Copyright 2011. APM Compliance. All Rights Reserved.
A.Written Compliance Program Based on the risk assessment/gap analysis required by the HIPAA Rule.
Gap Analysis/Risk Assessment: Based on the OCR HIPAA audit protocol which contains 170 audit areas (including 79 Security Rule, 10 Breach Notification Rule and 80 Privacy Rule provisions). Done on site.
Fraud and Abuse: Incorporating the seven elements of compliance as developed and published by the OIG for the Individual and Small Group Physician Practices.
Laws Pertaining to False Claims and Fraudulent Billing:
Criminal and Civil Statutes, Federal Sentencing Guidelines, Civil Monetary Penalties Law, Exclusions from Participation from Medicare and other Federal Health Care funded programs, State Laws
HIPAA: Incorporating Privacy, Security and Breach Notification Plan.
The Privacy Standards (45 CFR 160,162 and 164)
The Security Rule (45 CFR 160,162 and 164):
The Breach Notification Rule (Modification to 45 CFR 160 and 164):
OSHA: Including Hazardous Communication Standard updates (mandated staff education to be provided by Dec 2013)
B.Evaluation and Management Services (E&M) Auditing/Education: according to the time frame and intervals set forth by the practice in its Compliance Plan.
C.Staff/Physician Education: as identified by gap analysis/risk assessment and Office Manager/Physician input
D.Policies and Procedures: as they relate to all of the above.