Subscribe by Email

Your email:

Customer Success resized 157

"When I call Home Care Software Solutions, I receive consistent, excellent support.Of the three vendors we interviewed, HCSS was the one who demonstrated their willingness to work with a new startup agency, with the equipment, with the training. If I was to go to another agency tomorrow, and they didn't have CareSmart AMS, I would pick up the phone and call Home Care Software Solutions, Inc. I refuse to work with any other company or software."

Mandy A. - Solutions Home Health Inc.

Follow Me

CareSmart Blog

Current Articles | RSS Feed RSS Feed

CareSmart Partner Focus - OASIS-C Analysis Software from PPS Plus

pps plus2Home Care Software has partnered with PPS Pl+s Software to provide the industry leading OASIS analysis software.  PPS Pl+s is integrated with CareSmart AMS allowing agencies to utilize both tools effieciently.  

Home Health Edition has the most comprehensive OASIS analysis in the industry, picking up on thousands of errors and inconsistencies affecting agencies’ overall success.  The quick and thorough analysis scans OASIS data.  Home Health Edition is equipped with numerous clinical and financial reports to help you successfully manage your agency.

One of the strongest assest to partnering with PPS Plus is their passionate commitment to education.  PPS Plus Software offers online and on-site education for nurses, coders and other home health professionals. With PPS Plus, you can always expect quality education, affordable tuition, excellent instructors and the most up-to-date topics related to home health care.  

First-rate home health education is never more than a click away! Whether you want to become more proficient in ICD-9 coding or the OASIS, we can help you do it. Agencies with an active Home Health Edition account or subscription to our ICD-9 coding and OASIS review services receive a customer discount.

An example is this OASIS Tip of the Month from May.

OASIS Tip of the Month - May 2012   

If you would like more information about PPS Plus for your CareSmart AMS software, contact a CareSmart Consultant today.

Copyright © 2011 Home Care Software Solutions.  All rights reserved.

CareSmart Partner Focus - eSignature for Home Health and Hospice

Sertifi Offers Tips to Improve Home Health Industry

Sertifi, an electronic signature software provider, proposes four ways electronic signatures can benefit the home health industry. 

CareSmart AMSHome Care Software has partnered with Sertifi to provide an electronic signature option for home health and hospice agencies.  If you would like more information on Sertifi, contact your CareSmart Software consultant.

Four problems continue to plague home health agencies when it comes to excessive documentation requirements.

Sertifi, a leading electronic signature provider, is spreading the word at health care conferences about its time-saving, hard copy document-reducing options for several required documents, including CMS Form 485 and face-to-face certifications, which are two forms that slow a home health agency’s ability to be paid quickly by Medicare and Medicaid.

Form 485 is generated by home health billing systems and requires a physician signature before Medicare/Medicaid will pay for provided services. Face-to-face forms require physicians to certify encounters with patients before home care services are considered valid and payable.

Electronic signature solutions like Sertifi help resolve the paperwork setbacks. Below are four ways electronic signatures can benefit home health care agencies:

1. Expedite document processing - orders sent by fax or courier tend to experience lag in turnaround time. Sertifi’s electronic signature software tracks documents and enables users to know where they are in the signature process. They also can send reminders for documents that haven’t been signed. Resolving this paperwork process electronically also saves time otherwise spent sending items via the postal service, courier or fax machine.

2. Dedicate more time to patients - time often is spent chasing paper-based documents instead of clinicians and nurses spending time on patient-focused activities. When health care professionals eliminate the paperwork burden, they are able to provide better care to their patients.

3. Eliminate worker headache - physicians frequently are frustrated by having to sign yet another document and sometimes believe the home health agency (not Medicare/Medicaid) creates this extra work. Job satisfaction results in higher worker retention rates. Not to mention, future referrals to the home health care agency could increase.

4. Reduce Costs - manually collecting signatures on documents such as these is thought to cost $10-$12 per document. Costs are reduced to about $3 per document by implementing an esignature solution such as Sertifi, says Hamilton Temple, director of sales for the electronic signature software company.

“Signing documents electronically is convenient and eliminates the loss of paperwork,” Temple says. “By making it a simple process that is hassle-free, it’s no longer inconvenient from a physician's standpoint.”

