Tag Archives: annual physical exam

HIPAA Compliance Checklist

The HIPAA compliance checklist is divided into segments for each of the applicable rules. One important point is that there is no hierarchy in HIPAA regulations, and even though privacy and security measures are referred to as “addressable”. It does not imply that they are optional. Any organization must adhere to each of the criteria in the HIPAA compliance checklist to achieve full HIPAA compliance.

It is necessary for organizations having electronic Protected Health Information (ePHI) to read through this HIPAA compliance checklist. The primary motive of this HIPAA compliance checklist is to help organizations comply with HIPAA regulations. Failing to this breaches the security and privacy of confidential patient data and results in substantial fines and even criminal charges.

Ignorance of HIPAA regulations is not considered to be a justifiable defense by the Office for Civil Rights of the Department of Health and Human Services (OCR). The OCR will issue fines for non-compliance regardless of whether the violation was inadvertent or resulted from willful neglect.

What is HIPAA compliance?

The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for sensitive patient data protection. Companies that deal with PHI must have physical, network, and process security measures in place and follow them to ensure HIPAA Compliance. Covered entities (anyone providing treatment, payment, and operations in healthcare) and business associates (anyone who has access to patient information and provides support in treatment, payment, or operations) must meet HIPAA Compliance. Other entities, such as subcontractors and any other related business associates must also be in compliance.

HIPAA Requirements

Every Covered Entity and Business Associate that has access to PHI must ensure that they should

  • Adhere to the technical, physical and administrative safeguards
  • Comply with the HIPAA Privacy Rule to protect the integrity of PHI
  • follow the procedure in the HIPAA Breach Notification Rule in the event of PHI breach

All risk assessments, HIPAA-related policies and reasons why addressable safeguards are not implemented must be chronicled in case of PHI breach. An investigation will take place to establish how the breach happened. Each of the other HIPAA requirements is explained in detail below.

HIPAA Security Rule

The HIPAA Security Rule sets the standards for safeguarding and protecting ePHI when it is at rest and in transit. The rules apply to anybody or any system that has access to confidential patient data. By “access” it means necessary to read, write, modify or communicate ePHI or personal identifiers which reveal the identity of an individual.

There are three parts to the HIPAA Security Rule

  • Technical safeguards
  • Physical safeguards
  • Administrative safeguards

Let us address these in order, in our HIPAA compliance checklist.

Technical Safeguards

The Technical Safeguards is about the technology used to protect the ePHI. The important requirement is that ePHI must be encrypted to NIST standards once it is beyond an organization’s internal firewalled servers. This is to ensure that any breach of confidential patient data renders it unreadable, indecipherable and unusable.

Physical Safeguards

The Physical Safeguards focus on physical access to ePHI irrespective of its location. ePHI can be stored in a remote data center, in the cloud, or on servers located within the premises of the HIPAA covered entity.

Administrative Safeguards

The Administrative Safeguards are the policies and procedures which bring the Privacy Rule and the Security Rule together. They are the pivotal elements of a HIPAA compliance checklist. These require a Security Officer and a Privacy Officer to put the measures in place to protect ePHI.

HIPAA Privacy Rule

The HIPAA Privacy Rule governs how ePHI can be used and disclosed. In effect since 2003, the rule applies to all healthcare organizations. It demands that the implementation of appropriate safeguards to protect PHI. It also limits the use and disclosure of PHI without patient authorization. The Rule also gives patients or their nominated representatives,  rights over their PHI; including the right to

  • obtain a copy of their health records or examine them
  • to request corrections if necessary

HIPAA Breach Notification Rule

The HIPAA Breach Notification Rule authorizes the covered entities to notify patients when there is an ePHI breach. It also requires them to promptly notify the Department of Health and Human Services of such the breach of along with issue a notice to the media if it affects more than 500 patients.

There is also a necessity to report smaller breaches those affecting fewer than 500 individuals via the OCR web portal. These smaller breach reports should ideally be made once the initial investigation has been conducted. The OCR only requires these reports annually.

HIPAA Omnibus Rule

The HIPAA Omnibus Rule was introduced to address the areas that had been omitted by previous updates to HIPAA. It amended definitions, clarified procedures and policies, and expanded the HIPAA compliance checklist to cover Business Associates and their subcontractors.

HIPAA Enforcement Rule

The HIPAA Enforcement Rule governs the investigations that follow a breach of ePHI. It enforces penalties for covered entities responsible for an avoidable breach of ePHI and conducts the procedures for hearings.

What Should a HIPAA Risk Assessment Consist Of?

