CMA On-Call: Retention of Medical Records California regulations regarding retention of medical records in a physician’s office are a perennial hot topic in the California Medical Association (CMA) On-Call health law library. To ensure physicians understand their rights and obligations under the law, CMA published On-Call document #4005, “Retention of Medical Records,” which discusses major issues raised by the retention, abandonment, theft and destruction of medical or health insurance information and physician practice business records. Issues covered include statutory record retention requirements, the rules applicable to records abandoned in bankruptcy or otherwise, recommended retention periods, ... January 30, 2018 CMA, General CMA On-Call, CPLH, Medical Records 0 0 Comment Read More »
Free CME: Patients' right of access under HIPAA The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has launched a new training module for providers on patients' right of access under the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. With limited exceptions, the HIPAA Privacy Rule provides individuals with the right to see and receive copies upon request of the information in their medical and other health records maintained by their health care providers and health plans. The new module provides an in-depth review of the components of the HIPAA right of access ... August 8, 2017 General Continuing Medical Education, CME, HIPAA, HIPAA Privacy Rule, Medical Records 0 0 Comment Read More »
What is commercial risk adjustment? Over the past few months, CMA has received several calls from practices who had received requests for medical records from various payors stating the records are needed for “risk adjustment.” The records requests are a result of the commercial risk adjustment program created by Section 1343 of the Affordable Care Act. The primary goal of the risk adjustment program is to spread the financial risk borne by payors more evenly in order to stabilize premiums and provide issuers the ability to offer a variety of plans to meet the ... June 26, 2015 General, Managed Care Payors, Medical Records 0 0 Comment Read More »
Data breaches in California increase 600 percent The second annual report on financial data breaches in California was released yesterday by the California Attorney General and showed that the number of reported data breaches in 2013 was up 28 percent from the previous year, and the total number of records breached increased by more than 600 percent, from 2.5 million in 2012 to 18.5 million in 2013. Breaches in the health care sector made up 15 percent of the total, with 1.5 million records compromised. The majority of health care breaches resulted from physical theft – accounting ... November 5, 2014 General Medical Records, Electronic Health Record, Health Information Technology (HIT) 0 0 Comment Read More »
HHS releases security risk assessment tool to help providers with HIPAA compliance The U.S. Department of Health and Human Services (HHS) has released a new tool to help guide health care providers in small to medium sized practices conduct information security risk assessments of their organizations. The tool, available at www.HealthIT.gov, is the result of a collaborative effort by the HHS Office of the National Coordinator for Health Information Technology (ONC) and Office for Civil Rights (OCR). It is designed to help practices conduct and document a risk assessment in a thorough, organized fashion at their own pace by allowing them to ... April 9, 2014 General HIPAA, HIT, Medical Records, Health Information Technology 0 0 Comment Read More »
Are your business associate agreements up-to-date? Physician practices must review and update business associate agreements to comply with new HIPAA regulations. HIPAA requires a physician practice to enter into a written business associate agreement with any third party contractors or vendors that may create, receive, maintain or transmit protected health information on behalf of the physician practice. These agreements describe how the business associate will use and protect the protected health information it receives from the physician practice. The new HIPAA regulations, known as the HIPAA Omnibus Final Rule, implement many of the key provisions of ... October 23, 2013 General HIPAA, Medical Records, Health Information Technology 0 0 Comment Read More »