we share ways to be proactive in light of the news that random HIPAA audits are returning.

We discuss why there’s still no HIPAA police; the function of these random audits; where the gaps in compliance have been historically; what auditors will likely be looking for; the importance of risk analyses, risk mitigation plans, and policies & procedures; how many HIPAA covered entities were audited the last time the program was active; and PCT’s resources to help you get started with formal compliance in a shame-free way.

we discuss the recent Change Healthcare cyber attack and its impact for group practices.

We cover what we know and what we don’t know yet; resources to help you take practical steps; how many people are impacted by this breach; the ongoing investigations; ransomware attacks; who is liable for this incident; maintaining operational continuity; and the importance of being proactive in your security practices.

we summarize what group practice owners should know about the Office of Civil Rights Annual Reports to Congress and explain how understanding them can inform risk management.

We discuss the compliance report from the Office of Civil Rights (OCR); how complaints filed were resolved; compliance reviews vs. audits; reframing the (very common) fear of HIPAA complaints; the unsecured PHI report from the OCR; risk management for avoiding large breaches; the importance of reporting breaches; and the primary sources of breaches and ways to minimize them.

we’re exploring what group practice owners should know about cross-jurisdictional practice in the age of teletherapy.

We discuss the shifting landscape of cross-jurisdictional practice; different licensure compacts to be aware of; applying for privileges to practice under licensure compacts; telehealth training requirements; service and payment parity; payment parity advocacy; states that restrict teletherapy based on provider location; temporary practice provisions; and our CE training that dives deeper into this topic.

we’re covering the fundamentals of texting in group practice.

We discuss HIPAA compliance as a process, not a product; secure and non-secure text messaging; client requested alternative communications; how to use SMS texting in a compliance compatible way; what to have in place with your phone service provider; what to do about personal phone services; phone service providers we recommend (and don’t recommend) for teams; and how to document text messages.

v2.1.12-beta

Scheduled Maintenance

We will be temporarily taking the website offline at 10:00 PM Pacific (1:00 AM Eastern) tonight, July 6, in order to make some improvements. We plan to be back online by midnight Pacific (3:00 AM Eastern). We apologize for any inconvenience this may cause. Dismiss