About Sertifi 

Based in Chicago, Sertifi provides leading esignature and Web contracting solutions that enable organizations to close agreements up to 30 percent faster. Sertifi is the industry’s most trusted esign provider and has processed millions of electronic signature documents.

Looking for software solutions for your home health agency?  

Check out CareSmart AMS.CareSmart AMS

Copyright © 2011 Home Care Software Solutions.  All rights reserved.

Partner Focus - Secure Home Health Communications with .mdEmail

 HIPAA regulations make home health care agencies responsible for the privacy of their patients’ health information. enables user-friendly, efficient, and secure communications that improve patient outcomes.

Home Care Software has partnered with to provide a secure communications tool that agencies can you from within CareSmart AMS software or directly from their computers, laptops, iPads, and iPhones.

Home Healthcare Agency Benefits

  • Satisfies 100% of HIPAA / HITECH Security Standards
  • Reduces administrative workload
  • No confusing software- can be installed in minutes!
  • Affordable…costs only pennies per user, per day!
  • Meets NHIN Direct and FTC Privacy Standards
Some more information from our friends at

The .mdEmail® national health information network conforms to 100% of the HIPAA, HITECH, NHIN Direct Project and FTC Policy by Design Technical, Security and Policy standards.

Watch Video

.mdEmail utilizes "cloud technology" and a unique (patent pending) infrastructure which allows all .mdEmail® subscribers to conduct peer to peer, physician to patient and business to business electronic communication within a secure global healthcare exchange.

Cloud computing solutions offer increased capacity or capabilities at a fraction of the cost of new hardware or software applications. As a result, users increase office productivity within your existing IT environment or legacy systems, saving time and money. That translates to no work flow disruptions or retraining.

Our tools can be quickly and seamlessly integrated into familiar email clients like Outlook or Thunderbird or Apple Mail; or into other back office applications like Electronic Health Records, Practice Management Systems or HIE configurations. Whether you are a Single Doctor Practice with a laptop and little IT expertise, or a large healthcare organization with its own IT Staff and email server, mdEmail® can transform your office in a matter of hours.

The daily communication challenges of healthcare are time consuming and expensive. Data warehouses and other systems with no ability to communicate "beyond the Firewall", or move sensitive information across the web, are the legacy standard. MaxMD has created the first multi-level secure messaging platform to connect the health care industry, whether communicating in or out of network.

Through .mdEmail® and other .md tools, physicians, nurses, labs, hospitals and "Business Associates" can mobilize information (ePHI) through a secure, direct pipeline to improve office productivity. This results in hard dollar saving and less reliance on outdated means of communicating. No more Phone tag, faxing or scanning. The ultimate result is a paperless work environment and the ability to provide better care.

Whether operating within network or beyond the .md domain, .mdEmail® users can securely transmit any document containing

  • ePHI
  • CCRs
  • Forms
  • lab results
  • pre-visit or post-visit care instructions

and can be shared in a completely protected manner. With .mdEmail® as a solution, you or your office staff can access your secure communication capability from any computer, tablet or smartphone, at anytime.

Interested in purchasing .mdEmail or other tools for your home health organization?  Contact Home Care Software today!

Looking for software solutions for your home health agency?  


Check out CareSmart AMS.CareSmart AMS





Copyright © 2011 Home Care Software Solutions.  All rights reserved.

From HCAF - New Webinar: Privacy Issues in Home Health


Looking to increase your knowlege of privacy issues related to HIPAA. 

HCAF is offering the hcaffollowing webinar addressing these issues.

Privacy Issues in Home Health

April 12, 2012, at 1:00-2:00 pm Eastern Time

Purpose: Update on the status of current regulations and expectations for privacy under HIPAA and HITECH.  This session will focus on recent changes and the practical problems created by electronic medical records and communications.  Participants will review and discuss current hot spots, regulatory issues and items that are focused on by regulations.  Additional topics will include employee training and practical solutions to problems that occur including social media concerns, facebook and portable devices.

Register now to reserve your spot!


