Q: I was recently hired for a position at a long-term care facility. Upon getting acclimated, I learned that the facility has completed handwritten logs for every fax that was sent out since 2003. This document is referred to as the HIPAA fax log and contains the date the fax was sent, to whom it was sent, by whom it was sent, the number of pages, and whether a cover sheet with confidentiality statement was included. I would like to do away with this form since fax machines can generate their own logs. However, if this is a necessary process then I would like to follow official guidelines and update the facility's policies and procedures accordingly. Does the HIPAA Privacy or Security Rule require these logs? If so, what information must we include?
While organizations should focus on performing regular risk assessments and analyses, there are also other ways in which they must review their systems for compliance. Often, these other evaluations are overlooked despite their value, says Kevin Beaver, CISSP, an information security consultant in Atlanta. In particular, organizations should be careful not to forget about performing vulnerability assessments and penetration tests, which are components of an overall risk assessment or analysis, says Beaver, who is a BOH editorial advisory board member.
Many coders rely on the advice in the American Hospital Association (AHA)'s Coding Clinic to resolve sticky situations with ICD-9-CM coding. However, the AHA will not be transitioning its current guidance to ICD-10-CM. Instead, in January, it began focusing solely on ICD-10-CM questions to help clear up confusion prior to implementation.
In a concerted effort to move healthcare payments to a system of "quality over quantity," CMS finalized policies that greatly expanded packaging for outpatient providers in the 2015 OPPS final rule. It also introduced complexity adjustments with comprehensive APCs (C-APCs).
CMS proposed that a new HCPCS modifier be appended to every code for a service furnished in a hospital's off-campus provider-based department on both the CMS-1500 claim form for physicians' services and the UB-04 form (CMS Form 1450) for hospital outpatient services in the 2015 OPPS proposed rule. Despite many detailed comments opposing this change, no consensus emerged; therefore, CMS is moving forward with implementing a slightly modified policy.
