Subscribe to newsletter

Sign up for his newsletter and get one of Rick's ebooks for free!


 

Rick Saldan is an excellent inspirational speaker who tailored the seminar to the needs of the individual students being instructed. This office thanks the Mayors Office of Information Services for having such a vendor.

 

Timothy K. Lynch

Office of Fleet Management

City of Philadelphia

 

 

Rick has a magical approach that provides a clear and concise message specifically designed to the needs of his audience. Rick will provide all the motivational magic you will ever need, propelling your organization to the next level of greater success.

 

Thomas Mulhern

Frontier Communications

 

 

Rick Saldan is a compelling and absorbing motivational speaker and magician.  I have been to five of his Motivational Magic presentations and it is amazing how he keeps our college audiences on the edge of their seats. A highly entertaining performer with great comedy flair. Rich content to increase students' productivity, peak performance and motivation. If you need an outstanding motivational speaker for colleges, Rick is definitely one of the world's greatest speakers and magicians!


Dr. Rob Gilbert, Sport Psychologist,

Montclair State University

 

 

Rick Saldan has the wit, wisdom and sorcery of a wizard. He has a dynamic personality, and all will enjoy his captivating stories, comedy and magic!

Dennis Slaughter
Credit Suisse First Boston

 

 

Rick Saldan delivers a first-class show! A pro in every sense of the word. Funny, unique, entertaining and polished.

Brian Letscher, Actor

Hawaii Five-O, NCIS, Cold Case, Law & Order and The Mentalist.

 

 

Rick Saldan is a wonderful combination of master magician, comic improviser and first class speaker. The audience loved his program, which was music to our ears. If you love celebrity motivational speakers such as Tom Hopkins, Dale Carnegie and Zig Ziglar, then you'll love Rick!

Dottie Burman, President
Burtley Productions, Inc.

 

Rick Saldan is an incredibly talented performer and motivational speaker with great insight. He shares many powerful motivational messages that will enhance your life for the better!

Jack Murray, President
Dream Illusions

 

Rick is one of the best inspirational speakers on the scene today. Funny, fun loving and highly energetic. If you want to make your next event into an extraordinary one, then invite professional speaker  Rick Saldan and his amazing  Motivational Magic.

 

Andres Lara, President

Inspiration Times Magazine

 
 

What You Need to Know about Complying with HIPAA
Author: Jim Cavagnaro

HIPAA - the Health Insurance Portability and Accountability Act - is a federal law developed, in part, to define and regulate the use of healthcare information in the United States. Entities that provide, pay for or supply health services, medications or equipment, as well as their business partners and vendors, are affected by this new set of regulations. This article summarizes the work that needs to be done to meet requirements necessary to become HIPAA compliant.

The Act defines and regulates

-- how health information is identified and used, including standard transaction forms and code sets for communicating between providers and payers,

-- what information, known as Protected Health Information (PHI) is to be considered private and how it must be handled, and

-- security policies and procedures for protecting PHI.

These regulations all fall under Title II of HIPAA and are collectively known as the Administrative Simplification Compliance Act (ASCA). As the name implies, all entities covered by ASCA must be in compliance by the deadlines set forth in the regulations. These deadlines are:

Standardized Transactions and Code Sets -- October 16, 2002
Privacy -- April 14, 2003
Security -- deadline has not yet been set.

Note, however, that the Department of Health and Human Services will allow covered entities to apply for a one-year extension to the Transactions and Code Sets deadline if they submit a Model Compliance Plan form that includes a schedule showing how they intend to become compliant during the extension period. This application must be received no later than October 15, 2002. In addition, certain small health plans have an additional year to comply with all the deadlines. Much more detail on HIPAA and the ASCA can be found at the Centers for Medicare and Medicaid Services web site: http://www.cms.gov/hipaa/hipaa2/default.asp which also contains links to further resources.

How does the ASCA affect my practice or institution?

Directly or indirectly, you will be affected if you provide health services or support health services providers. Covered entities that choose to transmit identifiable patient-related information electronically are required to implement these standards. In practice, this means any provider who sends bills directly to third-party payers since ASCA requires that those bills be sent electronically with a small number of exceptions.

