Opal Events presents HCC Best
Practices for Proactive Medical Management
April 15-16,
Jacksonville, FL.
Specifically for health
plan and physician group executives, the event includes strategies
for impacting bottom line revenue, boosting clinical care, enhancing
RADV defense and harnessing ICD-10 opportunities.
Prominent speakers
include Nelly Leon-Chisen, Dir., Coding & Classification, AHA;
Rhonda Haygood, CFO, Vantage Health Plan; John Barkley, Head
Risk Adjustment, Aetna Medicare; John Gorman, President Gorman
Health Group; and Ali Pabrai, CEO ecfirst.
Health plans, physicians groups:
Deep discounts available!
Contact April Stearns
831-469-8013, astearns@opalevents.org and www.opalevents.org.
|
Are
Your HITECH Data Breach Policies & Procedures Ready?
Talk to
ecfirst about templates you can use to review and
update your HIPAA & HITECH policies.
|
|
|
|
Meet
ecfirst @ HIMSS Booth # 2953
Free iPads, Private Classes & More...
|
There's a lot
of discussion around meaningful use, its definition and how
organizations can obtain the government incentives that recent
legislation promises. However, in the dash for these types of
healthcare IT investment reimbursements, one must not overlook the
role of security risk in satisfying compliance requirements.
For instance,
the Centers for Medicare & Medicare Services (CMS) will
withhold meaningful use payment for any entity until any confirmed
HIPAA privacy or security violation has been resolved. At the
state level, State Medicaid administrators will also withhold
meaningful use payment for any entity until any confirmed state
privacy or security violation has been resolved. Compliance with
HIPAA's Privacy & Security Rules remain an integral part of the
meaningful use definition as a policy priority, with corresponding
goals and objectives for 2011 that organizations must achieve. For
example, physicians are eligible to receive up to $44,000 in total
incentives per physician from Medicare for "meaningful
use" of a certified Electronic Health Record (EHR) starting in
2011. However, these EHR initiatives are coupled with strong
mandates for privacy and security compliance that must be addressed.
In a HIPAA
compliance audit, policies, procedures and capabilities that the
Office of Civil Rights (OCR) would review include the area of
Identity and Access Management (IAM). Specifically, the
investigation includes a review of IAM processes related to:
- Establishing user access for new and existing
employees
- List of secure authentication methods for users
authorized to access EPHI
- Monitoring systems use - authorized and
unauthorized
- Granting, approving, and monitoring systems
access (for example, by level, role, and job function)
- Termination of systems access
Keep in mind that compliance mandates represent
minimal capabilities that organizations must implement and manage
pro-actively. HIPAA and HITECH are the floor and not the ceiling of
core capabilities required to enable a resilient organization. This
requires that your information security strategy must be
risk-based, pro-active and integrated.
Discuss your HIPAA and HITECH compliance and
security initiatives with ecfirst. You will find enormous value in
leveraging ecfirst capabilities to jump-start your initiatives.
Contact Lorna
Waggoner at 1.877.899.9974 x17 to learn more abour our consulting
services.
|
|
|
|
|
