|
|
|
MEDco Asset Audit Control (MAAC)
I already have HIPAA Compliance software. Your compliance software is essential,especially with the recent contracting of Price Waterhouse to increase compliance enforcement. But if that software only applies to your electronic transaction activity- what about the physical assets of the practice? For example, did you know health care organizations must audit the number of computers in their inventory, where they are assigned, who logs into them, software installed, and each computer's physical location. Recent studies show that most organizations can locate only 60 percent of their mobile computer assets. Now, add these to all the paper records with potential privacy issues your practice has moving around or forgotten in drawers, and ask yourself - are they safe? Can you account for their whereabouts? Who checks on them and when? If required ,can you show due diligence? It can make for an enlightening experience to take a brief wander round your own practice and see for yourself the state of things.Try it-you would be surprised what you find. MAAC is the tool that resolves these questions with audit and inventory control, reports, and an immediate trail of monitoring efforts, with dates and responsible identities at the push of a button.
So why inventory now? On January 15, 2009 the U.S. Department of Health and Human Services (HHS) announced two final rules that will facilitate the United States ongoing transition to an electronic health care environment through adoption of a new generation of diagnosis and procedure codes and updated standards for electronic health care. These involve nearly 850 new changes as part of the ongoing implementation of the HIPAA requirements,with 24 months to comply. Added to this is the stimulus bill currently going through the House. This contains legislation requiring all health records computerised in five years,creating 200,000 new jobs. Estimates put compliance with this alone at tens of thousands of dollars per practice,and they are going to push this hard to create employment. What is the solution? Please keep reading.
How? Because the plan also contains a $20 billion expenditure for Healthcare - yes,$20 billion dollars - which includes practice funding to computerise records,and once spent its gone. True - check these facts on the web. Smart practices are getting inventories done right now so they can apply for a piece of stimulus to help with their compliance. Once becomes law (as of Feb 17th) you have to do it, so there will never be a better time to take stock of all your practice to get prepared in advance of the line! Find out what you have, work out what you need to comply and apply for help. You dont think you qualify? You still have to do it, so if you dont ask, you dont get - and a once in a lifetime $20 billion dollar spendathon is a powerful incentive. Rest assured,other practices are asking if they think they might qualify for free money. We are already installing this software into other rehab centers - feel free to call one of our recent clients, Permian Basin Rehab Center in Odessa, TX at (432) 332 8244 and see how well it worked for them.
January 10th, 2008 CynergisTek, the computing and security consultant, reported on its blog recently that HIPAA compliance audits will be increased this year, thanks to a contract the government signed with PriceWaterhouseCoopers...see full article here
September 22, 2008 Surprise audits? Unannounced reviews? Predictions of a more aggressive effort by the Centers for Medicare & Medicaid Services (CMS), the Office for Civil Rights (OCR), and the Office of Inspector General (OIG) to enforce compliance with HIPAA security and privacy rules abound. Lately, the media has been abuzz with talk about new tactics that are being rolled out by Health and Human Services (HHS) to ensure HIPAA compliance from healthcare organizations and the industry is taking notice.
October 20, 2008 As consumers become more aware of privacy issues, some experts are warning healthcare organizations to expect greater scrutiny, while others suggest that new efforts still don’t address the bigger picture. This July marked a milestone in the HIPAA saga. For the first time since the privacy and security rules were enacted, a covered entity was required to pay a fine. Seattle-based Providence Health & Services agreed to pay a $100,000 fine.
The additional HIPAA Security rule published on February 20, 2003 requires healthcare organizations create policies and procedures to apply the security requirements of the law - and then train their employees on the use of these policies and procedures in their day-to-day jobs.
HIPAA rule creates specific requirements regarding creating, implementing, or changing policies and procedures: "Standard: Policies and Procedures -- A covered entity must implement policies and procedures with respect to protected health information that are designed to comply with the standards, implementation specifications, or other requirements of this subpart. The policies and procedures must be reasonably designed, taking into account the size of and the type of activities that relate to protected health information undertaken by the covered entity, to ensure such compliance. This standard is not to be construed to permit or excuse an action that violates any other standard, implementation specification, or other requirement of this subpart."
In order to achieve HIPAA compliance, health care organizations must audit the number of computers in their inventory, where they are assigned, who is logging into them, software installed and each computer's physical location. Recent studies show that most organizations can locate only 60 percent of their mobile computer assets.
The MEDco Asset Audit Control software is designed to provide you with a simple system to improve your control over your companies physical assets such as hardware, desks, closets, cabinets, drawers - anything that could contain HIPPA sensitive material. The increased vigilance this application allows you to take increases control of these vital assets and provides you with documented due diligence. HIPPA compliance is complicated; MAAC is a tool that helps you get there. MAAC is excellent for audit purposes, inventory control, providing reports, and an immediate trail of monitoring efforts, with dates and identities at the push of a button. With HIPPA compliance enforcement and audits only increasing,now is the time to put in a proactive control system and get it working - not when you get notified of next month's audit!
Other advantages of this system: photo and record documentation for insurance and warranty requirements, damage and theft resolutions, inventory and equipment accounting to name a few. Your physical assets are part of what makes your company function, and their correct control and maintenance is reflected in the bottom line, something that MAAC helps you achieve from day one. Its intuative screens, with on the fly instructions, context sensitive help and clear text allow you to get up and running in short order. Additional instructions with screen shots and more in depth application are available in the included manual, indexed to pinpont what you need,when you need it by pressing F1.
With the recent contracting of Price Waterhouse to increase compliance enforcement for the Goverment, now is the time to act. Start by downloading the free 30 day trial version of MAAC using it right away. You have nothing to lose but worry!
 Click image for close-up
The Inventory Window
IMAGE 1-1:
This is the main inventory window. Notice the HIPPA section. Use this to indicate if this asset involves HIPPA material like a patient file. A file cabinet that stores patient files is HIPPA sentive. A receptionist desk would not. Later, generate a report that would include or exclude HIPPA sensitive assets. Thus, before an audit is due, print non-HIPPA sensitive report and then inspect each. Like ensure that a patient file is not in the middle drawer of the receptionist desk.
|
Inventory Report Options
IMAGE 1-2:
This is a close up of different report options available to you.
|
Sample report
IMAGE 1-3:
This is one page of a sample report. Notice the image of the item appears on these reports.
|
|
|
|
|
|
)
)
)