Breaking Compliance News Blog

A hospital found itself in the headlines after a review of stillbirths was posted online.

The hospital foundation trust reviewed the information at a board of directors meeting. The information included details about stillbirths, prior miscarriages and terminated pregnancies, plus the mothers' age and BMI. The Board report included the following statement: “Restricted – Not to be copied or shared without the permission of the chair….” Despite this language, the report was publicly available online.

Sign up for the next webinar in MPA's Free Compliance Webinar Series:

October 14th at 12 p.m. CST: Plan a Successful Compliance Week!

Your compliance program is only as strong as the culture behind it - and the knowledge and buy-in of your team. It takes year-round activities and awareness to support that culture. In this webinar, we will discuss approaches to plan a fun and engaging Compliance Week for your staff. Whether it's been a year since you held Compliance Week - or whether compliance has been back-burnered during the pandemic and your culture needs a boost - it's time to schedule a Compliance Week!

Learn how to plan a Compliance Week that reinforces compliance as a positive force in your organization.

Sign up here.

With CMS resuming routine nursing home surveys, it’s time to get your compliance and ethics program ready for future surveys.

Whether you are new to compliance or want to make sure you are ready to lead a Phase 3 Compliance and Ethics Program, MPA’s 4-part virtual how-to course can help. Sign up now and receive:

• Four 75-minute classes. We will keep the class going until all your questions are answered!
• One free compliance tool per class
• A 20% discount on MPA’s SNF Compliance Program (save $350)

Sign up for one course, or all four.

Price: $95 per course or $325 for all four. Sign up now.

Those enrolled in all four courses will receive a digital step-by-step compliance program implementation guide.

Can’t attend live? All attendees will receive access to the recorded classes for 6 months.

Sign up for the next webinar in MPA's Free Compliance Webinar Series:

October 14th at 12 p.m. CST: Plan a Successful Compliance Week!

Your compliance program is only as strong as the culture behind it - and the knowledge and buy-in of your team. It takes year-round activities and awareness to support that culture. In this webinar, we will discuss approaches to plan a fun and engaging Compliance Week for your staff. Whether it's been a year since you held Compliance Week - or whether compliance has been back-burnered during the pandemic and your culture needs a boost - it's time to schedule a Compliance Week!

Learn how to plan a Compliance Week that reinforces compliance as a positive force in your organization.

Sign up here.

With CMS resuming routine nursing home surveys, it’s time to get your compliance and ethics program ready for future surveys.

Whether you are new to compliance or want to make sure you are ready to lead a Phase 3 Compliance and Ethics Program, MPA’s 4-part virtual how-to course can help. Sign up now and receive:

• Four 75-minute classes. We will keep the class going until all your questions are answered!
• One free compliance tool per class
• A 20% discount on MPA’s SNF Compliance Program (save $350)

Sign up for one course, or all four.

Price: $95 per course or $325 for all four. Sign up now.

Those enrolled in all four courses will receive a digital step-by-step compliance program implementation guide.

Can’t attend live? All attendees will receive access to the recorded classes for 6 months.

As the United States is in varying stages of opening versus shutting down in response to COVID-19, the definition of "workplace" has become a very fuzzy concept. Sometimes I work at home, and sometimes I work at the office. I hear from some parents will be working with a "pod" of children learning virtually in their homes. And yes, some employees have resumed working at coffee shops. This changing reality of where we are working brought this popular blog from 2019 to mind - so here is one from the archives...

The other day I stopped by my favorite local coffee shop for an afternoon pick-me-up. I ordered my guilty pleasure – a brown sugar rosemary latte – and sat down in the only available seat on the lobby couch to wait.

A few minutes later, a young woman came in and sat down next to me, opened her laptop, and began clack-clacking away (a common occurrence, as this coffee place is known as an unofficial co-working space).

I got up to get my latte, sat back down, and noticed that the woman was on the phone. I began reading an article about a recent HIPAA breach (in a moment you will learn the irony in this), and tried not to be distracted by her call. But, I couldn’t help but notice she seemed to be talking about a patient. She mentioned the patient’s name and birthday, and then scheduled an appointment for him. She went on to do this for several other patients. Then she called a few patients to check on their condition and well-being. I also couldn’t help but notice that she was typing information into some kind of EMR database.

If this was a cartoon, my head would have exploded at this moment.

