Archive for the ‘Healthcare’ Category
Small Business Tip of the Week: Print Collateral
Using print collateral is a great way to brand and market your healthcare business. Below we have listed three pieces of print collateral we recommend that will effectively brand your business.
Transcript:
Hi my name is Karen Cummings and welcome to VISION Marketing & Consulting’s Tip of the Week
This week we wanted to talk to you guys about how to brand your business. You want to make sure that you build a consistent brand so people can remember who you are and you can set yourself apart.
One of the easiest ways to do that, or one of the most effective ways, is to develop some print collateral.
Three pieces that we often recommend for healthcare providers are prescription pads, insurance lists, and a flyer or leaflet that has all of your information.
Prescription Pad
For the prescription pad, make sure you include important services that your company provides as well as basic information including phone number, address, and location maps if you have them.
Insurance List
An insurance list is very basic. Include any of the insurances that your business accepts and make sure you include the basic information such as phone, fax, address, and location maps.
Flyer or Leaflet
For the flyer or leaflet, this could be something that you use in referral source offices as well as community events , and it includes the more general information about your business and unique selling points. You want to make sure that it grabs people’s attention, the design should be professional and simple, and also make sure that you inform readers so anybody taking this piece understands what their problem may be that your business can solve.
Ideally, this piece would be something that would get you new patients.
For more information, feel free to follow us on our blog, or connect with us on Facebook!
June Healthcare Happenings
Arizona Healthcare News
Phoenix Business Journal’s Gonzales Interviews BCBS or AZ CEO
Angela Gonzales, senior reporter for the Phoenix Business Journal interviews Rich Boals, president and CEO of Blue Cross Blue Shield of Arizona. Boals discusses BCBS’ opportunites during health reform, concerns with the Affordable Care Act and preparation for the upcoming changes.
To read the full interview, click here.
New Bill allows more people in rural communities better access to care
Beginning in 2015, services provided through telemedicine programs will require insurers to pay for the same services in rural areas of Arizona as when they are provided in a traditional clinic or hospital setting. This was made law by the signing of the Telemedicine Reimbursement Party Act by Governor Jan Brewer.
The Arizona Telemedicine Program was established in 1996 and now links numerous Arizona communities and sites.
Veteran’s Clinic in Buckeye to close June 30th
The Phoenix VA Health System announced the closure of the Buckeye clinic at the end of June. Veterans that are served at this location will have to travel to the Surprise location to receive care. Some officials say the closure is temporary, but the situation is still being assessed.
Veterans who transfer to the Surprise location will have increased access to women’s health, telehealth, mental health, dental, physical therapy, rehabilitation, audiology and radiology service. This will be an improvement for the Veterans since these services were not previously delivered at the Buckeye clinic.
Small Business Tip of the Week: Building Relationships with Healthcare Providers
Are you a healthcare practice looking for ways to increase your overall market share and build relationships with other healthcare providers? Watch our Tip of the Week video to learn how!
Transcript:
Hi I’m Veronica with VISION Marketing & Consulting and welcome to the Tip of the Week.
In today’s healthcare environment, practices are looking for ways to increase their overall market share. One of these ways is building relationships with other healthcare professionals that may be able to send patients your way.
First you want to look around in your office and see if you have an individual that may be able to help you do this. Find an individual that is friendly, outgoing, that can have conversations about your practice, knows your practice inside and out, and is able to answer questions about your practice.
If you have an individual like this, then you want to make sure that you define success for this person before you send them off to help build relationships.
Defining success can be by the sheer number of new patients you get into your practice, the number of other healthcare professionals that may be sending patients to your practice, or the number of visits this person has made to help you increase your relationships as well.
Then you want to look at making a list of current relationships that you may want to build upon, other relationships or other healthcare professionals that may know about you that you want to build upon, and lastly the ones that know nothing about you that you want to identify as people you want to build relationships with.
Once you have this list, then you want to work on qualifying the account. This can be done by phone or in person, but preferably in person. That way you can work on actually establishing a relationship with the other healthcare professional.
Some of the things that you want to look at as having similarities in order to build upon this relationship could start with: are they close to your office? Do they have insurances that are similar to your insurances that you take? Are their patients in need of the services that you provide?