Additionally, an entity falls under HIPAA if it is a health plan, clearinghouse, third-party insurer, employer maintaining health records, rehabilitation center, blood, sperm or organ tissue bank, social worker or counselor, long-term care facility, ambulance company or pharmacy. However, many more companies and services are impacted, including those who provide services or supplies to health service providers or to patients under the direction of providers. They will need new business agreements assuring HIPAA compliance and must implement acceptable information privacy and security measures. If these companies bill third-party payers directly, they will also need to implement the transactions and code sets standards.

Outside technology vendors, transcription providers, accountants, attorneys and anyone else who may come in to contact with patient information in the course of normal business dealings will also be affected. In short, if you create, maintain, manage or have access to personal medical information, you should be concerned about becoming compliant with HIPAA regulations.

To date, HIPAA implementation work has concentrated on defining standard transactions for use by providers and third-party payers, and creating standard definitions for health care providers, employers, health plans and individuals to use in creating patient record information. Code sets are being created to define standard medical terms, diagnosis codes, diseases, injuries, etc. Medical procedure codes are also being defined for actions taken to prevent, diagnose, treat or manage diseases, injuries and impairments, as well as for medications, equipment, supplies and other items prescribed for treatment.

While many of these code sets are those familiar to providers today, there are some changes in the format of transactions and the codes that can be used which may affect the transmission of information between providers and payers. As an example, local codes can no longer be used. Thus, if a specific insurer has asked providers to append a national procedure code with a suffix to further characterize the procedure, the insurer will have to develop another way of obtaining the information it seeks. This will mean that providers will have to learn a new procedure for coding claim transactions.

How do I become compliant?

The majority of work and cost will be in redesigning office processes around patient privacy and in developing of a comprehensive security program around patient information. Areas that will need to be reviewed include written policies and procedures, standards, staff training, technical and procedural controls, risk assessments, auditing and monitoring of compliance. A provider must also assign responsibility for ongoing management of the information security program. Suppliers must agree in writing to maintain the same level of security and privacy as the providers with whom they work.

What do I have to do?

The first step is to perform a “gap assessment” to determine what must be done in order to become compliant. Procedures, processes and information management must all be reviewed in light of the ASCA. For example, common office processes such as a nurse asking a physician information about one patient over an open intercom when another patient can overhear the conversation have to be modified to assure patient privacy.

Once the scope of necessary change is understood, an implementation plan should be developed.

The next major operational step is to fund and execute the implementation plan. In addition, all staff and employees who handle patient information or discuss it with outside parties must be trained in how to keep the information private and secure. This training should also include instruction on any new procedures that are developed and implemented.

What about my computers and software?

An affected organization must implement measures, policies and procedures to assure the security of any information systems that contain individually identifiable patient health information. These would be coordinated and integrated with other system configuration management practices in order to assure system integrity when changes to system hardware or software are made. Any software purchased as a package from an outside vendor must also be compliant.

In addition, affected parties must provide a contingency plan that provides for responding to information system emergencies, including periodic backing up of data, having and testing facilities for continuing operations in the event of an emergency, and developing effective disaster recovery procedures. Computer controls and security measures should be documented in the same manner as other policies and procedures.

Each organization is also required to have a policy on workstation use. These documented instructions and procedures should delineate the proper functions to be performed and the manner in which those functions are to be performed (e.g., logging off before leaving a terminal unattended). Restrictions must be put in place to prevent unauthorized personnel from accessing information stored on the entity’s computers.

Facilities that use communications networks are required to protect messages containing health information when they transmit them electronically to prevent them from being intercepted and read by parties other than the intended recipient. They must also protect their information systems from intruders trying to access information from external communication points. This typically means that some form of encryption must be used to protect this information. As well, there needs to be documented policies and security features for the use of fax, e-mail, Internet, remote dictation and transcription services.








--------------------------------------------------------------------------------

Jim Cavagnaro is CEO of TCN, which provides educational, project management and consulting services through TCN's HealthCare solutions group. More information on HIPAA can be found at www.tcnus.com or by calling 800.366.8353

--------------------------------------------------------------------------------