First Healthcare Compliance CONNECT December 2020
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>CONNECT</strong><br />
<strong>December</strong> <strong>2020</strong><br />
A Monthly Publication for the <strong>Healthcare</strong> <strong>Compliance</strong> Community<br />
Q&A: HIPAA <strong>Compliance</strong><br />
for Business Associates<br />
Infographic:<br />
Naughty or Nice?<br />
The Rules for Giving and<br />
Receiving Gifts<br />
1st Talk <strong>Compliance</strong>:<br />
Why Payers Can’t Ignore the<br />
Interoperability Rules and<br />
Should Comply Sooner Rather<br />
Than Later<br />
COVID-19 <strong>Healthcare</strong><br />
<strong>Compliance</strong> Toolkit
Got a Minute? Please Rate Us!<br />
The health of our company depends on the members<br />
of our community spreading the word about us.<br />
Share Your Success Story<br />
An endorsement by you is the greatest compliment<br />
we could receive! Please take a moment of your time<br />
to rate us online so that others can benefit from your<br />
experience. It’s a simple way to help us grow and<br />
improve.<br />
We appreciate your support and look forward to<br />
hearing from you!<br />
In This Issue:<br />
FAQ Corner<br />
Q&A: HIPAA <strong>Compliance</strong> for Business<br />
Associates<br />
Infographic: Naughty or Nice?<br />
The Rules for Giving and Receiving Gifts<br />
COVID-19 <strong>Healthcare</strong> <strong>Compliance</strong> Toolkit<br />
2<br />
<strong>First</strong> <strong>Healthcare</strong> <strong>Compliance</strong>, LLC © <strong>2020</strong>
<strong>Compliance</strong> Super Ninja <br />
Carolyn Keith, Practice Administrator<br />
Practice Administrator, Allergy & Asthma Center<br />
How would you describe your experience with <strong>First</strong> <strong>Healthcare</strong><br />
<strong>Compliance</strong>?<br />
As a medical administrator it is sometimes hard to remember when<br />
all of the staff regulations and training needs are to be completed.<br />
<strong>First</strong> <strong>Healthcare</strong> is like having an extra human resources person that<br />
reminds you when training, recertifications or license renewals are due for<br />
each employee. This is so helpful, in the medical field where practices have<br />
to do more with less. Having these reminders gives me the assurance that we<br />
remain compliant.<br />
What do you enjoy most about working with Allergy & Asthma Center?<br />
I enjoy working at AAC (Allergy & Asthma Center) because my job is never boring. It is never<br />
the same thing everyday.<br />
Would you rather receive one large gift or many small gifts? Why?<br />
Yes I like gifts, but small or big, it is always a nice surprise.<br />
1st Talk <strong>Compliance</strong>: Why Payers Can’t<br />
Ignore the Interoperability Rules and Should<br />
Comply Sooner Rather Than Later<br />
Upcoming and On-Demand Webinars<br />
Contact Toll Free: 888-54-FIRST 3
FAQ Corner<br />
COVID-19 FAQs<br />
from the CDC<br />
How do I report a problem or bad reaction after getting a COVID-19<br />
vaccine?<br />
CDC and FDA encourage the public to report possible side effects (called adverse events) to the Vaccine Adverse<br />
Event Reporting System (VAERS). This national system collects these data to look for adverse events that are<br />
unexpected, appear to happen more often than expected, or have unusual patterns of occurrence. Reports to<br />
VAERS help CDC monitor the safety of vaccines. Safety is a top priority.<br />
<strong>Healthcare</strong> providers will be required to report certain adverse events following vaccination to VAERS. <strong>Healthcare</strong><br />
providers also have to adhere to any revised safety reporting requirements according to FDA’s conditions of<br />
authorized use throughout the duration of any Emergency Use Authorization; these requirements would be posted<br />
on the FDA’s website.<br />
CDC is also implementing a new smartphone-based tool called v-safe to check-in on people’s health after they<br />
receive a COVID-19 vaccine. When you receive your vaccine, you should also receive a v-safe information sheet<br />