JO ELLEN WHITNEY is a senior shareholder of the Davis law firm, having obtained her degrees (B.A., magna cum laude, and J.D.) from Duke University in Durham, North Carolina.  Jo practices primarily in the areas of labor and employment law, healthcare law, privacy, and fair housing.

In the area of labor and employment, Jo assists businesses with policy and contract development, human resources planning, disciplinary and termination issues as well as regulatory compliance and litigation matters.

Jo works extensively in the field of health law, privacy and confidentiality issues.  Jo is the author of multiple editions of Iowa Guide to Medical Records and is a regular speaker on issues relating to long-term care, the provision of medical services, medical practitioners and privacy.  Jo has worked and medical staffing, credentialing and privileging matters, as well as consent and risk analysis in the health care area.

Jo works with clients regarding fair housing compliance in the construction, rental and sale phases of housing, apartments and condominiums.

CEUs are not offered.

Webinar Registration Rates
HCAF Member Rates $65
HCAF Prospective Member Rates $115

Thank you for supporting HCAF education!


Copyright © 2011 Home Care Software Solutions.  All rights reserved.

Home Health and Hospice - OCR Begins HIPAA Audits                       

OCR Begins HIPAA Audits Under the Watchful Eye of Congress

What to Expect and How to Prepare


‚Äč In November 2011, as required by the HITECH Act, the Office for Civil Rights (OCR) began auditing selected covered entities’ compliance with the privacy and security provisions of HIPAA and its implementing regulations. In the near future, business associates will be eligible for audit selection as well.  This article describes the current enforcement climate and provides practical steps on preparing for and responding to a HIPAA compliance audit.

Is It Getting Hot in Here? HIPAA Heats Up

The commencement of these audits is one of a series of changes that are transforming the HIPAA compliance landscape.  The last two years have seen the implementation of breach notification requirements, a 60-fold increase in OCR’s fining authority, increased enforcement activity with more serious repercussions for enforcement targets, and as noted, the start of OCR’s compliance audits.  Omnibus regulations implementing the majority of the agency’s outstanding HITECH rules are anticipated shortly.

Breach notification has highlighted significant failures to secure health records, with the number of breaches reported increasing by 32% from 2010 to 2011 at an estimated cost to the health  care industry of $6.5 billion.  The severity of the problem has not gone unnoticed.  On November 9, 2011, the Senate Judiciary Committee’s Subcommittee on Privacy, Technology, and the Law convened a hearing at which its members chastised OCR for its delay in issuing final rules to implement the HITECH Act and challenged the agency to step up HIPAA enforcement activities.

Despite what appears to the regulated community as substantial enhancement of HIPAA enforcement, the Subcommittee made clear that the agency’s efforts fell far short of its expectations, pointing out that, of tens of thousands of HIPAA complaints received by OCR since 2003, the agency has levied only one formal civil monetary penalty and has settled only six other cases for monetary amounts.  (Of course, several of these actions reached penalties in the millions, a fact that did not assuage the Subcommittee.) 

The Director of OCR, Leon Rodriguez, responded to the criticism by confirming that the agency is no longer required to provide enforcement targets with an opportunity to achieve voluntary compliance, as had been the case prior to the HITECH Act.  Rodriguez stated that the agency intends to put its fining authority to good use, stating “the real frontier is in our leveraging these new, stiff penalties that we have under the HITECH statute and expanding our utilization of those penalties” to promote compliance.

The Audit Process

It is in this climate that OCR commences its first compliance audits to assess target organizations’ compliance with the HIPAA Privacy, Breach Notice, and Security Rules.  Of the 150 targets to be assessed in 2012, the first 20 have been notified of their selection.  The audits will be conducted by OCR’s contractor, KPMG LLP, which has assisted the agency in developing an audit protocol to streamline the process.  In this pilot phase, the audit program functions as follows:

  • OCR will inform the covered entity that it has been selected as an audit target and will request documentation of its privacy and security compliance efforts.  The response is due within 10 business days.
  • OCR will conduct a site visit over a three to ten day period, interviewing personnel and observing operations.  Covered entities are expected to receive 30 to 90 days' notice of the site visit.
  • OCR will draft an audit report, describing the audit procedures, the findings, and the actions to be taken by the audit target in response to the findings.
  • OCR will give the audit target approximately 10 business days to review the draft audit report and to provide written comments to OCR regarding concerns and corrective actions in response to the draft audit report.
  • OCR will finalize the audit report within 30 business days after receipt of the audit target’s response.
  • If “serious compliance issues” are identified, OCR may initiate a formal compliance review.  Compliance reviews can result in a formal corrective action plan and/or monetary penalties.

