HIPAA help – because paper still exists

At the end of June, the Department of Health and Human Services reported that there was an $800,000 settlement in a medical records dumping case. When I read the article I was totally flabbergasted. Boxes of patients’ records were left in a retiring physician’s driveway.

NEMT President Linda Allard

Parkview hospital was helping a retiring doctor move her patients’ records to a new provider’s office. They took possession of her files while they were considering purchasing part of her practice. In June 2009, employees from Parkview Hospital, who knew the doctor wasn’t at home, left 71 cardboard boxes of medical records in a driveway that was unattended and accessible as it was 20 feet from a public road. The driveway was also very close to a popular shopping venue.

This case reminds me that, although we are focused on electronic media, there is still a lot of paper being used.

OCR says that paper was responsible for 23% of major health breaches in 2012. That number is not insignificant, and this case is a reminder that we need to look at how we are protecting the paper records in our possession.

Are they ever left on a desk that the public can access? How about a copy machine or fax machine? Have you done any recent training with your staff regarding paper records? How are you disposing of or transporting your paper records? Do all individuals involved in the handling of paper records understand exactly what they can and cannot do? If you have a business associate involved with your paper records, have you checked their policies to make sure they are doing what they need to be doing?

This is definitely a good reminder that paper still exists and we need to make sure we are giving it the full attention that it deserves. For more information on the story, go to http://www.hhs.gov/news/press/2014pres/06/20140623a.html.

Share and Enjoy:
  • Print
  • Facebook
  • Google Bookmarks
  • Tumblr
  • Twitter
  • LinkedIn
  • PDF
  • RSS
Posted in HIPAA, News and stories | Tagged , | Leave a comment

Study shows most expensive healthcare cities

In case you missed it, Castlight Health recently released a study showing wild disparities in the cost of common medical procedures.

Tara Courtland

Communications Director Tara Courtland

Depending on what city you live in, the same in-network MRI could cost $536 (Los Angeles) or $3,410 (San Francisco). A lipid panel averages $17 in Raleigh, N.C. but $94 in Austin, Texas.

You’d think the disparity has something to do with the cost of living or with the general health of the city’s population, but it doesn’t. It has to do with “what providers can negotiate with insurance companies,” Castlight’s Jennifer Schneider told the Washington Post. “Those with the biggest market share have the most clout.”

The disparity doesn’t just appear from city to city, however. It’s also seen at different providers in the same city. In my own city of Richmond, Va., for example, the cost of a CT scan varies from $218 to $2,009.

And it’s seen in neighboring cities as well.

Washington, D.C, a much larger and wealthier city than Richmond and only about 3 hours away, is a little more expensive for an average preventative care visit ($141 in D.C., vs. $136 in Richmond) but a lot cheaper for an average CT scan ($681 average in D.C. vs. $1,307 average in Richmond).

The big question is, “how do consumers achieve parity in pricing?” The answer, according to Castlight, is “transparency.”

“By exposing such pricing data to consumers,” Castlight Health CEO Giovanni Colella told the Wall Street Journal, “it can help them make more informed choices that could save money for employers and employees.”

Forbes Magazine looked at all the data and compiled a list of the 10 most expensive healthcare cities overall.

1. Sacramento, CA Sacramento is the most expensive city for CT scans at $1,404 and MRIs at $2,635—just three hours away from a $676 MRI in Fresno. California’s capital also comes in second for preventive primary care at $219. The good news? Lipid panels average just $24, not even breaking into the top ten cities for that procedure.

2. San Francisco, CA With an average cost of $251, San Francisco is the most expensive place to find preventive primary care in the U.S. It also falls right behind Sacramento for MRIs and ranks fifth for CT scans at $1,203. Like Sacramento, lipid panels are a bargain at $24.

3. Dallas, TX Dallas is the fourth most expensive city for CT scans, fifth for MRIs, and eleventh for preventive primary care. At $47, lipid panels are nearly twice the California cities’ cost.

4. St. Louis, MO One of two Missouri cities with notably high healthcare costs, St. Louis is the eighth costliest place for MRIs, tenth for CT scans and thirteenth in preventive care. It’s one of the cheapest places for a lipid panel at just $20.

5. Kansas City, MO Whether or not Kansas City is technically more expensive than St. Louis depends largely on one’s healthcare needs. The third most expensive city in the country for both CT scans and MRIs, it falls to eighteenth when it comes to preventive primary care at just $138. On the other hand, Kansas City is the fourth most expensive city to get a lipid panel at $79.

6. Charlotte, NC Seventh for MRIs at $1,813 and fifth for primary care at $199, Charlotte is barely on the charts for CT scans, ranking twenty-ninth at $619.

7. Denver, CO Denver scores a pair of sixth place rankings for CT scans and MRIs, but falls to nineteenth in preventive care at $134.

8. Miami, FL Miami ranks notably high for the cost of an MRI. It’s the fourth most expensive place for one at $1,968, but falls to ninth for CT scans and ranks thirtieth for preventive care at just $95.

