Breaking Compliance News Blog

HIPAA Reminder: Don’t Forget Students

Posted by Margaret Scavotto, JD, CHC on 8/20/20 9:45 AM

It is common for covered entities and business associates to train employees at hire and (at least) annually. What’s not as common is including other parties in the organization’s HIPAA training program. Contracted staff, temp/agency staff, volunteers, board members, and students can be considered part of an organization’s workforce – meaning, they need to be trained on HIPAA. And, during the pandemic, many providers have expanded the types of individuals that are part of their team.

Read More

Topics: Training and Education, HIPAA, compliance, COVID-19


Posted by Margaret Scavotto, JD, CHC on 8/18/20 11:52 AM

In March, CMS announced that it was suspending routine surveys for nursing homes during the pandemic, in order to focus on infection control and Immediate Jeopardy issues. However, CMS announced on Monday that this suspension is coming to an end.

In its memo to State Survey Agency Directors, titled: Enforcement Cases Held during the Prioritization Period and Revised Survey Prioritization, CMS announced that it is resuming onsite revisits and other surveys, and expanding its desk review.

In addition to the expanded surveys previously authorized for states entering Phase 3 of the Nursing Homes Reopening guidance, CMS is authorizing further survey expansion. The guidance states (direct quote):

Read More

Topics: annual review, guidance, compliance, Phase 3, surveys

Stay compliant with MPA's Monthly Compliance Newsletter Subscription

Posted by Margaret Scavotto, JD, CHC on 8/13/20 9:30 AM

MPA scours OIG, DOJ, FBI, and OCR enforcement updates and news headlines so you don't have to.

We summarize enforcement trends and deliver the latest compliance and HIPAA developments to your inbox with our Monthly Compliance News Report.

Coming to this month's issue: 

  • SNF chain billed for unnecessary therapy
  • PPP loan fraud leads to criminal charges
  • Physician assistant took kickbacks from pharmaceutical company
  • Providers enter 5-figure settlements for employing excluded providers
  • The OCR resolves two complaints with providers whose COVID-19 polices involved religious discrimination
  • Nursing homes hit with ransomware
  • sou can read a sample report here

Read More

Topics: Compliance Basics

HIPAA News: Two Settlements and a Fraudulent OCR Postcard

Posted by Margaret Scavotto, JD, CHC on 8/10/20 1:15 PM

Watch Out for Fraudulent OCR Postcards

On August 6th, the OCR issued an Alert: Postcard Disguised as Official OCR Communication. This Alert warns covered entities and business associates that an impostor is sending postcards out, posing to be the OCR. The postcards ask the recipient go visit a website, call, or email “to take immediate action on a HIPAA Risk Assessment.” The postcard is not from the OCR; it is from a consulting company trying to sell services.

Read More

Topics: HIPAA

You need your compliance program now more than ever

Posted by Margaret Scavotto, JD, CHC on 7/30/20 9:15 AM

In June 2020, The Society of Corporate Compliance and Ethics and the Health Care Compliance Association published survey results: Compliance and the COVID-19 Pandemic.

This survey of compliance professionals found:

"The COVID-19 pandemic has upended countless organizations and how people work... compliance programs have also felt the impact. Teams have had to adjust the way they work to ensure that regulatory mandates are still met - all while staying on top of the myriad regulation changes meant to address the pandemic."

I think we can all agree it has not been easy.

Here is what your healthcare professional peers say about COVID-19's effect on compliance:

Read More

Topics: Culture of Compliance, compliance, COVID-19

Sign up for MPA's free webinar: HIPAA & PR Pitfalls

Posted by Margaret Scavotto, JD, CHC on 7/28/20 8:53 AM

Sign up for the next webinar in MPA's Free Compliance Webinar Series:

August 11 at 11 a.m. CST: HIPAA & PR Pitfalls

The OCR has entered multiple HIPAA settlements with healthcare providers who violated HIPAA with public relations campaigns and media communications. This was an issue before COVID-19, and the pandemic has only increased media attention and the need for effective HIPAA protocols.

Learn how to stay on the good side of the news.

Sign up here.

Read More

Topics: HIPAA, Culture of Compliance, compliance

Has your HIPAA training kept up with COVID-19?

Posted by Margaret Scavotto, JD, CHC on 7/23/20 10:15 AM

During the pandemic, healthcare providers have seen countless headlines announcing both HIPAA guidance related to COVID-19, and HIPAA breaches. For example:

If your HIPAA training hasn't changed in response to this guidance and headlines, that could be a problem.

Read More

Topics: HIPAA, data breach, COVID-19

Train Remotely with Compliance and HIPAA Training Handbooks

Posted by Margaret Scavotto, JD, CHC on 7/21/20 9:45 AM

The pandemic has led covered entities and business associates to rethink training.

For starters, in-services are not always practical right now. With more remote employees, and concerns about trying to contain spread of the virus, in-person, classroom-style training is not working for everyone.

Plus, many providers are dealing with an evolving workforce: more agency/temp staff, more healthcare professionals newly hired due to loosened education or certification requirements during COVID-19. All of these people need training - and providers have less time to train.

Compliance and HIPAA training does not have to be in the form of a live in-service to be effective. 

MPA's Compliance and HIPAA Training Handbooks can help.

Read More

Topics: Compliance Basics, Training and Education, HIPAA, Culture of Compliance, MPA's Compliance Store, COVID-19

DOJ revises compliance program guidance: How do you measure up?

Posted by Margaret Scavotto, JD, CHC on 7/16/20 8:50 AM

In June 2020, the U.S. Department of Justice, Criminal Division, updated its guidance document: Evaluation of Corporate Compliance Programs. The guidance was last updated in April 2019.

This guidance is used in two ways:

  • Federal prosecutors conducting criminal investigations (such as into healthcare fraud) use it to evaluate a corporation’s compliance program. This evaluation can impact any financial penalties imposed.
  • Corporations, including healthcare providers, use it to evaluate their own compliance programs.

Here are some of the DOJ’s June 2020 changes to its compliance evaluation guidance:

Read More

Nursing Home Residents Can Keep Stimulus Checks

Posted by Margaret Scavotto, JD, CHC on 7/16/20 8:45 AM

On June 11, CMS issued an alert warning nursing homes not to seize residents' CARES Act stimulus checks. Providers that do so could lose their Medicare and Medicaid contracts.

CMS cited resident rights laws in support of its warning:

  • 42 CFR 483.12, Freedom from Abuse, Neglect and Exploitation (prohibition against misappropriation of resident property): "the deliberate misplacement, exploitation or wrongful, temporary, or permanent use of a resident's belongings or money without the resident's consent."
  • 42 CFR 483.10, each resident has "the right to manage his or her financial affairs"; "The facility must not require residents to deposit their personal funds with the facility. If a resident chooses to deposit personal funds with the facility, upon written authorization of a resident, the facility must act as a fiduciary of the resident's funds and hold, safeguard, manage, and account for the personal funds of the resident deposited with the facility...."

The FTC issued a consumer alert advising Medicaid beneficiaries that nursing homes CANNOT require them to sign their CARES Act stimulus checks over to the nursing home. The FTC encourages residents who have been asked by nursing homes for their CARES Act checks to complaint to the state attorney general.

MPA has updated its Resident Rights Policy and Resident Rights Summary to reflect this alert. Subscribers to MPA's Nursing Home Compliance Program received an email with the new policy downloads today. Click here to subscribe.

Read More

Topics: Resident Rights, compliance, Phase 3

    Privacy Policy           Terms of Use