Preparing for and Responding to an Audit

Preparing for an audit is critical to success given the short time frame, particularly the 10-day period in which to respond to the document request.  The following considerations should be evaluated immediately:

  • Documentation: At a minimum, covered entities and business associates must have all policies and procedures required by the HIPAA Privacy, Breach Notice, and Security Rules finalized and regulator-ready.  If your privacy function “owns” privacy policies and your IT function owns security policies, bring those groups together now to develop a comprehensive list of all relevant policies so they can be produced quickly.  Consider other documentation that supports your compliance efforts.  Are your logs of disclosures and security breaches in good order? Can you readily produce documentation supporting role-based access, systems activity review, business associate contracting, training, and other matters covered by the HIPAA rules?
  • Subject Matter Experts: OCR will expect you to know which individuals in your organization can speak to each aspect of HIPAA implementation.  Do you know who handles access requests? Who reviews access rights periodically to ensure they are correct? Who monitors system activity? What activities are logged in your systems? Who is responsible for getting appropriate contracts in place with your business associates? Who handles privacy complaints?  Find these people now and ask them the kinds of questions OCR might pose.
  • Site Visits: If you are selected for an audit, assume there will be a site visit.  OCR has determined that all 150 audits in this pilot phase will result in an on-site audit.  Do not wait for the agency’s notice of its visit to prepare.
  • Risk Analysis: The Security Rule requires that covered entities periodically conduct a comprehensive, formal risk analysis.  OCR recently released guidance on conducting such an analysis.  The results of that analysis will be among the documents the agency can (and is very likely to) request for review.  If you have not conducted a risk analysis in the last 12 months, do so now.  Upon completion, evaluate the results and determine how best to mitigate or manage each risk identified (an activity also required by the Security Rule).  Document the entire process.
  • Breach Notice and Incident Response: By now, your organization should have implemented a written incident response plan that reflects the requirements of both the Breach Notice Rule and the Security Rule.  Ideally, your organization will also conduct a trial run of its response plan and adjust the procedure as needed in light of the results.
  • Evaluate Compliance: Your organization is required to periodically evaluate the effectiveness of its compliance program, including evaluating the accommodations to the recent legal changes brought about by the HITECH Act and implementing regulations.
  • Training:  If you have not consistently or recently trained employees, now is a good time for a refresher.  Maintain documentation evidencing that every relevant employee has been trained.
  • Business Associates: If you have not identified all of your vendors that handle protected health information, now is an excellent time to do so.  Negotiate business associate agreements with all such vendors.
  • Timely Response:  Make sure that the appropriate people will timely receive OCR’s written notice of its intent to audit.  Do not let the notice sit in someone’s inbox while he or she is on vacation for a week, cutting your response time in half.
  • Influencing the Audit Report: The agency provides covered entities with an opportunity to respond to the draft audit report.  In our experience working with HIPAA assessors, they will be very responsive to constructive feedback, including presentation of new facts, legal arguments regarding the scope and application of the rules, and justification of your approach to implementation based on the unique position of your organization.  When you receive the draft audit report, formulate a response to any findings that you believe were unfair or inaccurate.
  • Next Steps:  Once the audit is over, be sure to take any compliance steps the agency has mandated, and seriously consider taking any it has suggested.  Failure to demonstrate reasonable progress on the audit findings, particularly if brought to light by a reportable security breach, will almost certainly result in swift enforcement action by the agency.

Whether or not your organization is ever selected for an audit, the preparatory steps described above will enhance your organization’s compliance posture.  In a time when fines surpass the million-dollar mark and a security breach lurks around every corner, undertaking that work will pay dividends even if your organization avoids an audit.  Of course, if you do find yourself among the lucky first 150 audit targets, you’ll certainly be glad you took the time to prepare in advance.