Look for a question that may offer a follow up, and then do this follow up. This is where we find the most drop off in relationship building, when healthcare professionals do not do follow ups.
If you are going to remember one thing as you go through the process, when you meet somebody, always do a follow up.
These are just a few tips on how you can begin your relationship marketing. For more tips, read our blog or follow us on Facebook.
Thank you!
How Your Healthcare Practice Can Avoid HIPAA Violations
How Your Healthcare Practice Can Avoid HIPAA Violations
In 2011, Dr. Alexandra Thran was fired from the hospital she worked at in Rhode Island due to a HIPAA breach on social media.
On her personal Facebook page, she posted information about a patient, who then realized she was discussing their personal case, and in turn caused Dr. Thran to be fired. Although she did not include any specifics about the patient, such as their name, she shared enough details for the public to identify who the patient was.
Some argue this wasn’t a HIPAA case since she didn’t share specific information, but it was still treated as one by her employers and the public. To learn more about this case, click here.
Are you worried about being caught up in a similar situation with your healthcare practice? Below we have listed ways to ensure your business is HIPAA-compliant and avoids violations on social media.
- Develop a social media policy: Developing a solid social media policy for your healthcare practice is one of the most important steps you can take in avoiding HIPAA violations.
- Educate staff on policy: Once a policy is in place, make sure everyone involved with your practice is familiar with the policy and agrees to follow the guidelines, regardless of whether your practice has its own social media profile or not. These rules should apply to employee’s personal social media profiles as well.
- Educate staff on HIPAA: In addition to your practice’s social media policy, make sure all employees are familiar with the HIPAA guidelines so they can make educated decisions on their own.
- Avoid sharing too much information: Like the case we mentioned above with Dr. Thran, even if you do not share specifics on patient information, sharing enough for others to recognize a patient’s identity is enough to cross boundaries and potentially violate HIPAA.
- Get written consent: Before sharing patient stories, photos, or video on your website or social media, get written consent to share this information from patients to avoid any complications.
For more information on HIPAA and social media, please contact us today! To read our interview with Zach Giammaro on recent HIPAA changes and the HITECH Act, click here.
Follow us on Facebook for helpful tips and information!
Zach Giammarco HIPAA Interview Q 1-5
VISION Marketing & Consulting had the pleasure of interviewing Zach Giammarco, partner of Giammarco Law Office. Some of the main points he discussed were HIPAA changes, the HITECH Act, and legal issues that healthcare practices can avoid. He also gave advice to healthcare providers who are thinking about starting social marketing! We want to thank Zach for giving us the opportunity to ask him these questions!
ANSWER: Due to the increase of healthcare providers utilizing social media as a form of marketing, the American Medical Association (“AMA”) issued a press release in November 2010 addressing this very issue. While some of the AMA’s recommendations are blatantly obvious (such as do not post identifiable patient information on Facebook), others are not so clear, including the following:
- When using the Internet for social marketing, providers should use privacy settings to safeguard personal information and content to the extent possible. However, providers must realize that privacy settings are not absolute and, once information is on the Internet, it will most likely remain there permanently.
- Providers should routinely monitor their own Internet presence to ensure that the personal and professional information on their own sites and, to the extent possible, content posted about them by others, is accurate and appropriate.
- If providers interact with patients on the Internet, they must maintain appropriate boundaries of their relationship in accordance with their professional ethical guidelines just as they would in any other context.
While these AMA guidelines are written with physicians in mind, they can be universally applied to all healthcare fields. The best advice I have for my clients is to use common sense and do not post anything that they would not want their overseeing Board to see.
VISION Marketing & Consulting - When using social media in a medical practice, it is good to use common sense, however certain safeguards should not be overlooked such as understanding all information on the internet is most likely permanent, monitor your sites and maintain professional and ethical behavior when interacting online.
Did you miss questions 1-4? Check them out below!
QUESTION ONE: What is the most common mistake healthcare providers make when dealing with HIPAA regulations? What can they do to improve this?
