“Prevention is better than cure” is a maxim that has reigned in the healthcare industry for thousands of years; however, this phrase echoes through the halls of the legal profession as well.
Healthcare practices often neglect to appreciate the value of their confidential information as assets and the need to protect these assets. Although HIPAA and HITECH compliance aids in maintaining the confidentiality of patient records, it does not protect a provider’s trade secrets.
Trade secrets of a healthcare practice may include any of the following: patient lists, financial information, contract rates, contract terms client lists, collection rates, marketing tactics, pricing/discount information, and methods of doing business. If leaked, this information may be used by competitors to secure advantages over a healthcare practice. For example, patient lists could be used to solicit a practice’s patients or contract rates and terms can be used by a competitor to undercut the rates of a practice. Continue reading →
Healthcare providers have heard the HIPAA disaster stories: a laptop containing patient information is left on the counter at the coffee shop; a thumb drive with patient files goes missing; a rogue employee accesses patient information she has no business accessing; hackers get into a practice’s server and hold the patient information for ransom.
HIPAA is a federal law designed for safe disclosure of patient’s protected health information. The news headlines showcase giant penalties for violations. However, Florida health care providers should also know that Florida has its own consumer protection statute, called the Florida Information Protection Act. So while you’re busy worrying about your HIPAA exposure in any of these situations, remember that there is potential State exposure as well.
So what should a healthcare provider do if it believes there has been a hack or some other unauthorized disclosure? Responses vary based on the situation presented, but below is a good jumping off point: Continue reading →
The verification process is an important step in the billing cycle. When done correctly the patient’s “VOB” will allow a healthcare provider to quickly determine if they can accept the patient for treatment or not. A good verification will tell a provider the general information about a patient’s insurance policy such as the deductible, the co-insurance and the out of pocket maximum. A very good verification will also include accreditation requirements, information on who would receive the payment for services, correct claims addresses for professional and facility charges and more. The quicker a verification is done, the sooner a patient can be brought into treatment. Speed and accuracy is the name of the game when it comes to insurance verification and United Healthcare, until very recently, was one of the quickest policies for an Insurance Verification Specialist to work with. Continue reading →
FIPA is the Florida Information Protection Act of 2014. It became elective on July 1, 2014. Many people consider FIPA to be Florida’s state law counterpart to the Federal Government’s Health Information Protection and Administration Act of 1996 (“HIPAA). However, FIPA is, in many respects, more far reaching than HIPAA. Those who transact business in the State of Florida are well-served to be knowledgeable about FIPA.
FIPA affects more than just health care providers and those in the healthcare industry. Under FIPA, any business that acquires, stores, maintains or uses personal information must take reasonable measures to safeguard that information. “Personal information” includes the use of a person’s first and last name (or first initial and last name) in conjunction with his or her social security number, driver’s license or other government identification number, bank account number, credit or debit card number and password or pin, medical history, or health insurance policy number. A convenience store that might have access to a person’s name and credit card number is just as accountable under FIPA as a hospital who might store that person’s medical history and insurance information. Continue reading →
It is becoming easier and easier for physicians to communicate with each other and their patients. And although open communication is generally thought of as positive, the medical profession should proceed with caution. Patients and consulting physicians rely heavily on their communications with their treating physicians. Thus, communications which do not require the thought of focus that a physician would otherwise give to a situation may result in disaster. While there are many potential ways a physician might use text messaging and social media both professionally and personally, we will focus generally on physician interactions with other physicians, and physician interactions with patients.
To start, physicians should be aware that, in 2011, the American Medical Association issued guidelines in its Code of Ethics for physicians who use social media: Continue reading →
In an effort to help individuals access their health information so that they can become more actively involved in managing their own health care, several agencies within the Department of Health and Human Services promulgated a rule that modifies the Clinical Laboratory Improvement Amendments (“CLIA”) and the Health Insurance Portability and Accountability Act (“HIPAA”) in a way that supersedes Florida State laws governing the disclosure of laboratory test results directly to patients.
The US Department of Health and Human Services, Office of Civil Rights is the chief enforcer of HIPAA. The Office’s recent enforcement of HIPAA with respect to a Massachusetts derm practice is illustrative of how the government views HIPAA and how vulnerable medical practices are. Continue reading →