The September 23, 2013 deadline for HIPAA Compliance via the Omnibus Rule is past.  Covered entities (every chiropractic office) are now “eligible” for audits from the Office of Civil Rights (HIPAA abuse violations) and the Department of Justice (criminal fraud investigations) for compliance related violations.

Essentially, you have one of three choices:

1)      Hope your practice and procedures are compliant and continue on in ignorant bliss

2)      Ignore compliance and pray you don’t have to pay the consequences

3)      Take steps to ensure that you are compliant and minimize your risk

Use the HIPAA Ombinbus Rule checklist below to see how you are doing:

✔  Confirm appointment of privacy officer and related documentation

✔  Amend business associate agreeements to include additional required provisions from the Omnibus Rule

✔  Update Notice of Privacy Practices

✔  Comply with changes to request for restricted disclosure rules

✔  Establish policies & procedures for providing access to PHI

✔  Comply with authorization requirements for disclosure of PHI

✔  Ensure implementation of HIPAA security safeguards

✔  Conduct an annual security risk assessment

✔  Update written security policies & procedures as necessary

✔  Conduct employee workforce training for HIPAA Privacy & Security

✔  Demonstrate ongoing employee workforce training for HIPAA Privacy & Security

✔  Understand breach notification requirements

✔  Develop policies and procedures for breach of PHI

But wait…there’s more! Don’t forget the following compliance items:

ICD-10 is coming and your reimbursements will depend on your compliance with the new coding rules!  (Check out our Chiropractic ICD-10 Implementation training – get the early bird discount until Dec 15, 2013)

OSHA Compliance

Billing/Coding compliance

Documentation compliance

Fee schedule compliance

Employer compliance regarding:

  • Health Insurance Exchanges
  • And more…

Lastly, don’t forget:

To thank your legislators for the increasing burden of this ongoing requirements mess

Oh yes.  And you are supposed to run a practice too.

Work Smarter

         Remember, you are in business to help people.  Delegate these things as much as possible so that you can continue to focus on taking care of patients.  Compliance is probably a non-issue if your business is closed (unless you go berserk and throw all your files in a dumpster to create one final HIPAA violation.  Think I jest? It’s been done before.)

         Save yourself the time of emailing me or a dozen other folks about these requirements.  The members of the Chiropractic Audit Armor are enjoying sleep at night because our interactive compliance training helps them cover these items (and more). Consider joining today!

         PS –Want to kill two birds with one stone? Chiropractic Audit Armor members receive FREE Access to our ICD-10 Implementation Training for Chiropractors