HIPAA developments to your inbox with our Monthly Compliance News Report.

Coming to this month's issue: 

  • Nonprofit hospice pays $375,000 false claims settlement
  • States are going after companies for price gouging PPE sales
  • Nursing home surveys are back!
  • Vishing scams: are your employees prepared?
  • Hackers targeting entities involved with COVID-19 research, and ventilator manufacturers
  • Nurse uses stolen nursing home resident PHI to pay off debts
  • You can read a sample report here

Read More

Topics: Compliance Basics

I’ll have another rosemary latte and a HIPAA breach, please.

Posted by Margaret Scavotto, JD, CHC on 8/25/20 9:00 AM

As the United States is in varying stages of opening versus shutting down in response to COVID-19, the definition of "workplace" has become a very fuzzy concept. Sometimes I work at home, and sometimes I work at the office. I hear from some parents will be working with a "pod" of children learning virtually in their homes. And yes, some employees have resumed working at coffee shops. This changing reality of where we are working brought this popular blog from 2019 to mind - so here is one from the archives...

 

The other day I stopped by my favorite local coffee shop for an afternoon pick-me-up. I ordered my guilty pleasure – a brown sugar rosemary latte – and sat down in the only available seat on the lobby couch to wait.

A few minutes later, a young woman came in and sat down next to me, opened her laptop, and began clack-clacking away (a common occurrence, as this coffee place is known as an unofficial co-working space).

I got up to get my latte, sat back down, and noticed that the woman was on the phone. I began reading an article about a recent HIPAA breach (in a moment you will learn the irony in this), and tried not to be distracted by her call. But, I couldn’t help but notice she seemed to be talking about a patient. She mentioned the patient’s name and birthday, and then scheduled an appointment for him. She went on to do this for several other patients. Then she called a few patients to check on their condition and well-being. I also couldn’t help but notice that she was typing information into some kind of EMR database.

If this was a cartoon, my head would have exploded at this moment.

When my disbelief faded into the reality that this person – perhaps some kind of case worker or social worker – was in fact discussing patients and their health care information – I had a sinking feeling in my stomach. Does this really happen? Am I on some kind of brainy reality TV show for HIPAA professionals? How could two people sitting on the same couch have such different reactions to these phone calls? How could I be so appalled – and this woman be oblivious and even pleased to be accomplishing so much?

I’ll tell you why: awareness and training.

I think about HIPAA all the time. I follow HIPAA settlements and headlines daily, blog about them, and build training programs and policies around them. So, I see HIPAA everywhere.

I don’t know what kind of HIPAA training my couch neighbor has had. It could be she was trained extensively and chose to ignore the advice. Or perhaps it is more likely that she wasn’t trained on HIPAA – or at least, not recently – and not on protecting patient privacy when working remotely.

What about your staff? Would they know what to do?

 

Read More

Topics: Training and Education, HIPAA, Culture of Compliance

HIPAA Reminder: Don’t Forget Students

Posted by Margaret Scavotto, JD, CHC on 8/20/20 9:45 AM

It is common for covered entities and business associates to train employees at hire and (at least) annually. What’s not as common is including other parties in the organization’s HIPAA training program. Contracted staff, temp/agency staff, volunteers, board members, and students can be considered part of an organization’s workforce – meaning, they need to be trained on HIPAA. And, during the pandemic, many providers have expanded the types of individuals that are part of their team.

Read More

Topics: Training and Education, HIPAA, compliance, COVID-19

*** BREAKING NEWS: CMS NURSING HOME SURVEYS ARE BACK

Posted by Margaret Scavotto, JD, CHC on 8/18/20 11:52 AM

In March, CMS announced that it was suspending routine surveys for nursing homes during the pandemic, in order to focus on infection control and Immediate Jeopardy issues. However, CMS announced on Monday that this suspension is coming to an end.

In its memo to State Survey Agency Directors, titled: Enforcement Cases Held during the Prioritization Period and Revised Survey Prioritization, CMS announced that it is resuming onsite revisits and other surveys, and expanding its desk review.

In addition to the expanded surveys previously authorized for states entering Phase 3 of the Nursing Homes Reopening guidance, CMS is authorizing further survey expansion. The guidance states (direct quote):

Read More

Topics: annual review, guidance, compliance, Phase 3, surveys

Stay compliant with MPA's Monthly Compliance Newsletter Subscription

Posted by Margaret Scavotto, JD, CHC on 8/13/20 9:30 AM

MPA scours OIG, DOJ, FBI, and OCR enforcement updates and news headlines so you don't have to.

We summarize enforcement trends and deliver the latest compliance and HIPAA developments to your inbox with our Monthly Compliance News Report.

Coming to this month's issue: 

  • SNF chain billed for unnecessary therapy
  • PPP loan fraud leads to criminal charges
  • Physician assistant took kickbacks from pharmaceutical company
  • Providers enter 5-figure settlements for employing excluded providers
  • The OCR resolves two complaints with providers whose COVID-19 polices involved religious discrimination
  • Nursing homes hit with ransomware
  • sou can read a sample report here

Read More

Topics: Compliance Basics

    Privacy Policy           Terms of Use