OCR provides guidance on the objectives of a HIPAA risk assessment:

  • Identify the PHI that your organization creates, receives, stores and transmits – including PHI shared with consultants, vendors, and Business Associates.
  • Identify the human, natural and environmental threats to the integrity of PHI – human threats including those which are both intentional and unintentional.
  • Assess what measures are in place to protect against threats to the integrity of PHI, and the likelihood of a “reasonably anticipated” breach occurring.
  • Determine the potential impact of a PHI breach and assign each potential occurrence a risk level based on the average of the assigned likelihood and impact levels.
  • Document the findings and implement measures, procedures and policies were necessary to tick the boxes on the HIPAA compliance checklist and ensure HIPAA compliance.

HealthViewX, a HIPAA compliant platform for Chronic Care Management and Patient Referral Management

How nice would it be if a solution like HealthViewX can protect all patient-related data securely? The practice need not worry as HealthViewX is a HIPAA compliant solution. We are passionate about making things easy for the healthcare industry. We offer three important solutions.

In this period, when the healthcare industry is experiencing its most drastic change, HealthViewX focuses on helping healthcare providers adapt and evolve to meet the changing needs of the industry and provide the best quality care for its patients.

Know more about our Care Orchestration Solutions to Improve Care, Performance, and Compliance! Partner with us for sustained healthcare outcomes, data insights and informed decision making!

How Can Physicians Manage Patients’ Annual Wellness Visit better?

What is AWV?

In the year 2011, the Center for Medicare and Medicaid Services (CMS) introduced the Annual Wellness Visit (AWV). An AWV is a yearly appointment of the patient with the physician funded by the American Affordable Care Act.  It is very different from an Annual Physical Exam and is more of an educational visit than a diagnostic one. During this visit, the physician formulates a preventive plan for the patient for the coming year. This plan can help in preventing illness based on current health and risk factors.

Eligibility Criteria

Medicare provides Personalized Prevention Plan Services (PPPS) under the wellness plan for beneficiaries who:

  • Are no longer within 12 months after the effective date of their first Medicare Part B coverage period
  • Have not received an Initial Preventive Physical Examination (IPPE) or Medicare yearly wellness visit within the past 12 months

The following medical practitioners are eligible for providing Medicare yearly wellness visit services to patients:

  • Physician (a doctor of medicine or osteopathy)
  • Qualified non-physician practitioner (a physician assistant, nurse practitioner, or certified clinical nurse specialist)
  • Medical professional (including a health educator, registered dietitian, nutrition professional, or other licensed practitioners), or a team of medical professionals who are directly supervised by a physician (doctor of medicine or osteopathy)

Medicare Wellness checklist

  1. Initial Annual Wellness Visit – This is applicable the first time a beneficiary receives an Annual Wellness Visit. It includes the following components:
  • Acquire Beneficiary Information: The physician assesses the health risk factors of the patient. It includes analyzing patient self-reported information, demographic data, daily activities, etc. He/She collects data from the list of physicians who regularly treat the patient. The physician reviews the beneficiary’s medical and social history,  completely studies the patient’s potential risk factors, mood disorders, functional ability and level of safety.
  • Begin Assessment: The physician begins the assessment by measuring the patient’s vitals. He/She identifies the patient’s illness through direct observation, medical history, concerns raised by family members, friends, caretakers, etc.
  • Counsel Beneficiary Action: The physician establishes a written screening schedule for the beneficiary, such as an appropriate checklist for the next 5 to 10 years, etc. He/She furnishes personalized health advice to the beneficiary and generates appropriate referrals to specialist clinics or imaging centers. The physician gives advance care planning at the discretion of the beneficiary.

The subsequent Medicare yearly wellness visits include the above components and will be updated on the later patient visits.

Billing Codes for Medicare Yearly Wellness Visit

G0438 $117 Annual wellness visit which includes a personalized prevention plan of service (PPS) and the first visit
G0439 $173 Annual wellness visit which includes a personalized prevention plan of service (PPS) and the subsequent visits

