Did you know? HIPAA Audits are now being conducted in healthcare settings and this may affect your dental office! Read below to get more details and visit the HHS.gov links—Most of all–get prepared!
Office of Civil Rights / The Department of Health & Human Services in 2016 will launch an email campaign to randomly choose healthcare facilities and email them a PHASE 1 HIPAA Survey/ Questionnaires. These surveys request detailed—sometimes financial information about your healthcare facilities’ HIPAA Practices. Take a look at this survey (by clicking the link above). It includes a multitude of questions that pertain to your revenue and income! The survey is overtly focused on income–which might make you wonder: “What else will the government do with this information?”
Nonetheless, HHS/OCR will send these HIPAA PHASE One email surveys to healthcare offices—which will allow you 10 days to respond. If you do not respond to the survey, OCR will use public info to create its audit subject pool. Keep in mind the questionnaire is pretty lengthy.
If you get thrown into the “HIPAA Pool” then your healthcare facility can be subject to a HIPAA Audit. This is a live HIPAA inspection of your facility conducted by an office HIPAA Auditor. This is the PHASE II IN-OFFICE HIPAA AUDIT. Those HIPAA Auditor can return! Or request ongoing information for up to 18 months and bring your facility fines ranging from $10K to $150K for non-compliance.
So what do you do? Make sure you have your facility is HIP to the new HIPAA Hype! Have in place a comprehensive HIPAA Program, that includes:
- HIPAA Omnibus Rule Employee Training with Proof-of-Training Certificate
- Updated HIPAA Manual written to the Omnibus Rule Standards
- (8) Updated HIPAA Forms—for use in your dental office
- A written Risk Assessment / Analysis Plan for your office
The Risk Assessment/ Analysis Plan is super important. It is a lengthy report that you must create for your healthcare setting that will detail your Administrative, physical and Technical aspects of your HIPAA Risks & Safeguards. Is will entail a lot of time and attention—but once you have it completed, you can use that one for a template to update regularly (as that is required as well!).
If you are having trouble wrapping your head around all of this, feel free to email or call us for some clarification or guidance. We are HIPAA Healthcare Coaches who are happy to help you get educated and organized with regards to these very robust HIPAA Omnibus Rules and the new PHASE I & II Audits.
Don’t risk getting lost and tangled in an extensive HIPAA Audit. Update your HIPAA Manual & Protocols based on this valuable insight.
HIPAA made EASY™ Training Crew