telling you how to enroll in v-safe. If you enroll, you will receive regular text messages directing you to surveys<br />
where you can report any problems or adverse reactions you have after receiving a COVID-19 vaccine.<br />
https://www.cdc.gov/coronavirus/2019-ncov/vaccines/faq.html<br />
Explore the FAQs tab in your compliance solution<br />
to find answers to your compliance questions!<br />
CLIENT<br />
ALERT<br />
4<br />
<strong>First</strong> <strong>Healthcare</strong> <strong>Compliance</strong>, LLC © <strong>2020</strong>
Should medical waste or general waste from healthcare facilities treating<br />
persons under investigation (PUIs) and patients with confirmed COVID-19 be<br />
handled any differently or need any additional disinfection?<br />
Medical waste (trash) coming from healthcare facilities treating COVID-19 patients is no different than waste<br />
coming from facilities without COVID-19 patients. CDC’s guidance states that management of laundry, food service<br />
utensils, and medical waste should be performed in accordance with routine procedures. There is no evidence to<br />
suggest that facility waste needs any additional disinfection.<br />
More guidance about environmental infection control is available in section 7 of CDC’s Interim Infection Prevention<br />
and Control Recommendations for Patients with Confirmed COVID-19 or Persons Under Investigation for COVID-19<br />
in <strong>Healthcare</strong> Settings.<br />
https://www.cdc.gov/coronavirus/2019-ncov/hcp/faq.html<br />
Risk Management Considerations for<br />
the <strong>Healthcare</strong> <strong>Compliance</strong> Officer:<br />
Training, Incident Management, Governing Boards,<br />
and Measures Unique to COVID-19<br />
It’s no secret that healthcare is one of America’s most<br />
heavily regulated industries with substantial fines and penalties<br />
for non-compliance. Complex regulations and mandates make<br />
compliance management a necessity. <strong>Healthcare</strong> organizations<br />
particularly rely on the skills and attributes of their compliance<br />
officer to navigate the expansive regulatory framework.<br />
DOWNLOAD NOW<br />
Contact Toll Free: 888-54-FIRST 5
6<br />
<strong>First</strong> <strong>Healthcare</strong> <strong>Compliance</strong>, LLC © <strong>2020</strong>
Contact Toll Free: 888-54-FIRST 7
Q&A: HIPAA <strong>Compliance</strong> for<br />
Business Associates<br />
Catherine Short<br />
Rachel V. Rose, JD, MBA, presented the webinar “HIPAA <strong>Compliance</strong> for<br />
Business Associates” recently and a recording can be viewed here. Rachel<br />
returned to answer many commonly asked questions from the webinar.<br />
Are business associates subject to HIPAA penalties?<br />
Yes. As stated in both the HITECH Act and the Final Omnibus Rule, 78 Fed. Reg. 5566 (Jan. 25, 2013),<br />
business associates, which include subcontractors, can be held directly liable for HIPAA violations. For<br />
example, in 2016, a business associate’s failure to safeguard the protected health information of nursing<br />
home residents led to a $650,000 monetary penalty being assessed by HHS OCR. (https://www.hhs.gov/<br />
hipaa/for-professionals/compliance-enforcement/agreements/catholic-health-care-services/index.html)<br />
If you were to give business associates and subcontractors one item that they need to do annually,<br />
what would it be?<br />
Annual Risk Analysis because all technical, administrative and physical safeguards would be identified and<br />
corrected.<br />
Is an indemnification provision required in BAAs?<br />
No. In my practice, I see them included quite a bit; however, this particular provision is not a requirement<br />
under 45 CFR §164.504(e)(1) or that HHS indicated was preferred. See https://www.hhs.gov/hipaa/forprofessionals/covered-entities/sample-business-associate-agreement-provisions/index.html.<br />
8<br />
<strong>First</strong> <strong>Healthcare</strong> <strong>Compliance</strong>, LLC © <strong>2020</strong>
Are class action cases something that should be considered as part of an enterprise risk management<br />
