Medical Compliance – HIPPA and ACA Reporting
In very general terms the Medical Compliance – HIPPA and ACA Reporting Rule requires implementation of three types of safeguards – administrative, physical, and technical.There are also other organizational requirements and a need to document processes similar to the earlier HIPAA Privacy Rule which was the first of the HIPAA Rules issued. The general descriptions of these required safeguards are,
Safeguards that establish standards and specifications for a health information security program that include the following:
Security management processes to identify and analyze risks to e-PHI and implementing security measures to reduce risks
Staff training to ensure knowledge of and compliance with your policies and procedures
Information access management to limit access to electronic health records to protect health information, including the information in EHR systems
Contingency plan to respond to emergencies or restore Jost data”
Safeguards that control physical access to offices and computer systems . Examples of required physical safeguards include:
Facility access controls, such as Jocks and alarms, to ensure only authorized personnel to have access into facilities that house systems and data
Workstation security measures, such as cable locks and computer monitor privacy filters, to guard against theft and restrict access to authorized users
Workstation use policies to ensure proper access to and use of workstations ”
Safeguards that include hardware, software, and other technology that limits access to e-PHI. Examples of required technical safeguards include the following :
Access controls to restrict access to PHI to authorized personnel only
Audit controls to monitor activity on systems containing e-PHI, such as an electronic health record system
Integrity controls to prevent improper e-PHI alteration or destruction
Transmission security measures to protect e-PHI when transmitted over an electronic network”
Completing required risk analysis and preparing the necessary HIPAA Security Rule documentation is significantly more difficult than that for the earlier Privacy Rule. A related government web site for the Office of the National Coordinator for Health Information Technology (ONC) references these procedures as “a challenging task.” Covered entities almost certainly need to hire consultants if they want to “reasonably and appropriately” [ the rule terminology] comply with the HIPAA Security Rule.
ACA Executive Summary
The Affordable Care Act (ACA) has three primary, overarching objectives: increase health insurance coverage, reduce rising healthcare costs, and improve the quality of care provided (Key).
- A significant component of the ACA includes the establishment of health insurance marketplaces (these marketplaces are also referred to as exchanges).
- The marketplaces provide information to facilitate consumer choice and create a platform for selling health insurance that boosts competition in the market for health insurance.
- The marketplaces present potential health insurance consumers with a variety of information about specific health insurance plans, including premiums, deductibles, co-pays, and coverage information for a given plan in one single, easy-to-access location (. The marketplaces also stimulate competition in the market with the intention of driving down costs as health insurance firms seek to outbid each other to win over potential new customers.
- By way of the ACA, consumer choice was presented as a potential method to help level the playing field when it comes to purchasing health insurance – provide consumers with a single, user-friendly platform that lets them choose a plan best for their specific set of needs and preferences.
- But what happens when consumer choice is hindered because of lack of consumer knowledge, a multitude of relatively confusing options and poorly presented information, or unintended influence and bias?
- If consumer choice cannot function properly as a key tenant of the ACA, expected achievements in reducing health care costs and increasing insurance coverage could be either stifled or halted.
From Our Blog
Cannabis Practice Group
- Cannabis Practice Group
- Frequently Asked Questions [FAQ’s] – Cannabis
- Client Support Portal
- Accounting Services for Cannabis Businesses
- Income Tax Compliance for Cannabis Businesses
- California Cannabis Resources
Industries We Serve
CPA Professional Services
- CPA Professional Services
- Technology Consulting
- Google Cloud – G Suite, Chrome, Android
- Xero Accounting – and Add-On Market Place