Blog

Stay up to date with the latest revenue cycle news, trends, and policies.

Protecting our Providers: HIPAA Compliance Procedures

June 28, 2017

A few weeks ago, members of The Valletta Group attended the Healthcare Business Management Association’s (HBMA) Annual Compliance Symposium in Washington D.C. The event featured highly-informative lectures from various experts in the healthcare industry.

Compliance is a rather broad subject. Quite simply, it is the act of abiding by the governing rules and regulations of a particular industry. However, in the revenue cycle management (RCM) industry, certain aspects of compliance command much greater attention. At the forefront of most RCM insiders’ minds is the Healthcare Insurance Portability and Accountability Act (HIPAA) and more specifically, the privacy and security sections of Title II.

 

Compliance Symposium 2017 Washington D.C.
Gilbert Johnston, Jeff Bolar, and Cal LaGroue of The Valletta Group enjoying the view from the Senate majority leader’s private balcony.

 

While most professional industries have privacy rules, the standards in the healthcare and RCM industries put most other fields to shame. In fact, it’s hard to think of another field where such broad and basic information is protected so strictly. For example, digital copyright law is comparatively lenient and forgiving. If copyrighted information is shared online without the owner’s consent, the host escapes liability as long as a reasonable process exists for notification and removal of such content. In other words, accidents are allowed.

In the healthcare industry, the law is much stricter. Physicians don’t escape liability due to negligence or mistake. Providers face harsh fines and even jail time for failing to comply with HIPAA regulations. That’s why The Valletta Group takes compliance so seriously. We have numerous procedures in place to ensure not only that HIPAA and HITECH regulations are met, but that our clients’ data is always secure.

Below are some of the steps we take to protect our clients:

  • NIST risk management and analysis, policies and procedures library, sanctions for non-compliant employees, assigned security official, information system activity monitoring, semi-annual employee compliance education, new-hire HIPAA certification, incident process, anonymous path to reporting, sufficient assurances in contracts, physical attributes (safeguards and restrictions) surrounding workstations of ePHI, emergency plans, 24-hour secured facility, information system audit controls, user authentication

For reference, Protected Health Information (PHI) includes:

  • Names, addresses, zip codes, date of birth, date of treatment, phone numbers, email addresses, social security numbers, medical record numbers, health plan numbers, account numbers, certificates/license numbers, vehicle serial numbers, personal identifiers (such as finger prints, voice recordings, bloodwork, photos, DNA, etc.), URLs, device numbers, IP addresses, and more

To learn more about The Valletta Group’s compliance procedures, call us at (888) 874-7084 or contact us through our website.

Blog Topics

REQUEST AN INFORMATION PACKET:

Fill out the form below to receive more information about our medical billing services or to speak to one of our Executive Sales Reps.

Download a Brochure

Brochure

Request a Quote

Quote

Ask Us a Question

Ask

OUR TEAM

A management and billing staff consisting of the most experienced individuals in the Industry.

Learn More

SERVICES

Solutions for every step of the revenue cycle, plus compliance, value-based care, and more.

Learn More

PARTNERS

We partner with the best to help our clients get to the next level.

Learn More

WHY US?

Maximize return on investment with highly accurate results and best-practice customer service.

Learn More

Contact Us:

The Valletta Group

The Medical Billing Company Physicians Prefer

2017© The Valletta Group | Privacy Policy

600 Century Park South, Birmingham, AL 35226 | (888) 874-7084