program?<br />
Yes. The financial, legal, and reputational costs can be great and need to be considered. A good example of<br />
a HIPAA data breach which led to both an HHS OCR enforcement action of $16 million and a class action<br />
lawsuit settlement in excess of $115 million is Anthem BlueCrossBlueShield. An article that I wrote for<br />
Physicians Practice details these issues – https://www.physicianspractice.com/view/class-action-lawsuitscan-result-from-a-protected-health-information-data-breach.<br />
Should business associates be familiar with the 21st Century Cures Act, as well as the ONC and<br />
CMS Final Rules?<br />
Yes. There is an intersection between HHS HIPAA App Guidance and the ONC<br />
and CMS Final Rules, in terms of patients accessing their data through apps. Be<br />
aware of unsecure apps and stay abreast of the compliance dates.<br />
Rachel V. Rose – Attorney at Law, PLLC (Houston, Texas) – represents clients<br />
on healthcare, cybersecurity, securities and qui tam matters. She also teaches<br />
bioethics at Baylor College of Medicine. She has been consecutively named by<br />
Houstonia Magazine as a Top Lawyer (<strong>Healthcare</strong>) and to the National Women<br />
Trial Lawyer’s Top 25. She can be reached at rvrose@rvrose.com.<br />
Be sure to look up a recording of this webinar on YouTube and a recording with Rachel on our podcast, 1st<br />
Talk <strong>Compliance</strong>. Take a look at our brand-new book: HIPAA Privacy and Security, and our online compliance<br />
training courses such as What is HIPAA?, and HIPAA Business Associate Agreements Under HITECH. And<br />
check out Rachel’s other blogs Q&A: HHS Final Rules, Patient Access to PHI & Health Apps Intersect, Recent<br />
HHS Guidance Underscores the Importance of HIPAA <strong>Compliance</strong> and Q&A: HIPAA and Health Apps.<br />
The Most Comprehensive<br />
<strong>Healthcare</strong> <strong>Compliance</strong> Course<br />
The Fundamentals is a user-friendly, four-module online course<br />
designed to help healthcare professionals understand the<br />
essential principles and practices of compliance.<br />
BUY COURSE NOW<br />
Contact Toll Free: 888-54-FIRST 9
Navigating Workplace Violence<br />
Prevention Under OSHA<br />
Workplace violence is a serious issue, especially in<br />
healthcare facilities. The Occupational Safety and Health<br />
Administration (OSHA) responded in 2015 by updating and<br />
publishing their guidelines on how to best prevent workplace<br />
violence. The OSHA workplace violence prevention<br />
guidelines help employees and employers alike by providing<br />
the necessary steps to maintain a safe work environment.<br />
DOWNLOAD NOW<br />
COVID-19 <strong>Healthcare</strong> <strong>Compliance</strong><br />
Updates<br />
In response to the global outbreak of the novel coronavirus<br />
disease (COVID-19), the Secretary of Health and Human<br />
Services declared a public health emergency on January 31,<br />
<strong>2020</strong>. Federal agencies have taken action by issuing updates<br />
and guidance to navigate the crisis. This ebook provides<br />
healthcare providers with important developments and<br />
resources that impact federal healthcare laws.<br />
DOWNLOAD NOW<br />
10<br />
<strong>First</strong> <strong>Healthcare</strong> <strong>Compliance</strong>, LLC © <strong>2020</strong>
COVID-19 <strong>Healthcare</strong><br />
<strong>Compliance</strong> Toolkit<br />
<strong>Healthcare</strong> compliance amidst COVID-19 presents<br />
new challenges for hospitals and healthcare providers.<br />
At top importance is the question of how to slow or<br />
stop the spread of COVID-19, while ensuring that your<br />
organization stays compliant.<br />
Now more than ever, your compliance department needs to<br />
have the necessary tools to help track, analyze, and respond<br />
to compliance challenges. To help navigate the process, we’ve<br />
gathered our best COVID-19 resources below. If you need further<br />
assistance, please contact us here.<br />