Reprinted with permission.  A thank you to our friends at PoynerSpruill.

Physical Address: 301 Fayetteville Street, Suite 1900, Raleigh, NC 27601                                 
Copyright © 2011 Home Care Software Solutions.  All rights reserved.

Medicare Fee-For-Service Policy Regarding 90 Day Discretionary Enforcement Period for Non-Compliant HIPAA Covered Entities

From CMS this morning.

Medicare Fee-For-Service (FFS) Policy Regarding 90 Day Discretionary Enforcement Period for Non-Compliant HIPAA Covered Entities 

CMS announced on Thu Nov 17, that it would not initiate enforcement action with respect to any HIPAA covered entity that is non-compliant with the ASC X12 Version 5010 (Version 5010), NCPDP Telecom D.0 (NCPDP D.0), and NCPDP Medicaid Subrogation 3.0 (NCPDP 3.0) standards until 90 days after the Sun Jan 1, 2012 compliance date.  Notwithstanding CMS’ discretionary application of its enforcement authority, the compliance date for use of these new standards remains Sun Jan 1, 2012.

The announcement can be found at

What The 90 Day Enforcement Discretionary Period Means For Medicare Fee-For-Service:

Medicare FFS has experienced significant increases in 5010 production transactions during the last few months.  However, there are many submitters that have tested but not taken the step to move into production for 5010 and D.0.  In addition, there are many submitters that have not yet initiated testing with their Medicare Administrative Contractor (MAC).  Therefore, to ensure that progress continues to be made, Medicare FFS is planning to take the following steps for submitters and receivers of Medicare Part B and Durable Medical Equipment (DME) transactions.  Submitters and receivers of Medicare Part A transactions will follow the same action plan starting 30 days after Part B and DME:


  • In December 2011, submitters/receivers that have tested and been approved for 5010/D.0 will be notified that they have 30 days to cutover to the 5010/D.0 versions.
  • Submitters/receivers that have not yet tested will be notified in December 2011 that they must submit their transition plan and timeline to their MAC in 30 days.
  • MACs will notify the submitters/receivers; submitters/receivers have the responsibility to notify the providers they service.

For more information on ASCX12Version 5010, NCPDP D.0, and NCPDP 3.0; please visit


It’s a Busy Time of Year. Make each office visit an opportunity to talk with your patients about the importance of getting the seasonal flu vaccination and a one-time pneumococcal vaccination. Remember, Medicare pays for these vaccinations for all beneficiaries with no co-pay or deductible. The seasonal flu and invasive pneumococcal disease kill thousands of people in the United States each year, most of them 65 years of age and older. The Centers for Disease Control and Prevention (CDC) also recommends that healthcare workers and caregivers be vaccinated against the seasonal flu. Protect your patients. Protect your family. Protect yourself. Get the Flu Vaccine—Not the Flu.

Remember – The flu vaccine plus its administration are covered Part B benefits.  CMS has posted the 2011-2012 seasonal flu vaccine payment limits at  Note that the flu vaccine is NOT a Part D-covered drug. 

For more information on coverage and billing of the flu vaccine and its administration, as well as related educational provider resources, visit and

Note:  If you have problems accessing any hyperlink in this message, please copy and paste the URL into your Internet browser. 

If you know someone who would like to subscribe to a Medicare Fee-For-Service (FFS) provider listserv, go to (

If you would like to unsubscribe from a specific provider listserv, please go to ( to unsubscribe or to leave the appropriate listserv.

Please DO NOT respond to this email. This email is a service of CMS and routed through an electronic mail server to communicate Medicare policy and operational changes and/or updates. Responses to this email are not routed to CMS personnel. Inquiries may be sent by going to (   Thank you.


 caresmart ams hipaa 50100

Copyright © 2011 Home Care Software Solutions.  All rights reserved.

WEDNESDAY: CMS Home Health Open Door Forum

This month’s CMS Home Health, Hospice, & DME Open Door Forum is scheduled for

Wednesday, November 2, 2011

2:00 PM Eastern Time (ET).