Tips for physicians to benefit from Annual Wellness Visit

  • Managing patients – All Medicare Part B patients are eligible for Wellness Plan services. It is necessary for the practice to find the right patients who would benefit from this service. The physicians must give the patients a clear idea of how Medicare Wellness Program process works, what they can expect from the service, etc. The practice must make the patients aware of the reimbursements and the additional charges they may incur depending on their insurance coverage.
  • Developing protocols for schedulesA Medicare Wellness Program takes a great deal of both staff and physician resources to give the service. It is better for a practice to take some time to decide how these appointments best fit into their existing schedule. Creating a scheduling protocol will save more time and frustration. For example, how many days in a week, the practice can schedule these appointments, what tool for tracking the Medicare Wellness Program services, patient records, reimbursement rates, etc.
  • Pre-visit planning – The practice must verify not only the patient’s Medicare Part B effective date but also whether the patient has received a Wellness Plan from any physician in the last 11 months. Otherwise, Medicare may deny the service, leaving the patient with an unexpected bill. The practice must do the same verification for other preventive services that patients receive along with the Medicare Yearly Wellness Visit. It is ideal to have the staff note the last date of these preventive services on a Medicare Yearly Wellness Visit documentation form in advance of the visit. This will help in determining which preventive services are needed and whether the patient is eligible to have these paid for by Medicare. A pre-visit history can also find whether the patient needs any laboratory tests such as the cardiovascular scans, diabetes screening blood tests, etc. These should be completed prior to the Medicare Yearly Wellness Visit to allow discussion of its results at the visit.
  • Planning for effective follow-up care – The physician should analyze the patient’s risk factors and problems accurately during the Medicare Wellness Program. The physician must generate a care plan for the patient considering these factors. It is necessary to develop a preventive service plan and a general checklist for the next ten years. The physicians should follow-up the same on the patient’s subsequent Medicare Yearly Wellness Visits.
  • Getting complete reimbursementsThe last step in providing the Medicare Yearly  Wellness Program is to get paid the service rendered. AWV attracts the physicians’ attention because of the reimbursements offered by Medicare. The practice must keep up a clear documentation to make the process hassle-free.

These practices simplify the Medicare Wellness Program process thereby improving the efficiency of the practice. The HealthViewX solution eases the AWV workflow for the practice. With HealthViewX solution, there is no chance of losing the reimbursements. To know more about HealthViewX solution, schedule a demo with us.

Annual Wellness Visit vs. Annual Physical Exam

Annual Wellness Visit vs. Annual Physical Exam

Annual Wellness Visit is becoming very significant in preventive healthcare services and there are many questions that surround AWV and its actual benefits. Here is our answer to some of the trending questions:

Is AWV the same as Annual Physical Exam?

The immediate answer is a No, AWV is not the same as an annual physical exam. Medicare will cover an Annual Wellness visit but not an annual physical exam.  Under the Affordable Care Act, Medicare covers AWV completely, with no co-payment and no patient deductible (Only if the services provided during the visit meet specific criteria for information-gathering, assessment, and counseling).

What’s the difference between AWV and Annual Physical Exam in terms of patient assessment?

Annual Physical Exam is studying the body to determine if there is any physical problem or not with the patient whereas the Annual Wellness Visit is to identify risks and then modify those risks by referring the patient to an appropriate resource.

Medicare Wellness is a holistic assessment routine

Annual Physical Exam is a measurement routine

  • The Doctor will measure height, weight, blood pressure and other routine measurements
  • The Doctor will assess your risk factors and treatment options
  • Review Health Risk Assessment questionnaire
  • Updating list of providers and prescriptions
  • Looking for signs of cognitive impairment
  • The Doctor will set up a screening schedule for appropriate preventive services
  • The Doctor will review your medical and family history
  • The Doctor will measure height and weight; blood pressure; BMI
  • The Doctor will assess your risk factors for preventable diseases
  • The Doctor will perform head and neck; lung; abdominal and neurological exams
  • The Doctor will check vital signs and test your reflexes
  • The Doctor may conduct any blood work or lab tests
  • The Doctor will review your medical and family history

The purpose of Annual Wellness Visit under Medicare is to record the current state of health and to create a starting point for the future.  Medicare also covers a number of other preventive services such as preventive cancer screenings, bone density measurement, and flu shots at absolutely no cost.

The most important question would be – How is the delivery of an AWV— a preventive care service related to HealthCare Technology?

As a service, AWV is good for both patients and for HealthCare System’s Strategic Objectives. The manual processes involved in delivering AWV can be guided by an automated workflow tool. The tool can enable providers to create an assessment, create personalized care plans, set automated reminders, streamline documentation and educate the eligible population.

AWV intervention points for a tool/software platform like HealthViewX –

Patient eligibility verification Assessment/Scheduling of patient visit Patient visit/ Conducting the routine AWV reports Billing of Medicare CCM Suggestion
Done by HealthViewX Done by HealthViewX Done by Provider Done by HealthViewX, reviewed by Provider, shared with patients Done by Provider Suggest providers to enroll eligible patients for CCM

Empower your practice with HealthViewX’s smart and streamlined AWV and make the most out of Medicare’s profitable wellness program both for your practice and your patients.