Healthcare compliance is an ongoing process for meeting the legal, ethical and professional standards that are applicable to healthcare organizations and providers. The scope of compliance for healthcare organizations is extremely broad and includes an array of areas covering patient care, patient confidentiality, reimbursement, Joint Commission standards, Health Insurance Portability and Accountability Act (HIPAA), research standards and managed care contracting. The requirements of federal, state and local regulatory agencies as well as business and ethical standards are also covered by compliance.
Providing healthcare comes with enormous risks – to both providers and patients. Healthcare organizations that have established robust compliance programs can reduce their exposure to these risks. However, it is not an easy job. The rules tend to be very complex; there are a huge number of them; and they change frequently. Compliance can be difficult to achieve, but is essential to the creation of a high-performing, safe, reliable and low-risk environment.
The cost of non-compliance can be enormous – literally. Protected Health Information (PHI) and the requirements of HIPAA are areas of significant vulnerability for healthcare organizations and insurers. In 2015, the Office of Civil Rights (OCR) fined a health insurance provider $16 million for a data breach that exposed the PHI and other personal information of nearly 79 million subscribers. In 2018, the Centers for Medicare and Medicaid Services (CMS) fined a healthcare organization $2.5 million when a provider’s laptop was stolen which resulted in the PHI of approximately 1,400 patients being exposed. Post-incident investigations revealed that these organizations had not properly assessed their risk, lacked procedures to notify patients who had their PHI compromised and obviously both had failed to keep PHI secure.
The Office of the Inspector General (OIG) has helped to define compliance for healthcare organizations. Their guidance includes a recommendation that organizations strive to build a culture of compliance. The OIG provides resources that help hospitals, physicians and other healthcare providers remain in compliance with current federal regulations. While the OIG recognizes that there is not a one-size-fits-all compliance program that will work for every organization, there are some essential elements.
Quality and compliance in healthcare is possible. Be sure that your organization is working to establish a culture of compliance.
HealthStream’s learning management system and comprehensive suite of competency management tools empower your healthcare workforce to deliver the best patient care.View All Learning & Performance
When you enact HealthStream's quality compliance solutions, you can do so with the confidence your healthcare organization will meet all standards of care.View All Quality & Compliance
Fulfill compliance requirements with a variety of programs and courseware designed to address critical regulatory requirements as well as educate staff to recognize and mitigate risks.View All Products
HealthStream offers professional training and education on how to best optimize your reimbursement process within your healthcare organization.View All Reimbursement
Learn about our advanced resuscitation training solutions. Our solutions are designed to help improve patient outcomes.View All Resuscitation
Expand the decision-making skills and effectiveness of your healthcare workforce with HealthStream's clinical development programs and services.View All Clinical Development
Learn more about HealthStream's provider credentialing, privileging, & enrollment solutions for healthcare organizations.View All Credentialing
Make sure your healthcare staff can schedule out appointments and work schedules with ease using HealthStream's line of software solutions.View All Scheduling