Please log on at least 15 minutes prior to the forum start time.
Chair- Lori Anderson, Co Chair – Nancy O’Connor, Conference Leaders: Michael Bussacca, & Gregory Price.

**This Agenda is Subject to Change**
• Extension of Mandatory Use Date for ABN
• HHPPS CY 2012 Rule Update
• Grouper Update
• HHCAHPS Update
• Hospice CR 7478
• Therapy Clarification
• Hospice Quality Update

Open Door Participation Instructions:
This call will be Conference Call Only.

To participate by phone:
Dial: 1-800-837-1935 & Reference Conference ID: 93914101.

Persons participating by phone do not need to RSVP. TTY Communications Relay Services are available for the Hearing Impaired. For TTY services dial 7-1-1 or 1-800-855-2880. A Relay Communications Assistant will help.

Encore: 1-855-859-2056; Conference ID: 93914101.
Encore is an audio recording of this call that can be accessed by dialing 1-855-859-2056 and entering the Conference ID beginning 4 hours after the call has ended. The recording expires after 3 business days.

For ODF schedule updates, E-Mailing List registration and Frequently Asked Questions, visit our website at

Copyright © 2011 Home Care Software Solutions.  All rights reserved.

Home Health ICD-10 Timeline ICD-10



The International Statistical Classification of Diseases and Related Health Problems, 10th Revision (known as "ICD-10") is a medical classification list for the coding of diseases, signs and symptoms, abnormal findings, complaints, social circumstances, and external causes of injury or diseases, as maintained by the World Health Organization.

For all medical providers who bill Medicare, including home health and hospice agencies, the compliance and effective date for ICD-10 codes is October 1, 2013. The ICD-9-CM Coordination and Maintenance Committee will implement a partial freeze of the ICD-9-CM and ICD-10 (ICD-10-CM and ICD-10-PCS) codes prior to the implementation of ICD-10 on October 1, 2013.


  • Oct 1, 2012 there will be only limited code updates to both ICD-9 CM and ICD-10 code sets

  • Oct 1, 2013 there will be only limited updates to ICD-10 code sets These limited updates will capture new technology and new diseases only

  • Oct 1, 2014 regular updates to ICD-10 will begin, ending the freeze

Provider ICD-10 Code update Timeline

• Provide awareness training to staff (1 month)

• Determine business and technical implementation strategy (1 month)

• Identify budget for implementation and implementation lead (3 months)

• Perform an impact assessment and identify potential changes to existing work flow and business processes (6 months) Collect information on current use of ICD-9 and a list of staff members who need ICD-10 resources and training. Staff training will most likely involve billing and other financial personnel, coding staff, clinicians, management, and IT staff if applicable

 • Evaluate the effect of ICD-10 on other planned or on-going projects (e.g., Version 5010 transition, EHR adoption and Meaningful Use)

• Develop an implementation plan, including a memo/letter communicating the new system changes to staff (3 months)

• Estimate and secure budget (2 months) Ask IT support to identify costs associated with implementation such as software and software license costs, hardware procurement

• Include staff training costs

• Contact systems vendors, clearinghouses, and/or billing services to assess their readiness for ICD-10 and evaluate current contracts (2 months) Determine if systems vendors and/or clearinghouses/billing services will support changes to systems, a timeline and costs for implementation changes, and identify when testing will occur

 • Determine anticipated testing time and schedule (when they will start, how long they will need, and what will be needed for testing)

• If vendor(s) provide solution, then engage immediately

• Begin internal system design and development, if not started already

CMS has provided printable timelines for small providers and large providers.

Begin the discussions now on how your home health agency will meet the transition requirements. 

Copyright © 2011 Home Care Software Solutions.  All rights reserved.

Home Health - Insight, Tools, and Resources


CareSmart AMSFind news, insight and resources your growing home health agency can use.

Home Health / Post Acute Care

Senior Boom Creates A Demand For Home Health Workers

WASHINGTON, D.C. - At her home health care agency here, Venus Ray quizzes 65 job applicants assembled before her: Can they cook? Do they know the right way to wash their hands? Can they safely transfer patients into wheelchairs? If they give wrong answers, speak English poorly or — God forbid — forget to turn off their cell phones, she asks them to leave. More from Kaiser Health News. . . 

