Mar 10, 2020 | Live Compliance, Partner
An independent physician gastroenterology practice in Utah had to report a breach related to a dispute with a Business Associate to the Office for Civil Rights Department of HHS.
After the investigation into the breach, it was determined that the practice of Steven A. Porter, MD “had failed to complete an accurate and thorough risk analysis, and failed to implement security measures sufficient to reduce risks and vulnerabilities to a reasonable and appropriate level” and therefore, has agreed to pay a $100,000 fine.
In addition to the monetary penalty, the practice is required to implement a Corrective Action Plan (CAP). According to the investigation resolution agreement, the practice agreed to conduct a thorough Risk Analysis, the Practice must develop a complete inventory of all its categories of electronic equipment, data systems, and applications that contain or store ePHI, which will then be incorporated into its Risk Analysis and must complete a Risk Management plan. They must also revise and implement actionable policies and procedures, all of which should have been in place prior to the breach incident.
Have you ever read such headlines and doubted whether a small Billing Company or independent physician practice actually ever face penalties?
According to the Resolution Agreement, the practice must also completely reinvent its Business Associate process, and implement a strict protocol to ensure it’s Business Associates are HIPAA Compliant. In addition to ensuring their Business Associate relationships are accurate, the entire staff must undergo security and privacy training that stresses the use of Business Associate services and applications, disclosures to Business Associates that require a Business Associates agreement, or other reasonable assurances in place to ensure that the Business Associate will and can safeguard the PHI and/or the ePHI. This puts immense pressure on the Business Associates, such as Billing Companies, to ensure that they are HIPAA Compliant, but also independent physician practices to ensure their Business Associates, “down the chain” are also compliant. This is also known as gaining Satisfactory Assurance of vendor HIPAA compliance.
What can you do?
As we have stressed before, it is important for you to understand that every complaint or potential breach must be investigated by HHS/OCR. If you, a billing company, or another vendor, suspect a breach you must inform the covered entity (your client) and have a breach risk assessment completed to determine key factors and take action. Keep in mind, a business associate is a ‘person’ or ‘entity’. This means there is no Billing Company too small or too large to comply with the Federal HIPAA regulations. Again, if you haven’t completed an accurate and thorough security risk assessment prior to that, you could also be penalized under ‘willful neglect’. This category alone is $50,000 per violation!
What we do is keep this from ever being a worry for you! In fact, we have a 100% audit pass rate! For example, Live Compliance has easy to understand HIPAA breach notification training. We perform your security risk assessment and manage all your requirements, including business associates, in a clean, organized cloud-based portal. Don’t risk your company’s future, especially when we are offering a FREE Organization Assessment to help determine your company’s status. It’s easy, call us at (980) 999-1585, email me jim@LiveCompliance.com or visit LiveCompliance.com
[ Contributed by Jim Johnson, President of Live Compliance ].
Mar 10, 2020 | BillFlash, Partner
This article about new patient billing methods was written by Angie Carter with NexTrust.
Communication is easier than it’s ever been, but a lot of practices aren’t taking full advantage of two of today’s most effective mediums of communication: email and texting. Patients, like all other consumers, spend a lot of time on their phones; it’s where they keep in touch with friends and family, as well as businesses they work with regularly.
Most practices rely heavily on phone calls to contact their patients about appointment reminders, insurance issues, etc. But many adults now prefer to communicate via email or text. Often a quick phone call will do the trick, but email and texting get your foot in the door a lot more often. Furthermore, people are far more likely to respond to a text or email than a voicemail.
Here are a few ways to build your contact list at your practice to improve communication with patients, ensuring greater patient satisfaction and better cash flow.
- Collect cellphone numbers & email addresses during new patient registration.
Consider making these required fields. Allow the option to fill out more than one email address or mobile number as well, since most households have several. It would also be helpful to quickly explain why you need this information. BillFlash allows you to send out regular statements and eBills through email and text, and you can also quickly update your patients on any last-minute changes happening at your practice.
If you have a newsletter or regularly send out practice updates, make sure patients know about these as well. This is another opportunity to ensure you have the information you need to better communicate with your patients.
- Ask for an email address & cellphone number any time you confirm an appointment.
Even if your current patients have already given you this information, use appointment confirmations as an opportunity to verify the information you have on file is current. Email addresses change all the time, so it’s crucial to ensure they’re up to date so you know your messages are being received. And for patients who haven’t yet provided this information, this is a good time to tout the benefits of being digitally connected.
- Encourage mail-only patients to go paperless.
A huge barrier to patients paying their bills on time—or at all—is that it’s often not as simple to pay a medical bill as it is to pay, say, a utility bill. BillFlash simplifies this process tremendously, both for the patients and your practice. By providing an email address and cellphone number, patients can more easily stay current on their medical bills and procedures.
- Ask patients to provide feedback on your website.
Give your patients a space to express their thoughts at their convenience. Include a form on your website for patients to fill out—which would include their email address and phone number—and add the info they provide to your database. You could also post signs throughout your office encouraging patients to visit your website to provide feedback about the care they received that day.
- Add cellphone number/email to check-in sheet.
Most practices require patients to sign in whenever they come in for an appointment. Consider adding a column or two that asks for their email and cellphone number. At the top of the column, you could include a note that says something like “Want to receive appointment reminders via text or email?” to reiterate the benefits patients will receive by providing this information.
- Offer patients an incentive to provide their email address & cellphone number.
People love free stuff—that’s a given. Try running a fishbowl incentive every few months. All patients would need to do is drop their email address and/or cellphone number into a bowl and they’ll be entered into a drawing to win a prize. And why reward just the patients? Incentivize your office staff to collect this information as well.
Everyone has a cellphone number and email address, but it does take some effort to collect them. But it’s an effort that rewards you many times over, as this makes it easier to keep patients in the loop and ensure you get paid. BillFlash makes it easy to automate patient billing and payments—including sending reminders via email or text—to improve the financial health of your practice.
BillFlash is integrated into the EZclaim billing application. Click here to view a video that discusses the details.
For more information about new patient billing methods and sending electronic bill notifications through text and email, contact EZclaim or their statement and payment services partner, BillFlash, at 435-940-9123 or sales@billflash.com
Oct 30, 2019 | Medical Billing Software Blog
Welcome to the latest addition to our website, the EZClaim Medical Billing Software blog. As we begin posting blog articles we hope you will continue to come back to learn more about EZClaim software solutions, our U.S.-based white-glove support, features that make your job easier, expert training, and the latest trends in the medical billing software industry. Be sure to join our user community on LinkedIn as well as our new Facebook page. These channels will allow you to keep up with us and learn from and share information with other EZClaim users.
In addition to giving you the latest news, updates, features, and appearances related to EZClaim and our great people, this Medical Billing Software blog will be host to the latest trends in the field. We have tons of great content lined up to share with you from our internal experts as well as our partners to make this a repository of useful information that you can count on again and again.
EZClaim has been at the forefront of medical billing software since 1997 and is currently in use in all 50 of the United States, including the territories of Guam and Puerto Rico. Every practice works differently and has different needs, that’s why EZClaim is power-packed with features that give you the options to streamline workflow to suit your needs.
If you’re interested in learning more about how EZClaim can streamline your practice’s billing and scheduling needs, sign up for a free demo today! Want to learn more about the features that make EZClaim so simple and powerful? Take a moment to review our upcoming or pre-recorded webinars.
Do you have an idea for a topic or a tip to share with other EZClaim users? We’d love to hear from you! Please send your topics and tips via email to sales@ezclaim.com.