ANSWER: Aside from misspelling HIPAA with two “P’s” instead of one, the most common mistake I come across is the failure to have proper safeguards in place when dealing with third party contractors, otherwise referred to as Business Associates by our good friend HIPAA. Some healthcare providers are not aware that each Business Associate that may come into contact with confidential patient information must sign a Business Associate Agreement prior to performing any work for the provider. For example, if an IT person comes in to fix even the most minor problem, it is extremely likely that he or she will come across or, at the very least, have access to confidential patient information. Thus, this individual must execute a proper Business Associate Agreement so that all parties are on the same page when it comes to how that IT person should handle and/or disclose (if absolutely necessary) such patient information. It is a good idea to have such an agreement on hand in the event the provider requires immediate services where a third party might come into contact with confidential patient information. If this third party refuses to sign the Business Associate Agreement, hire someone that will because this is necessary to protect the provider. Otherwise, this could end up in a huge mess down the road. To obtain a current and comprehensive Business Associate Agreement, I recommend contacting a knowledgeable attorney rather than pulling just any form from the Internet. This is especially true when considering the recent changes to HIPAA and HITECH.
VISION Marketing & Consulting – The information Mr. Giammarco has provided regarding HIPAA is very valuable to all our clients. We make certain that all information is protected and we also recommend to our clients to look at their current agreements to ensure the are updated according to laws and changes.
QUESTION TWO: On January 17, 2013, the U.S. Department of Health and Human Services announced the new HIPAA Final Omnibus Rule. What is most important to know as a healthcare provider regarding these new regulations?
ANSWER: The Final Omnibus Rule makes significant changes to HIPAA by greatly enhancing patients’ privacy protections, providing individuals new rights to their health information and strengthening the government’s ability to enforce the law. Because some of the largest breaches reported to the Department of Health and Humans Services derive from Business Associates, the Final Omnibus Rule expands many of the privacy safeguards and penalties to apply to covered entities’ Business Associates. For example, penalties for noncompliance have been increased based on the level of negligence with a maximum penalty of $1.5 million per violation.
Although the Final Omnibus Rule became effective on March 26, 2013, covered entities and Business Associates will have until September 23, 2013 to comply with these changes, which includes updating their respective Business Associate Agreements. I strongly encourage all healthcare providers to get in contact with their attorney to begin drafting a new Business Associate Agreement that works for that particular provider. It is also important to have current Business Associates execute the updated agreement even if they already signed an old version.
Healthcare providers should also be aware that the Final Omnibus Rule expands individual rights in important ways. Patients can now ask for a copy of their electronic medical record in an electronic form. When individuals pay by cash, they can instruct their provider not to share information about their treatment with their health plan. And, the rule sets new limits on how information is used and disclosed for marketing and fundraising purposes, while prohibiting the sale of individuals’ health information without their permission.
A full copy of the rule can be found at http://www.gpo.gov/fdsys/pkg/FR-2013-01-25/pdf/2013-01073.pdf.
VISION Marketing & Consulting – As electronic health records becomes more prevalent in all medical offices, providers should make sure their policies are in line with these new regulations.
QUESTION THREE: What is HITECH and how does it impact healthcare practices?
ANSWER: HITECH is the Health Information Technology for Economic and Clinical Health Act, which first became effective February 18, 2010 as part of the American Recovery and Reinvestment Act of 2009. The objectives of HITECH are to:
- Develop standards for the electronic exchange of healthcare information;
- Establish incentives to encourage doctors and hospitals to digitize their medical records;
- Save the government approximately $10 billion, presumably as the product of the digitization efforts; and
- Strengthen privacy and security to guard protected health information.
Specifically, Subtitle D of HITECH addresses the privacy and security concerns associated with the electronic transmission of health information. I typically explain it to my healthcare clients as an “offshoot” of HIPAA that addresses the electronic transmission of health information.
It is extremely important for all healthcare providers to be aware of the requirements set forth in HITECH, especially considering the majority of patient information is now electronically transmitted at one point or another. Prior to HITECH, all responsibility for data breaches originating from a Business Associate fell on the covered entity. HITECH changed this to make Business Associates liable for their breaches – provided a proper Business Associate Agreement was in place. Interestingly, a 2009 survey sponsored by the Healthcare Information and Management Systems Society found that more than thirty percent (30%) of Business Associates surveyed were not aware that HIPAA privacy and security requirements had been extended to cover their organizations pursuant to HITECH. Hopefully, that figure has decreased in the past four years, but it is important to verify that your Business Associates are knowledgeable about HITECH.
