Category : Uncategorized


HIPAA Compliance: You’ve Got to Be More Careful

Are you taking your pharmacy’s  HIPAA Compliance seriously?

hP2-300x225I’m sure you’ve heard about the million-dollar settlements that Rite Aid and CVS paid for HIPAA violations. Here’s a January 2, 2013 headline you may have missed: HHS announces first HIPAA breach settlement involving less than 500 patients. The Hospice of North Idaho agreed to pay $50,000 for a breach of unsecured electronic protected health information (ePHI).
The HHS Office for Civil Rights (OCR) doesn’t just investigate the big pharmacy players, it is tasked with enforcing HIPAA for every US citizen, including your customers. While OCR still spends most of its resources following up on complaints, last summer it began Phase 2 of its random audit program. This phase looked at a randomly selected pool of covered entities AND their business associates. Auditors found that more than 39% of the problems with Privacy Standards compliance were attributed to a lack of awareness of the requirements. Further, they found that the smallest covered entities struggled with compliance under all three of the HIPAA Standards: Security Rule, Breach Notification Rule, and Privacy Rule.
OCR lists, in order of frequency, the five most common compliance issues it investigates:
1. Impermissible uses and disclosures of protected health information;
2. Lack of safeguards of protected health information;
3. Lack of patient access to their protected health information;
4. Uses or disclosures of more than the minimum necessary protected health information; and
5. Lack of administrative safeguards of electronic protected health information.
Everyone in your pharmacy needs to know the HIPAA rules. More importantly, they need to know how to follow them. You and your employees must have solid policies and procedures and be vigilant in sticking to them. It only takes one customer, competitor, or employee to make a complaint to OCR that could get you into big financial trouble.

For more information about  pharmacy compliance solutions for your pharmacy, call PRS at 1-800-338-3688 and speak with one of the Specialists. Also, stop back here for additional posts on compliance issues and what you need to know as a pharmacy owner.


Pharmacy News: NSC Site Visit vs Accreditation Survey

Compliance-ChecklistDo you know the difference between an NSC Site Visit and an Accreditation Survey?

As a Medicare Part B Supplier you will go through periodic onsite surveys by the National Supplier Clearinghouse and your Accreditation Organization. These two types of surveys are separate and distinct from one another and not allowing either to take place could have negative effects on your ability to bill Medicare.


No worries, many Medicare Part B Suppliers are because they have so many different surveyors coming in to their locations.

The Accreditation Organization Survey will verify that you are following all of the policies and procedures required by them to remain in good standing.

The National Suppler Clearinghouse (or NSC Site Survey)will verify that you are abiding by the 30 Medicare Supplier Standards (always refer to CMS/Palmetto for the current version). This survey can be conducted to all Medicare Part B suppliers, whether you are Accredited or not. They will be specifically asking for several policies and forms, including:

  1. Beneficiary Complaints.
  2. A Model Warranty Form can be found on the NSC Website.
  3. A “Capped Rental, Inexpensive or Routinely Purchased Items Notification” form can be found on the NSC Website.

To ensure your continued ability to bill Medicare for DMEPOS and prevent you from being removed from the Medicare program, it is critical that you allow them to conduct their survey. The NSC site visitor is not affiliated with your accreditation organization. They will identify themselves and present you with a Site Visit Acknowledgement Form. For more information or with questions, visit the NSC Web site – or contact NSC Customer Service – (866) 238-9652, M-F 9:00 am – 5:00 pm, ET.