• 5 Strategies for Training Your Clinic Staff on Compliance Image

    articleNov 11, 2019 | 7 min. read

    5 Strategies for Training Your Clinic Staff on Compliance

    Human error is one of the biggest compliance and security threats to any organization—especially organizations in health care. That’s why setting expectations for your staff—and providing continual healthcare compliance training and education opportunities—is so important. And that goes for everyone on your team: front-office staff, clinical staff, billers, administrators, and executives should all receive regular Medicare and HIPAA compliance training and updates. After all, the reputation (and financial solvency) of your practice depends on your entire team’s …

  • HIPAA Q&A: Fulfilling Patient Records Requests and Authorizations for Releasing PHI  Image

    articleOct 30, 2019 | 10 min. read

    HIPAA Q&A: Fulfilling Patient Records Requests and Authorizations for Releasing PHI

    Under the HIPAA Privacy Rule , patients have several rights regarding their medical records, including a right to access, a right to amend, and, in some circumstances, a right to restrict disclosures of their protected health information (PHI). Understanding and complying with those rights is an important component of quality patient care. Furthermore, The DHHS Office for Civil Rights (OCR) is spotlighting the importance of these rights with its Right of Access Initiative. In September, OCR stood …

  • A HIPAA Risk Assessment is a Learning Experience Image

    articleOct 23, 2019 | 8 min. read

    A HIPAA Risk Assessment is a Learning Experience

    If you own a small- to medium-sized physical therapy practice, you are most likely preoccupied with daily operations such as paying bills, marketing your practice, and treating patients. You may know about HIPAA at a high-level—and you may also worry from time to time about a data breach. But, compliance and security are complicated; the regulations are written in legalese. Big organizations have resources that you do not in the form of experts—and time—that they can devote …

  • How to Deal with a Patient Data Breach (and Avoid One in the First Place) Image

    articleOct 15, 2019 | 7 min. read

    How to Deal with a Patient Data Breach (and Avoid One in the First Place)

    With electronic storage of protected health information (“PHI”) becoming more common, healthcare providers are rightly concerned about ensuring their data and security systems are not breached, and developing an established course of action in the event that their systems are breached.  The most important security precaution that a provider can have in place is a stable system for breach prevention. Otherwise, navigating the field to ensure there are no breaches can be difficult.  Do not place your …

  • Protecting Patient Data: Lessons Learned from the Anthem and Equifax Data Breach Settlements Image

    articleOct 10, 2019 | 6 min. read

    Protecting Patient Data: Lessons Learned from the Anthem and Equifax Data Breach Settlements

    Before 2015, data breaches were mostly confined to retail businesses. However, as more patient information becomes digitized, big data breaches are becoming more common in health care. And hackers don’t discriminate; they target organizations of all types and sizes, ranging from big hospitals to small private practices. So, is there anything a small-to-medium-sized physical therapy practice can do to reduce the risk of a data breach? Performing a HIPAA risk assessment is an excellent first step.  No …

  • Does the New California Consumer Privacy Act Apply to Your Physical Therapy Practice? Image

    articleOct 4, 2019 | 6 min. read

    Does the New California Consumer Privacy Act Apply to Your Physical Therapy Practice?

    I’m sure by now you’ve heard a rumor that California has enacted the most impactful privacy rule in the nation. Maybe you also heard that California’s privacy rule applies to California residents—and that it does not apply to medical information. And perhaps you’ve wondered if the rule applies to your practice, but you haven’t had time to look into it. Lucky for you, WebPT has created this handy FAQ to educate you about the California Consumer Privacy …

  • The Startup Clinic's Guide to Private Practice PT Billing Image

    articleOct 3, 2019 | 11 min. read

    The Startup Clinic's Guide to Private Practice PT Billing

    Is your relationship with billing complicated at best? I get it. Figuring out how to bill insurance companies for private practice physical therapy can seem daunting, especially in light of ever-changing regulations. But unless you own a strictly cash-pay clinic , you can’t practice—or get paid—without it. I’m not asking you to love billing, but to help your startup clinic succeed, you need to understand it. Here’s how to get started: Get credentialed. If you haven’t already …

  • Overcome Your Fear: 4 Strategies for Tackling the HIPAA Risk Assessment Image

    articleSep 24, 2019 | 5 min. read

    Overcome Your Fear: 4 Strategies for Tackling the HIPAA Risk Assessment

    Without a doubt, healthcare practices—big and small—find the HIPAA risk assessment daunting. The HIPAA Security Rule requires all covered entities (a.k.a. providers) and business associates (a.k.a. the people and vendors providers do business with) to conduct an accurate and thorough risk analysis of potential risks and vulnerabilities to the confidentiality, integrity, and availability of all electronic protected health information (ePHI). However, carrying that out often seems insurmountable and impossible. How can any busy healthcare practice be expected …

  • Even Small Practices Face Cybersecurity Threats and Government Scrutiny Image

    articleSep 10, 2019 | 4 min. read

    Even Small Practices Face Cybersecurity Threats and Government Scrutiny

    As exhibited in the news items below, small practices are not immune to HIPAA scrutiny by the federal government’s Department of Health and Human Services (DHHS)—as investigated by their enforcement agency, the Office of Civil Rights (OCR). Potential violations may be reported to these agencies through complaints by individual patients or through OCR-initiated audits.  April 2, 2019: “Michigan Practice Forced to Close Following Ransomware Attack” According to this article , when ransomware encrypted the computer system at …

  • 4 Tactics to Reduce Business Associate HIPAA Risk  Image

    articleSep 5, 2019 | 6 min. read

    4 Tactics to Reduce Business Associate HIPAA Risk

    Here’s a scenario I hope you never have to face: your small physical therapy practice hires a third-party billing company to manage your billing operations. Then, that billing company experiences a massive data breach affecting more than 1,000 of your patients. Because the billing company didn’t have an information security or compliance program in place, it was not aware of the breach for more than six months. Unfortunately, the billing company also did not have insurance, so …

Pages

Achieve greatness in practice with the ultimate EMR for PTs, OTs, and SLPs.