Viewpoint: CLASS Long-Term Care Insurance Is Dead, But What Comes Next?

To the surprise of absolutely nobody, the Obama administration today walked away from the CLASS -- Community Living Assistance Services and Supports -- Act, the landmark long-term care insurance program included in the 2010 health reform law. But while CLASS may have disappeared, the challenge of financing the long-term care needs of 20 million Americans over the next few decades has not.   More from Kaiser Health News . . . 


Guidelines for Initiating the HHCAHPS Survey More Than 21 Days After the Close of the Sample Month

Home Health Care CAHPS (HHCAHPS) Survey protocols require that HHCAHPS Survey vendors initiate the survey—that is, begin data collection activities—within 21 days after the close of a sample month. The rationale for this protocol is that sample patients will be better able to recall and accurately report their experiences with home health care if the survey is administered as soon as possible after the care is received.

The Centers for Medicare & Medicaid Services (CMS) is issuing the following guidance to HHCAHPS Survey vendors and home health agencies (HHAs) regarding initiating the HHCAHPS Survey more than 21 days after the sample month ends. More . . .

10 security problems you might not realize you have

IT administrators are often so busy just trying to keep up with the obvious security threats that many more problems fly under the radar. Here are 10 security risks you may have in your organization that you are not aware of. More from Tech Republic...


Three Rules for Entrepreneurs During Uncertainty 

by Ndubuisi Ekekwe

The Mexican economy was in ruins in 1982. Oil prices had fallen, the peso was devalued, interest rates were high, and some banks were nationalized. Yet a young entrepreneur saw opportunities and invested heavily during that downturn. He acquired clusters of companies, across industries, from foreign and native investors, who were fleeing the collapsing nation. His father had told him that nations never go bust forever. Good times always return. More from HBR Blog Network . . .

Four Motivation Mistakes Most Leaders Make

Irrationality is a basic part of being human. A classic example is buying something we would never otherwise have spent money on — and will never use — simply because it's a great deal. So when it comes to motivating employees to change, it should be no surprise that leaders who rely on rationality typically spend time and energy on the wrong things, send messages that miss the mark, and create frustrating unintended consequences.

More from HBR Blog Network . . .

Copyright © 2011 Home Care Software Solutions.  All rights reserved.

Home Health - Management and HIPAA Compliance


Home Health HIPAAIn the home health and hospice agency, just as in the broader medical community, it is important for all employees and contract workers to be aware of what the HIPAA regulations and policies are, how and why the organization needs to become compliant and what the potential penalties and fines are for non-compliance.

Management should assign a person or persons to act as a liaison among business and IT management, employees, HR and the legal department. It is very important to get all departments on the same page in terms of compliance and verifying that every department is doing its part to establish a HIPAA-compliant environment.

Clearly identified to all employees what constitutes sensitive information, how it should be protected and who is allowed to access that information. How can your home health agency do this? Document, document, document. The policies and procedures you create will give your agency specific guidelines as to how you interpret the HIPPA rules. This will ultimately avoid a future incident in which an employee claims that he or she was unaware. 

If you are an agency with limited resources, AHCA and LTCC has provided editable HIPAA Policy and Procedures in word format that you can adjust to your home health or hospice agency's needs.

ahca resized 600

Your agency can also purchase HIPAA policy toolkits from a variety of online vendors.  What ever source you use to document your policy and procedures, it is only as effective as how completely it is communicated to your management team, employees, and contract workers.

Access to sensitive materials should be restricted to those who absolutely need it during their daily activities and access should be monitored frequently and updated as needed. Update access controls to avoid giving the wrong people expansive privileges and don’t forget… remove access for staff members no longer in your employ.

System monitoring is also a part of system and data access as well as a HIPAA requirement. Be diligent with monitoring efforts to ensure that only those staff are accessing information. System monitoring software with extensive logging capabilities should be implemented and examined on a regular basis to help spot potential problems and take the proper action before a breach occurs.

Written by Steve Mann
HIPAA Officer
Home Care Software Solutions, INC.
Copyright © 2011 Home Care Software Solutions.  All rights reserved.
All Posts