In addition, HITECH expanded the scope of HIPAA to (i) mandate public notification of data breaches containing protected health information; (ii) require stricter compliance and accounting for electronic protected health information requests; and (iii) add responsibility for managing protected health information handled by Business Associates, as previously mentioned.
Because it is impossible to explain all the “ins” and “outs” of HITECH, I encourage providers to either contact their attorney or, if they really have a lot of time on their hands, review the full text of HITECH at the following site:
http://www.hhs.gov/ocr/privacy/hipaa/administrative/enforcementrule/hitechenforcementifr.html
VISION Marketing & Consulting – HIPAA was in effect with paper medical records, and now we are finding that the HITECH act pays closer attention to ensuring privacy with electronic transferring of information.
QUESTION FOUR: What would be three legal issues you would caution healthcare practices about to avoid any risk?
ANSWER:
Legal Issue 1. Healthcare providers should be extremely cautious when communicating with patients via mobile devices, including phones or tablets. A 2011 survey performed by QuantiaMD estimates that one in four physicians are “super mobile” users who leverage both smartphones and tablets in their practices. If you are one of these providers, it is important to know that the use of mobile devices to exchange protected health information automatically triggers the HIPAA security rule. This poses a unique risk to providers because mobile devices may not restrict user access to data through the use of encryption software or authentication features. Also, mobile devices store such information either within the computer’s onboard memory or within a SIM card or another memory chip. Because mobile devices are extremely vulnerably to loss or theft, it is important for providers to enact technical safeguards, including the following: installing and regularly updating malware, installing firewalls where appropriate, applying encryption to electronic protected health information and ensuring mobile devices use secure, encrypted Hypertext Transfer Protocol (“HTTP”) similar to that used by banking and financial institutions. If such safeguards are in place, the chances of breaching the HIPAA security rule are greatly reduced in the event the mobile device is lost or stolen.
Legal Issue 2. If there is any doubt whether a third party contractor is considered a Business Associate pursuant to HIPAA or HITECH, contact your attorney. If you cannot get a hold of your attorney, have the individual or entity sign a Business Associate Agreement just to be safe. Generally speaking, a Business Associate is a person or entity that performs certain functions or activities that involve the use or disclosure of personal health information. Business Associates typically work on behalf of, or provide services to, a HIPAA covered entity. Keep in mind that a covered entity’s workforce is not considered a Business Associate. Common Business Associates include accountants, consultants, pharmacies, payers (i.e., health insurance providers), laboratories, e-health record software vendors, RHIOs (Regional Health Information Organizations and HIEs (Health Information Exchanges).
Legal Issue 3. This sounds like a no-brainer, but providers must be informed about and follow all regulations contained in HIPAA, HITECH and the recent Final Omnibus Rule. I say this because enforcement of HIPAA violations has increased in the past couple years and will continue increasing in 2013 according to Leon Rodriguez, the Director of the U.S. Department of Health and Human Service’s Office for Civil Rights, which is the department responsible for enforcing HIPAA and HITECH regulations. Otherwise, breaches could easily result in substantial monetary and criminal penalties.
VISION Marketing & Consulting – The three basic recommendations, although simple, are very important in your medical practice. In summary, be cautious when using mobile devices, error on the side of caution when dealing with Business Associate Agreements, and make sure your HIPAA and HITECH policies are up to date.
The answers provided in this article were provided by:
Zachary D. Giammarco
GIAMMARCO LAW OFFICE PLLC
3910 S. Alma School Road, Suite 5
Chandler, Arizona 85248
http://giammarcolaw.com/
(480) 722-0103 – Phone
(480) 722-0106 – Fax
Legal Disclaimer: All information provided in this article is for informational purposes only and, therefore, does not constitute legal advice or create an attorney-client relationship. Due to the complexity of HIPAA, HITECH and any amendments thereto, you should consult a competent attorney for individual advice before acting upon any of the information provided in this article.
Caution for Healthcare Practices: Zach Giammarco Interview Q4
VISION Marketing & Consulting had the pleasure of interviewing Zach Giammarco, partner of Giammarco Law Office, regarding recent changes in HIPAA regulations and the HITECH Act.
