we discuss the recent Change Healthcare cyber attack and its impact for group practices.
We cover what we know and what we don’t know yet; resources to help you take practical steps; how many people are impacted by this breach; the ongoing investigations; ransomware attacks; who is liable for this incident; maintaining operational continuity; and the importance of being proactive in your security practices.
we summarize what group practice owners should know about the Office of Civil Rights Annual Reports to Congress and explain how understanding them can inform risk management.
We discuss the compliance report from the Office of Civil Rights (OCR); how complaints filed were resolved; compliance reviews vs. audits; reframing the (very common) fear of HIPAA complaints; the unsecured PHI report from the OCR; risk management for avoiding large breaches; the importance of reporting breaches; and the primary sources of breaches and ways to minimize them.
we’re exploring what group practice owners should know about cross-jurisdictional practice in the age of teletherapy.
We discuss the shifting landscape of cross-jurisdictional practice; different licensure compacts to be aware of; applying for privileges to practice under licensure compacts; telehealth training requirements; service and payment parity; payment parity advocacy; states that restrict teletherapy based on provider location; temporary practice provisions; and our CE training that dives deeper into this topic.
we’re covering the fundamentals of texting in group practice.
We discuss HIPAA compliance as a process, not a product; secure and non-secure text messaging; client requested alternative communications; how to use SMS texting in a compliance compatible way; what to have in place with your phone service provider; what to do about personal phone services; phone service providers we recommend (and don’t recommend) for teams; and how to document text messages.