If you own a small- to medium-sized physical therapy practice, you are most likely preoccupied with daily operations such as paying bills, marketing your practice, and treating patients. You may know about HIPAA at a high-level—and you may also worry from time to time about a data breach. But, compliance and security are complicated; the regulations are written in legalese.
Without a doubt, healthcare practices—big and small—find the HIPAA risk assessment daunting. The HIPAA Security Rule requires all covered entities (a.k.a. providers) and business associates (a.k.a. the people and vendors providers do business with) to conduct an accurate and thorough risk analysis of potential risks and vulnerabilities to the confidentiality, integrity, and availability of all electronic protected health information (ePHI).
Here’s a scenario I hope you never have to face: your small physical therapy practice hires a third-party billing company to manage your billing operations. Then, that billing company experiences a massive data breach affecting more than 1,000 of your patients.
In this post, we examine why outcome measurement tools must account for complicating factors and what happens when they don’t.
In the not-too-distant past, telehealth was unexplored and unfamiliar territory for rehab therapists—long-time advocates of the in-person visit. Yet practically overnight, therapists were forced to dive head-first into the telehealth pool and start providing care via hybrid or fully remote treatment models. And now that many major payers are covering therapy services delivered via telehealth, c
The COVID-19 pandemic has thrown the entire rehab therapy industry a major curveball. From contending with patient attrition to figuring out how to provide traditionally face-to-face treatments from a safe physical distance, PTs, OTs, and SLPs are having to roll with a lot of punches.
These are unprecedented times—and the rapidly changing healthcare landscape is leaving many rehab therapists feeling lost, adrift, and concerned about their future. That’s why earlier this week, our in-house experts, Dr. Heidi Jannenga, PT, DPT, ATC, WebPT Chief Clinical Officer and Co-Founder, John Wallace, PT, MS, WebPT Chief Business Development Officer of Revenue Cycle Management, and Veda Collmer, WebPT
Okay, we’ll admit it: it’s probably the worst time of year to go camping. (It may not snow a whole lot in our lovely desert home, but even our December nights have gotten so, so bitterly cold.) But, that didn’t stop Heidi Jannenga, PT, DPT, ATC, WebPT Co-Founder and Chief Clinical Officer, and Rick Gawenda, PT, CEO of Gawenda Seminars & Consulting, from hosting an hour-long camping-themed webinar where they talked about ghost stories and s’mores—and a handful of CMS’s 2020 regulatory changes.
Under the HIPAA Privacy Rule, patients have several rights regarding their medical records, including a right to access, a right to amend, and, in some circumstances, a right to restrict disclosures of their protected health information (PHI). Understanding and complying with those rights is an important component of quality patient care.
With electronic storage of protected health information (“PHI”) becoming more common, healthcare providers are rightly concerned about ensuring their data and security systems are not breached, and developing an established course of action in the event that their systems are breached.
Before 2015, data breaches were mostly confined to retail businesses. However, as more patient information becomes digitized, big data breaches are becoming more common in health care. And hackers don’t discriminate; they target organizations of all types and sizes, ranging from big hospitals to small private practices.
As exhibited in the news items below, small practices are not immune to HIPAA scrutiny by the federal government’s Department of Health and Human Services (DHHS)—as investigated by their enforcement agency, the Office of Civil Rights (OCR).