1. Healthcare providers should be extremely cautious when communicating with patients via mobile devices, including phones or tablets. A 2011 survey performed by QuantiaMD estimates that one in four physicians are “super mobile” users who leverage both smartphones and tablets in their practices. If you are one of these providers, it is important to know that the use of mobile devices to exchange protected health information automatically triggers the HIPAA security rule. This poses a unique risk to providers because mobile devices may not restrict user access to data through the use of encryption software or authentication features. Also, mobile devices store such information either within the computer’s onboard memory or within a SIM card or another memory chip. Because mobile devices are extremely vulnerably to loss or theft, it is important for providers to enact technical safeguards, including the following: installing and regularly updating malware, installing firewalls where appropriate, applying encryption to electronic protected health information and ensuring mobile devices use secure, encrypted Hypertext Transfer Protocol (“HTTP”) similar to that used by banking and financial institutions. If such safeguards are in place, the chances of breaching the HIPAA security rule are greatly reduced in the event the mobile device is lost or stolen.
2. If there is any doubt whether a third party contractor is considered a Business Associate pursuant to HIPAA or HITECH, contact your attorney. If you cannot get a hold of your attorney, have the individual or entity sign a Business Associate Agreement just to be safe. Generally speaking, a Business Associate is a person or entity that performs certain functions or activities that involve the use or disclosure of personal health information. Business Associates typically work on behalf of, or provide services to, a HIPAA covered entity. Keep in mind that a covered entity’s workforce is not considered a Business Associate. Common Business Associates include accountants, consultants, pharmacies, payers (i.e., health insurance providers), laboratories, e-health record software vendors, RHIOs (Regional Health Information Organizations and HIEs (Health Information Exchanges).
3. This sounds like a no-brainer, but providers must be informed about and follow all regulations contained in HIPAA, HITECH and the recent Final Omnibus Rule. I say this because enforcement of HIPAA violations has increased in the past couple years and will continue increasing in 2013 according to Leon Rodriguez, the Director of the U.S. Department of Health and Human Service’s Office for Civil Rights, which is the department responsible for enforcing HIPAA and HITECH regulations. Otherwise, breaches could easily result in substantial monetary and criminal penalties.
VISION Marketing & Consulting – The three basic recommendations, although simple, are very important in your medical practice. In summary, be cautious when using mobile devices, error on the side of caution when dealing with Business Associate Agreements, and make sure your HIPAA and HITECH policies are up to date.
This article was written by Zachary D. Giammarco
GIAMMARCO LAW OFFICE PLLC
3910 S. Alma School Road, Suite 5
Chandler, Arizona 85248
(480) 722-0103 – Phone
(480) 722-0106 – Fax
Legal Disclaimer: All information provided in this article is for informational purposes only and, therefore, does not constitute legal advice or create an attorney-client relationship. Due to the complexity of HIPAA, HITECH and any amendments thereto, you should consult a competent attorney for individual advice before acting upon any of the information provided in this article.
HITECH: Zach Giammarco Interview Q3
VISION Marketing & Consulting had the pleasure of interviewing Zach Giammarco, partner of Giammarco Law Office, regarding recent changes in HIPAA regulations and HITECH.
What is HITECH and how does it impact healthcare practices?
HITECH is the Health Information Technology for Economic and Clinical Health Act, which first became effective February 18, 2010 as part of the American Recovery and Reinvestment Act of 2009. The objectives of HITECH are to:
- Develop standards for the electronic exchange of healthcare information;
- Establish incentives to encourage doctors and hospitals to digitize their medical records;
- Save the government approximately $10 billion, presumably as the product of the digitization efforts; and
- Strengthen privacy and security to guard protected health information.
Specifically, Subtitle D of HITECH addresses the privacy and security concerns associated with the electronic transmission of health information. I typically explain it to my healthcare clients as an “offshoot” of HIPAA that addresses the electronic transmission of health information.