VIEW TOOLKIT<br />
Contact Toll Free: 888-54-FIRST 11
hosted by Catherine Short<br />
Catherine Short speaks with Dr. Chris Hobson, Chief Medical Officer for Orion Health. The topic<br />
of today’s program is “Why payers can’t ignore the interoperability rules and should comply<br />
sooner rather than later.” The Interoperability and Patient Access final rule approved by CMS and<br />
ONC is intended to advance patient participation through access to their health information and to<br />
drive advanced interoperability and innovation across the U.S. These rules will have significant impact<br />
on payer organizations who are currently facing unprecedented times; with multiple pressures brought<br />
on by the COVID-19 pandemic, uncertainty as to the likely model for healthcare funding and delivery<br />
going forward, and calls to reduce inequity within the healthcare system, to name a few.<br />
Listen weekdays at<br />
7:30am, 3:30pm, 11:30pm ET<br />
Check out our Show Page!<br />
Looking for the latest compliance insights?<br />
Subscribe to our feed and don’t miss a thing!<br />
12<br />
<strong>First</strong> <strong>Healthcare</strong> <strong>Compliance</strong>, LLC © <strong>2020</strong>
WORD SEARCH<br />
P Z O X H T D Y C Q J F K D K J M H D U<br />
C Y R Q D I L I G E N C E G L T E E A P<br />
N G E I M B I D H J G F I J U P G L J D<br />
K O O T G J J M C B M K P M N R E Q H X<br />
S L E Y S M P R H P I I T D E J E U L W<br />
C O R O N A V I R U S W O F S D B A P V<br />
G N C O T L W W M N L W O E V W N P W G<br />
Y H X Y O E M M O J A M T E S S G A S H<br />
U C O T R C M I E B U S G N P L H J P X<br />
O E K K P N T C O M M U N I C A T I O N<br />
P T M A N A G E M E N T W C G T J X F O<br />
Z V O D L D G A L Y D A G I R N D K J C<br />
Y Q G U S I Q W K A U D W D O E Q Y W S<br />
K H G K F U N X B B C S D E E M G O Y V<br />
S E W Y R G N N T W K I S M V A O P J G<br />
R N M I F X H W S P F R D Y N D T A F D<br />
S Q O K C O V Z U Y U H Z E U N Y E V S<br />
X T J O E C N A I L P M O C M U E R C S<br />
E R A C H T L A E H A S J O F F J E U J<br />
M O S S E N I S U B Z K Z F B C D G X S<br />
MEDICAL COMPLIANCE MANAGEMENT<br />
COMMUNICATION WASTE CORONAVIRUS<br />
REGULATIONS DILIGENCE HEALTHCARE<br />
PANDEMIC FUNDAMENTALS MEDICINE<br />
GUIDANCE TECHNOLOGY BUSINESS<br />
Contact Toll Free: 888-54-FIRST 13
Upcoming and On-Demand Webinars<br />
Training<br />
JAN 12, 2021<br />
JAN 26, 2021<br />
ON DEMAND<br />
ON DEMAND<br />
ON DEMAND<br />
HIPAA Business Associate Agreements Under<br />
HITECH<br />
Big Data & False Claims Act Risk Due to COVID-19<br />
CPT Code & Documentation Changes, Including<br />
E/M for 2021 - CMS & AMA Come Together to<br />
Benefit Providers<br />
HIPAA <strong>Compliance</strong> for Business Associates<br />
Hybrid Patient Care Models: How Medical Practices<br />
Thrive After COVID-19<br />
Register<br />
Register<br />
All Upcoming Webinars<br />
All On Demand Webinars<br />
IMPORTANT<br />
In the interest of your security, login<br />
credentials are for individual use only and<br />
not to be shared. Please contact Client<br />
Services if you require additional manager<br />
level users and/or if there has been a change<br />
in contact information.<br />
NEW FEATURES!<br />
Training Zone - New required training<br />
modules have been added titled “Fraud<br />
Waste and Abuse Training” and “General<br />
<strong>Compliance</strong> Training”. These modules<br />
replace the CMS training<br />
materials.<br />
CLIENT<br />
ALERT<br />
Training Zone - has a New Assign Training<br />
to Employee feature: Assign by Job Title to<br />
all employees with a specific Job Title or<br />
select multiple Job Titles.<br />
New COVID-19 Resource section<br />
available from the dashboard for 1st<br />
Performance, 1st Professional, and 1st<br />
Premium.<br />
Join us on Social Media!<br />
Contact our Client Services Team with your questions!<br />
888.54.FIRST or clientservices@1sthcc.com<br />
14<br />
<strong>First</strong> <strong>Healthcare</strong> <strong>Compliance</strong>, LLC © <strong>2020</strong>