When my disbelief faded into the reality that this person – perhaps some kind of case worker or social worker – was in fact discussing patients and their health care information – I had a sinking feeling in my stomach. Does this really happen? Am I on some kind of brainy reality TV show for HIPAA professionals? How could two people sitting on the same couch have such different reactions to these phone calls? How could I be so appalled – and this woman be oblivious and even pleased to be accomplishing so much?

I’ll tell you why: awareness and training.

I think about HIPAA all the time. I follow HIPAA settlements and headlines daily, blog about them, and build training programs and policies around them. So, I see HIPAA everywhere.

I don’t know what kind of HIPAA training my couch neighbor has had. It could be she was trained extensively and chose to ignore the advice. Or perhaps it is more likely that she wasn’t trained on HIPAA – or at least, not recently – and not on protecting patient privacy when working remotely.

What about your staff? Would they know what to do?

It is common for covered entities and business associates to train employees at hire and (at least) annually. What’s not as common is including other parties in the organization’s HIPAA training program. Contracted staff, temp/agency staff, volunteers, board members, and students can be considered part of an organization’s workforce – meaning, they need to be trained on HIPAA. And, during the pandemic, many providers have expanded the types of individuals that are part of their team.

The pandemic has led covered entities and business associates to rethink training.

For starters, in-services are not always practical right now. With more remote employees, and concerns about trying to contain spread of the virus, in-person, classroom-style training is not working for everyone.

Plus, many providers are dealing with an evolving workforce: more agency/temp staff, more healthcare professionals newly hired due to loosened education or certification requirements during COVID-19. All of these people need training - and providers have less time to train.

Compliance and HIPAA training does not have to be in the form of a live in-service to be effective. 

MPA's Compliance and HIPAA Training Handbooks can help.

MPA's Compliance and HIPAA training handbooks for healthcare staff are here!

Help your staff get HIPAA right, all day, every day.

MPA noticed that most HIPAA training doesn't cover the top calls we get: snooping, selfies, social media, and other common breaches.

This HIPAA training handbook won't tell your staff that HIPAA was enacted in 1996 - because that won't help your staff make good HIPAA decisions on a daily basis. This handbook will, however, provide common sense HIPAA information your staff need to succeed in healthcare.

Each chapter is accompanied by a mini-quiz to test staff knowledge.

Learn more.

Help your staff get compliance right, all day, every day.

MPA noticed that most compliance training does not cover the daily risks most healthcare staff encounter - or is written in legalese that is challenging for many healthcare employees.

This training handbook won't tell your staff that OIG stands for "Office of Inspector General," because that isn't going to help most of your staff understand compliance. This handbook will break down compliance concepts in simple, understandable chapters to help them do their jobs in a way that follows your compliance program. 

Each chapter is accompanied by a mini-quiz to test staff knowledge.

Learn more.

The other day I stopped by my favorite local coffee shop for an afternoon pick-me-up. I ordered my guilty pleasure – a brown sugar rosemary latte – and sat down in the only available seat on the lobby couch to wait.

A few minutes later, a young woman came in and sat down next to me, opened her laptop, and began clack-clacking away (a common occurrence, as this coffee place is known as an unofficial co-working space).

I got up to get my latte, sat back down, and noticed that the woman was on the phone. I began reading an article about a recent HIPAA breach (in a moment you will learn the irony in this), and tried not to be distracted by her call. But, I couldn’t help but notice she seemed to be talking about a patient. She mentioned the patient’s name and birthday, and then scheduled an appointment for him. She went on to do this for several other patients. Then she called a few patients to check on their condition and well-being. I also couldn’t help but notice that she was typing information into some kind of EMR database.

If this was a cartoon, my head would have exploded at this moment.

When my disbelief faded into the reality that this person – perhaps some kind of case worker or social worker – was in fact discussing patients and their health care information – I had a sinking feeling in my stomach. Does this really happen? Am I on some kind of brainy reality TV show for HIPAA professionals? How could two people sitting on the same couch have such different reactions to these phone calls? How could I be so appalled – and this woman be oblivious and even pleased to be accomplishing so much?

I’ll tell you why: awareness and training.

I think about HIPAA all the time. I follow HIPAA settlements and headlines daily, blog about them, and build training programs and policies around them. So, I see HIPAA everywhere.

I don’t know what kind of HIPAA training my couch neighbor has had. It could be she was trained extensively and chose to ignore the advice. Or perhaps it is more likely that she wasn’t trained on HIPAA – or at least, not recently – and not on protecting patient privacy when working remotely.

What about your staff? Would they know what to do?