It is extremely important for all healthcare providers to be aware of the requirements set forth in HITECH, especially considering the majority of patient information is now electronically transmitted at one point or another. Prior to HITECH, all responsibility for data breaches originating from a Business Associate fell on the covered entity. HITECH changed this to make Business Associates liable for their breaches – provided a proper Business Associate Agreement was in place. Interestingly, a 2009 survey sponsored by the Healthcare Information and Management Systems Society found that more than thirty percent (30%) of Business Associates surveyed were not aware that HIPAA privacy and security requirements had been extended to cover their organizations pursuant to HITECH. Hopefully, that figure has decreased in the past four years, but it is important to verify that your Business Associates are knowledgeable about HITECH.
In addition, HITECH expanded the scope of HIPAA to (i) mandate public notification of data breaches containing protected health information; (ii) require stricter compliance and accounting for electronic protected health information requests; and (iii) add responsibility for managing protected health information handled by Business Associates, as previously mentioned.
Because it is impossible to explain all the “ins” and “outs” of HITECH, I encourage providers to either contact their attorney or, if they really have a lot of time on their hands, review the full text of HITECH at the following site:
http://www.hhs.gov/ocr/privacy/hipaa/administrative/enforcementrule/hitechenforcementifr.html
VISION Marketing & Consulting – HIPAA was in effect with paper medical records, and now we are finding that the HITECH act pays closer attention to ensuring privacy with electronic transferring of information.
Did you miss Question 2 of our interview with Zach? Click here!
Stay tuned for our next question!
This article was written by Zachary D. Giammarco
GIAMMARCO LAW OFFICE PLLC
3910 S. Alma School Road, Suite 5
Chandler, Arizona 85248
(480) 722-0103 – Phone
(480) 722-0106 – Fax
Legal Disclaimer: All information provided in this article is for informational purposes only and, therefore, does not constitute legal advice or create an attorney-client relationship. Due to the complexity of HIPAA, HITECH and any amendments thereto, you should consult a competent attorney for individual advice before acting upon any of the information provided in this article.
Small Business Tip of the Week: Creating a Positive Caller Experience
VISION Marketing & Consulting Tip of the Week 5/8/2013
Did you know that you could use your healthcare practice’s answering machine as a marketing tool while callers are on hold? Watch our tip of the week video to learn more!
TRANSCRIPT: Hi I’m Veronica with VISION Marketing & Consulting and welcome to the Tip of the Week. Previously we discussed how you could do marketing from within your own medical practice.
We focused on one important thing at your front desk and that’s your receptionist. Your receptionist is pretty busy when she’s sitting up front and she’s answering phone calls, she’s taking co pays, checking people in and out, scheduling patients and of course what happens when they are doing all of these things is they get another phone call. Unfortunately they are going to have to put this caller on hold. If this caller experiences any dead silence while they’re on hold, 60% of those people will just hang up, with another 30% never calling back.
What can you do? If you do have dead silence on your answering machine, or even if you have some music, 88% of callers do not like to listen to dead silence or to music. You can take advantage of some simple marketing solutions which are recording your own message on your answering machine or using an answering service.
A little bit more expensive is using an on hold messaging company, but when you do this you want to include a few important things about your practice. You want to include your practice address, practice phone number, your practice fax, and your practice website. You also want to offer the caller some health facts and health tips and general fun information. If you have any social sites you want to be able to include those on these messages as well.
This can take a potentially negative situation and turn it into a positive situation by offering your caller some important information about your practice. For more information on customer service and small business marketing, follow our blog or follow us on Facebook. Thank you!
For more small business marketing tips, please follow us on Facebook!
Does your healthcare practice use a customized answering machine message while your callers are on hold?
HIPAA Final Omnibus Rule: Zach Giammarco Interview Q2
VISION Marketing & Consulting had the pleasure of interviewing Zach Giammarco, partner of Giammarco Law Office, regarding recent changes in HIPAA regulations.
The Final Omnibus Rule makes significant changes to HIPAA by greatly enhancing patients’ privacy protections, providing individuals new rights to their health information and strengthening the government’s ability to enforce the law. Because some of the largest breaches reported to the Department of Health and Humans Services derive from Business Associates, the Final Omnibus Rule expands many of the privacy safeguards and penalties to apply to covered entities’ Business Associates. For example, penalties for noncompliance have been increased based on the level of negligence with a maximum penalty of $1.5 million per violation.