9. Boston, MA The sixth most expensive city for preventive primary care, Boston is also number 10 when it comes to MRIs at $1,737. When it comes to CT scans, however, Boston drops to nineteenth on the list at $853.

10. Portland, OR With one of the widest variations between procedures, Portland is the third most expensive city for preventive primary care at $216, but drops to fourteenth for MRIs and seventeenth for CT scans.

Check out Castlight’s interactive map of the data.

Share and Enjoy:
  • Print
  • Facebook
  • Google Bookmarks
  • Tumblr
  • Twitter
  • LinkedIn
  • PDF
  • RSS
Posted in News and stories | Tagged , | Leave a comment

The $10 million spam fine

On July 1, Canada’s Anti-Spam Legislation (CASL) took effect. As a result, businesses can be fined up to $10 million Canadian and individuals can be fined up to $1 million Canadian for sending unsolicited emails (spam). Additional measures are scheduled to go into effect in January of 2015 and July of 2017. Visit http://fightspam.gc.cafor more information.

Andrew Clarke

While I’m opposed to spam as much as anyone else, I don’t think this type of legislation is the solution. For one thing, I don’t think the majority of spam originates in Canada. For another, I don’t see how such a law can be enforced against non-Canadian citizens. In my opinion, the answer lies in the hands (or servers) of the major internet service providers (ISPs). At a minimum, they have the ability to stop spam that originates outside their networks from continuing to our inboxes. I personally believe they could do a lot more. The conspiracy theorist in me believes they don’t do anything because they benefit financially (ie someone benefits from all that bandwidth). Of course, I could be completely wrong. What do you think?

The estimated cost of spam has been said to be anywhere from $20 billion per year to $50 billion dollars per year depending on the source. This cost includes everything from software development to combat the problem to lost productivity. By comparison, the spammers generate somewhere in the neighborhood of $200 million per year. It sounds to me like the average consumer is getting the short end of the stick.

Over the years, there have been many suggestions about how to combat spam. Taxing has been suggested, but I’m certain the spammers would find a way around that. Going after the financial institutions that process their payments is another. One of the most unorthodox suggestions has been to fight spam with spam. Fill their inboxes with so many fake orders that it is no longer profitable. I, of course, like this idea best.

How do you combat spam, or do you just hit delete and ignore it like most of use? We would love to hear from you.

Share and Enjoy:
  • Print
  • Facebook
  • Google Bookmarks
  • Tumblr
  • Twitter
  • LinkedIn
  • PDF
  • RSS
Posted in News and stories | Tagged , , | Leave a comment

Is your team really following your security rules?

One of our customers recently had a distribution issue on their local server and we needed to log into their system via VPN so we could help. In order to do so, we had to change our VPN password since it had been six months since we last needed to access their system.

NEMT President Linda Allard

This particular customer is on its game in requiring password changes every 90 days, and although it caused a slight delay, it is absolutely a perfect example of proper password protocol. It also made me stop and think about our password policies — it’s always good to have a reminder.

When an employee leaves, do you have a process in place to remove their ability to log into your system? Have you done an audit on that process? We tend to put processes and policies in place and assume they are all being followed. A simple spot check will either assure you they are or let you know you have some issues that need your attention.

What about your vendors? If they have access to your system, do you have a process in place to let you know when a vendor employee leaves? Have you run a check to make sure that everyone who has access to your system is still employed by the vendor?

Do your team members really understand that they should not be sharing their passwords? You might want to check work stations to make sure they are not writing their passwords down on post-it notes and taping them to their screens.

Are your systems all set up to require passwords be changed after a specific period of time? Do your systems time out after a period of inactivity? These all seem like really basic things and something that we are sure is being done. The question is: are they being done?

Remember: document, document document. Make sure that the checks you are doing are all documented and easy to find with your HIPAA documentation. If you are ever audited, this documentation will be excellent to show that you not only have the processes and policies in place but that you also verify compliance.

Share and Enjoy:
  • Print
  • Facebook
  • Google Bookmarks
  • Tumblr
  • Twitter
  • LinkedIn
  • PDF
  • RSS
Posted in HIPAA | Tagged , , | Leave a comment

The power of positive listening

I’ve been reading many things over the last couple of years about how to retrain our brains to be more positive. My inbox recently included a blog article from the Harvard Business School on just that topic.

NEMT CEO Linda Sullivan

I was unaware of the chemical reactions in our brains when either a negative or a positive conversation occurs. The focus of the article is about how bosses deal with their team but clearly it applies in any conversational context.

What can we each do to improve our interaction with others? The first, most obvious, and most often cited is to become a better listener.

Second, are we open-minded enough? It’s easy when you’re the boss to fall into the habit of asking for ideas but not really listening carefully and accepting them. If you’re a boss, have you ever noticed that the people who work for you always laugh at your jokes? Regardless, I don’t believe I have a bright future as a comedian. Bottom line, anything that has a positive tone instead of negative benefits us all.

Share and Enjoy:
  • Print
  • Facebook
  • Google Bookmarks
  • Tumblr
  • Twitter
  • LinkedIn
  • PDF
  • RSS
Posted in Business, News and stories | Tagged | 1 Comment