Blog Overview

The Health Insurance Portability and Accountability Act (HIPAA) can be complicated.  What are you doing for HIPAA? How confident are you in your HIPAA plans?  More is needed than just a Notice of Privacy Practices and some HIPAA compliant software.  This is not an overwhelming task, but it does require you to follow a checklist and to be conscientious in complying with the HIPAA regulations.  By appointing a privacy and security officer, one person can oversee the HIPAA minimum requirements: create a HIPAA Policies & Procedures Manual, document HIPAA compliance, train employees to enforce HIPAA regulations & maintain a culture of privacy, and conduct an annual Security Risk Assessment. All of these will take some time to put in place, but once they are in place, they are easily enforced, and compliance is minimal. 

Introduction

You're probably not doing enough for HIPAA right now at this moment in time. Several times a week, I have...

Introduction

As most nurse practitioners know, there is a bill called Assembly Bill 890 that Governor Newsom signed into law in September of 2020. In it, he and the legislature have tasked the Board of Registered Nursing to come up with two new categories of nurse practitioners: 103 NP & 104 NP.  While exciting for nurse practitioners in California, it’s important to understand what can be done today and what needs to wait for a few more years.

Assembly Bill 890 103 NP & 104 NP

The two categories in Assembly Bill 890 are categorized by the code section that have been created under the Business and Professions Code of California. They're commonly referred to as a 103 NPs and 104 NPs and that goes together with Business and Professions Code section 2837.103 and 2837.104 respectively. On January 1, 2023, what is now in effect is that 103 NPs can work in a group setting with at least one physician and surgeon within the practice, but there are some relaxations on the...

The Stark Law, commonly known as the Physician Self-Referral Law, is a federal law that prohibits physicians from referring patients to any entity where they have a vested financial interest for “designated health services” that will be paid by Medicare or Medicaid. Physicians need to be careful to not violate this law by being aware of the ins and outs of it.  This is a distinct law not to be confused with the Anti-Kickback Statute, another federal law, which I will address in a later video and blog. Navigating through the Stark Law can be confusing, so I’m here to help you with the details. 

Introduction

I want to give you a quick overview so that you know how to handle and more importantly, avoid any complications from violating the Stark Law on the federal level, which will have lots of applications for state law as well. I get questions every day from providers out there that are going out on their own, starting up their own practice, and just want...

Disclosure Accounting Basics

In HIPAA, we have something called disclosure accounting, and most people are not familiar with this. If you are brand new to having your own practice or brand new to not having a whole HIPAA department available to you, know that HIPAA disclosure accounting is not financial. It is accounting the action of process of keeping records of particular disclosures. These are sometimes referred to as Accounting of Disclosures or AOD, and most entities will keep them in a log, either on a spreadsheet or a written log in a WORD processor format.

So, what’s included in this log? Every disclosure that’s made for purposes other than Treatment, Payment, or Healthcare Operations (TPO). Within the context of disclosure accounting, there are mostly those where the patients have asked for it themselves with a few exceptions to this. So, we will go into the exceptions as well. But disclosure is defined as access to delivery of or transmission to parties that...

Introduction

Not playing by the rules can have serious consequences. At the end of 2022 in San Luis Obispo, California, a nurse practitioner, Sarah Erny, signed a settlement to pay almost $20,000 and was ordered to remove most mentions of herself on the Internet and remove her own website because she did not play by the rules. As I tell my son's baseball team or any of the coaching teams that I'm a part of, you must figure out how to play by the rules and then still win the game. Rules exist, and if we break those rules, even when what we do seems harmless or is not deliberately intended to harm anyone, we must be ready to pay the price. 

Two Little Letters

It all started when Sarah Erny, a nurse practitioner, became the subject of a civil complaint from the District Attorney's office in San Luis Obispo, California. Ultimately, the complaint was about referring to herself as “Doctor” (Dr.) Most cases like this are complicated, filled with laws and opinions, and this...

The Federal Public Health Emergency will end soon, and many states have already set their termination dates for State Public Health Emergencies. Prescribing controlled substances via telemedicine is allowed now during the Public Health Emergency. But what will happen once the Public Health Emergency ends in 2023? This issue spurred the American Hospital Association to write a letter to the DEA on behalf of its more than 5,000 member hospitals and health systems. They asked the DEA to act and implement a rule that was supposed to have been put into place almost fourteen years ago. So, some discussion about controlled substances and telemedicine is needed, and how this will work at the end of this year, if not sooner.

Special Telemedicine Registration History

To further understand, a little history is in order here. In 2008, the Ryan Haight Online Pharmacy Consumer Protection Act sought to prevent the prescription of opioids over the internet via online questionnaire. Now they did...

If someone offered you a business plan for $20,000 that could make you $100,000 in the future, but it’s illegal, would you take it?

That’s exactly the situation I came across recently in a webinar, and, believe it or not, many people chose to do it.  This continues to be shocking to me because, in my opinion, illegal actions are never worth the risk. You could lose your business, your license, and even your freedom -- aside from the fact that choosing to break the law is highly immoral and completely unethical.

The truth is that you can be successful without breaking the law. We've done it. Lots of my clients have done it, and so can you. 

Why Risk Everything?

Since I attended the aforementioned webinar, I've been sitting on this one for a while because I didn't want to react emotionally, but I think now’s the time for me to address this. In essence, this person and others (who I will not name) are saying that it was...

You may be wondering, "Do I need cyber liability insurance? What does (and doesn’t) it cover? What are the two types? What cyber liability insurance is right for me?"

Cyber liability insurance is something I do recommend that everybody at least asks their insurance agent about. Before we go any further, understand that I'm not an insurance professional, but I do think that you should continue reading because I still am able to provide valuable insight on this important topic. Cyber liability insurance is one of four policies that I advise companies to get, the others being general malpractice, telemedicine, and general liability insurance. 

What is Cyber Liability Insurance?

I’ve mentioned that I think cyber liability insurance is critical, but what is it really? Cyber liability insurance protects small businesses from the high costs of a data breach or a malicious software attack. What it covers in the event of a breach is it mostly notifies the people whose...

Have you heard? In a bit of a stunning move, Alabama has repealed its telemedicine license program in 2022. This sets an extremely negative precedent for the rest of the country. 

I have been providing you with important updates on telemedicine laws around the country, and up until this point, I've been espousing the belief that most states will gradually lower barriers for out-of-state practices practicing in their state. It turns out that we may be moving in the opposite direction, which is definitely not a good sign. 

What was Alabama’s Program like Before the Repeal?

Despite Alabama’s reputation as being a bit behind on some things, for a long time they were actually ahead of the curve regarding telemedicine licenses. They’ve actually had a special purpose telemedicine license on the books since 1997. This was way before most states even considered something like this, and many states still don’t even have a program like this. For the record,...

What is a privacy policy? Why do you need one on your website? What should even be in it? 

These are some of the questions I get all the time from my clients, and a proper understanding of privacy policies can be very valuable. Through this blog, I’ll cover the answers to these three questions, and hopefully, you can get a better understanding of how this policy operates. Let’s get right to it.

What is a Privacy Policy?

A privacy policy is a legal document included on a website that informs users what is being done with their information. You might be thinking, “We don’t collect anyone’s information, we don’t even ask for e-mail addresses.” If that’s the case, first, you might want to reconsider whether your practices are up to date with how businesses are run in the 21st century, and second, the truth is that you actually are, without even knowing it. Your website naturally collects users’ IP addresses, which country...