Membership MattersOMA Resources Can Help YouHIPAA and Red Flags Rule OnlineResources: <strong>The</strong> OMA has HIPAA policies,procedures and templates and Red Flags Ruleresources available exclusively to membersonline. <strong>The</strong>se free tools provide an overviewof HIPAA policies and the Red Flags Rulerequirements, as well as customizable templatesand forms for physician offices. <strong>The</strong>se tools helpmedical practices ensure they meet the HIPAAand Red Flags Rule requirements.OMA Education “To Go”<strong>The</strong> OMA offers recorded versions of some of ourmost critical education focused on regulatoryupdates. OMA members and staff can orderaudio or webinar recordings regarding HIPAA,Red Flags Rule, the new HITECH Act prov<strong>is</strong>ionsand other recent regulatory updates to get thelatest education at a time and location that’smost convenient for them.Contact Information and Important Numbers99Online HIPAA and Red Flags Rule Resourceswww.theOMA.org/hipaa • www.theOMA.org/redflagresources(Members need to login to access these pages; for login instructions, v<strong>is</strong>it www.theOMA.org/Login.asp,or contact Jenn Webster at jenn@theOMA.org or (503) 619-8000.99OMA Education “To Go”Descriptions and order form available at www.theOMA.org/edtogo99Chr<strong>is</strong> Apgar, Apgar and Associates, LLCcapgar@apgarandassoc.com • (503) 977-9432 • www.apgarandassoc.com99OMA Webinar Information and Reg<strong>is</strong>trationwww.theOMA.org/workshops99OMA Practice RoundtableFor more information on upcoming Roundtablesand to reg<strong>is</strong>ter, v<strong>is</strong>it www.theOMA.org/practiceroundtable8 • Medicine in OregonBy Jennifer NordgaardSEVERAL IMPORTANT REGULATORY REQUIREMENTS and programs went into effect in2009 and early 2010, or will do so soon. <strong>The</strong>se include: the HITECH Act (part ofthe American Recovery and Reinvestment Act of 2009), Red Flags Rule, HIPAArule changes, and electronic health record incentives. New requirements have alreadyhad a significant impact on medical practices, and will continue to influence thepractice of medicine over the next several years. To help physicians and their staffmanage these changes, OMA offers a variety of resources and tools. See the sidebarbelow for contact information and how to access these and other resources.99New Member Benefit!Privacy and Security Compliance Audits and “Virtual Compliance Officer” ServicesOMA’s newest endorsed member benefitprovider, Apgar and Associates, LLC, conductscustomized privacy and security complianceaudits for OMA member organizations at ad<strong>is</strong>counted rate. <strong>The</strong>se specialized assessmentshelp practices comply with mandatory HIPAAPrivacy and Security prov<strong>is</strong>ions, the new HITECHprivacy and security requirements, appropriateindustry privacy and security practices,and other federal and state privacy laws.Assessments also help practices reduce theirlegal and financial r<strong>is</strong>k and adopt appropriateprivacy and security safeguards based on theunique needs of the practice.For each audit, an expert from Apgar &Associates spends time getting to know thepractice and delivers a complete report withfindings and recommended actions. “Auditsinclude interviewing practice staff, completinga short questionnaire and providing practicedocumentation, such as policies and procedures,”explains Chr<strong>is</strong> Apgar, CISSP. “<strong>The</strong> hours varydepending on the size of the practice, but the tasksperformed do not. Once the audit <strong>is</strong> completed,we will review the report and recommendationswith the practice, and ass<strong>is</strong>t in prioritizing anyoutstanding compliance deficiencies.” See STAT fordetails about upcoming compliance auditor tripsaround the state.OMA member organizations are entitled to aneight percent d<strong>is</strong>count for these privacy andsecurity audits and “virtual compliance officer”services.
99New OMA Webinars!<strong>The</strong> OMA <strong>is</strong> Hosting Two LiveEducational Webinars<strong>The</strong> first webinar will be held Wednesday,May 12, from 1:30–3 pm regarding theRecovery Audit Contractor program.Th<strong>is</strong> webinar will cover the RAC basics,CMS-approved <strong>is</strong>sues up for RAC review, howto respond to a RAC audit, and one physician’sexperience with a RAC audit.<strong>The</strong> second webinar, regarding the Office forCivil Rights Auditing and Enforcement:What to Expect, will be scheduled for later th<strong>is</strong>summer. It will review audit and enforcementrequirements, what to expect from the OCR,and who may be on the l<strong>is</strong>t to be audited. <strong>The</strong>webinar will also cover strategies practices canuse to demonstrate compliance with the HIPAAPrivacy, Security and Breach Notification Rules.See future <strong>is</strong>sues of STAT for the date and time.99New Member Service!OMA Practice RoundtableGwen Dayton, JD, OMA’s new General Counsel,will staff an OMA Practice Roundtable groupcomposed of practice managers and others whow<strong>is</strong>h to attend to talk about challenging legaland regulatory <strong>is</strong>sues managers and physiciansface every day.Topics will include <strong>is</strong>sues such as: managinga difficult patient; best practices related tod<strong>is</strong>closure of minor patient records; practical tipson how practices handle drug seeking patientsand anything else on your mind.Legal briefings will be provided to support thed<strong>is</strong>cussion. <strong>The</strong>se informal gatherings will occurapproximately every six weeks, to be decided bythe group.99New Member Resource!OMA Legal/Regulatory BriefingsDeveloped in response to the numerouschallenges physicians face when navigatingthrough the many laws and regulations thataffect the practice of medicine, OMA has createdOMA Legal/Regulatory Briefings, an electronicpublication designed to inform OMA membersabout recurring legal <strong>is</strong>sues in the day-to-daypractice of medicine.Don’t m<strong>is</strong>s these briefings; be sure the OMAhas your current e-mail address. Pleasesend it to beth@theOMA.org, and makesure “theoma.org” <strong>is</strong> on your safe sendersl<strong>is</strong>t so our e-mails get through! •Spring 2010 • 9