Much of today's healthcare industry is reliant on third-party vendors. If you haven't asked your vendors whether they are compliant with HIPAA and have implemented sound information privacy and security programs, you are likely facing unknown?and possibly significant?risks. Covered entities (CE) and business associates (BA) are required by HIPAA to exercise due diligence when it comes to their BAs and BA subcontractors. Assessing the risk of those vendors is necessary, especially if those vendors support critical functions in support of CE operations.
HIPAA breaches haven't become less common. If the law was, in part, meant to reduce the amount of PHI released to unauthorized individuals, some may say its success is uncertain. HIPAA's requirements aren't prohibitively stringent: they provide a basic floor of privacy and security. If a covered entity (CE) or business associate (BA) does no more than comply with HIPAA, it will simply be doing the bare minimum to safeguard PHI. Although that may not sound difficult, some organizations continue to fall short and leave others wondering if HIPAA is enough to meet today's information security and privacy challenges.
The Health Information Management Reimagined (HIMR) taskforce is charged with envisioning for the HIM profession in 10 years. The HIMR vision was created to ensure current and future professionals are prepared for the future of HIM in the rapidly changing environment resulting from changes in healthcare, technology, and education. Under the direction of the Council for Excellence in Education (CEE), the taskforce comprises educators from all academic levels (associate, baccalaureate, and graduate) as well as HIM practitioners. The CEE oversight body comprises educators and practitioners who hold a variety of HIM credentials including Registered Health Information Technician (RHIT), Registered Health Information Administrator (RHIA), and other specialty credentials.
My original career choice in high school was to pursue a degree in medicine. It was my father, a high school librarian, who discovered an undergraduate degree option of medical record administration as opposed to the typical pre-med route of biology. I had no knowledge of what this program would truly entail other than a combination of medicine, business, and legal coursework. What did it matter since my ultimate goal was to become a physician?
Hospitals got a last-minute reprieve from the Medicare Outpatient Observation Notice (MOON) notification requirement, which was set to go into effect August 6. Citing the need for additional time to revise the standardized notification form that hospitals will need to use to notify patients about the financial implications of being assigned to observation services, CMS moved back the start date for the requirement in the 2017 IPPS final rule to 'no later than 90 days,' after the final version of the form is approved (www.cms.gov/Medicare/Medicare-Fee-for-Service-Payment/AcuteInpatientPPS/...).