Although the Final Omnibus Rule became effective on March 26, 2013, covered entities and Business Associates will have until September 23, 2013 to comply with these changes, which includes updating their respective Business Associate Agreements. I strongly encourage all healthcare providers to get in contact with their attorney to begin drafting a new Business Associate Agreement that works for that particular provider. It is also important to have current Business Associates execute the updated agreement even if they already signed an old version.
Healthcare providers should also be aware that the Final Omnibus Rule expands individual rights in important ways. Patients can now ask for a copy of their electronic medical record in an electronic form. When individuals pay by cash, they can instruct their provider not to share information about their treatment with their health plan. And, the rule sets new limits on how information is used and disclosed for marketing and fundraising purposes, while prohibiting the sale of individuals’ health information without their permission.
A full copy of the rule can be found at http://www.gpo.gov/fdsys/pkg/FR-2013-01-25/pdf/2013-01073.pdf.
VISION Marketing & Consulting – As electronic health records becomes more prevalent in all medical offices, providers should make sure their policies are in line with these new regulations.
For more information, please contact us today!
This article was written by Zachary D. Giammarco
GIAMMARCO LAW OFFICE PLLC
3910 S. Alma School Road, Suite 5
Chandler, Arizona 85248
(480) 722-0103 – Phone
(480) 722-0106 – Fax
Legal Disclaimer: All information provided in this article is for informational purposes only and, therefore, does not constitute legal advice or create an attorney-client relationship. Due to the complexity of HIPAA, HITECH and any amendments thereto, you should consult a competent attorney for individual advice before acting upon any of the information provided in this article.
HIPAA Regulations: Zach Giammarco Interview Q1
VISION Marketing & Consulting had the pleasure of interviewing Zach Giammarco, partner of Giammarco Law Office, regarding recent changes in HIPAA regulations.
Zach joined Giammarco Law Firm in 2006 after graduating cum laude from California Western School of Law in San Diego, California. Zach completed his legal education in only two years and officially joined the firm thereafter, despite being involved in the firm’s operations from an early age. Zach practices in a wide variety of litigation matters, including civil/business, personal injury, criminal defense, probate, estate planning, business formation, trademark and copyright, liquor licensing, MVD hearings and extensive appellate litigation, all of which has garnered him substantial trial experience in Arizona’s city, state, federal and appellate courts. Zach is currently a member/partner of Giammarco Law Office PLLC.
Here is what Zach had to say.
Zach: Aside from misspelling HIPAA with two “P’s” instead of one, the most common mistake I come across is the failure to have proper safeguards in place when dealing with third party contractors, otherwise referred to as Business Associates by our good friend HIPAA. Some healthcare providers are not aware that each Business Associate that may come into contact with confidential patient information must sign a Business Associate Agreement prior to performing any work for the provider. For example, if an IT person comes in to fix even the most minor problem, it is extremely likely that he or she will come across or, at the very least, have access to confidential patient information. Thus, this individual must execute a proper Business Associate Agreement so that all parties are on the same page when it comes to how that IT person should handle and/or disclose (if absolutely necessary) such patient information. It is a good idea to have such an agreement on hand in the event the provider requires immediate services where a third party might come into contact with confidential patient information. If this third party refuses to sign the Business Associate Agreement, hire someone that will because this is necessary to protect the provider. Otherwise, this could end up in a huge mess down the road. To obtain a current and comprehensive Business Associate Agreement, I recommend contacting a knowledgeable attorney rather than pulling just any form from the Internet. This is especially true when considering the recent changes to HIPAA and HITECH.
VISION Marketing & Consulting – The information Mr. Giammarco has provided regarding HIPAA is very valuable to all our clients. We make certain that all information is protected and we also recommend to our clients to look at their current agreements to ensure the are updated according to laws and changes.
For more information on HIPAA regulations, please contact us today!
This article was written by Zachary D. Giammarco
GIAMMARCO LAW OFFICE PLLC
3910 S. Alma School Road, Suite 5
Chandler, Arizona 85248
(480) 722-0103 – Phone
(480) 722-0106 – Fax
Legal Disclaimer: All information provided in this article is for informational purposes only and, therefore, does not constitute legal advice or create an attorney-client relationship. Due to the complexity of HIPAA, HITECH and any amendments thereto, you should consult a competent attorney for individual advice before acting upon any of the information provided in this article.
