SUNHAWK RESOURCES

Ramping Up Virtual Project Management / Team Facilitation in Response to COVID-19?  SunHawk Can Help

Ramping Up Virtual Project Management / Team Facilitation in Response to COVID-19? SunHawk Can Help

Our skilled leaders and professionals at SunHawk are experts at managing complex and time sensitive projects in a virtual on-line world.  In these disruptive times, we can jump in to help your organization with regulatory and compliance management needs including: · Organizing a short-term crisis management/response team, · Facilitating or assume leadership of a new compliance initiative, or · Provide leadership to an established team or add additional expertise. Do you have work that needs to be done? Do you not have the immediate bandwidth or resources to see such projects to fruition given other priorities? We can help, please reach out to Jim Rough or James Rose for assistance: Jim@SunHawkConsulting.com James.Rose@SunHawkConsulting.com Be aware of Increased HIPAA Risks: Clients report staff checking Medical records to see if patents have tested positive for COVID-19. The government is relaxing measures to help ensure patients get proper treatment during this crisis, however that doesn’t give staff the right to check out patient’s medical records to see if patients have tested positive for COVID-19. Be aware of Physician Services under Telehealth: Be cognizant of creative physicians providing Telehealth services, “Can you provide a hearing test over the phone?” Free Operating Guidance Resources: General legal perspectives on COVID-19 including frequently asked questions. https://www.fisherphillips.com/faqs Comprehensive corporate human resource officer guidance regarding COVID-19 response. https://www.gallup.com/workplace/292334/covid-strategies-policies-world-largest-companies.aspx SunHawk Consulting is a team of highly skilled and experienced subject matter experts in the Healthcare, Life Sciences, and Insurance industries who understand that the client’s needs and budgets come first. SunHawk provides Crisis Management Response, Compliance Consulting, Disputes & Investigations, and Staff Augmentation services for Boards of Directors, internal/external legal counsel, company management and employees, special committees, bankruptcy trustees and receivers, and government agencies.

Compliance & Ethics Week: Special Discount on HIPAA Check Tool!

Compliance & Ethics Week: Special Discount on HIPAA Check Tool!

SunHawk Consulting, LLC. would like to Celebrate Corporate Compliance & Ethics Week with you by offering a one-time Special Discount on HIPAA CHECK™ by SunHawk Consulting, our HIPAA Audit & Risk Assessment program. For more information email Jan Elezian at jan.elezian@sunhawkconsulting.com and mention Compliance & Ethics Week. #sunhawkconsulting #healthcarecompliance #corporatecompliance #ethics #ccew

SunHawk Consulting Sponsors 2019 HCCA Chicago Regional

SunHawk Consulting Sponsors 2019 HCCA Chicago Regional

Join SunHawk Consulting at this year’s HCCA Chicago Regional! This one-day conference provides attendees insights on various compliance topics including: Calculating Repayments Using Extrapolation: Practical Tips and Pitfalls to Avoid Managing Physician Compensation Arrangements Enforcement Trends OIG Self-Disclosures: Benefits, Eligibility, Requirements, and Resolution Compliance Auditing & Monitoring Tips for Privacy Officers SunHawk Consulting will be onsite to answer your questions. Schedule your appointment with one of our expert advisors attending the conference, now! Where: Embassy Suites O’Hare - Rosemont When: October 25, 2019 8:00am - 4:00pm SunHawk Key Contacts:

2019 HCCA Chicago Regional Conference: 
Calculating Repayments Using Extrapolation

2019 HCCA Chicago Regional Conference:
Calculating Repayments Using Extrapolation

Join James Rose, Managing Director of SunHawk Consulting, Heather Fields, Shareholder, Chair of Reinhart Boerner Van Deuren s.c., and Scott Remmich, Chief Compliance & Privacy Officer, Aspirus Inc. as they discusses how to help compliance professionals better understand extrapolation as it pertains to payment analyses using extrapolation to calculate voluntary repayments-myths, challenges and practical strategies. They will also touch on common myths related to advantages of extrapolation; situations to use or not use extrapolation, including example case studies; and best practices to avoid operational delays and challenges when using extrapolation, and the OIG and MAC expectations. For more information or to speak with an expert, click here. To register for the conference, click here. #HCCA #HealthcareCompliance #SunHawkConsulting

2019 HCCA Indy Regional Conference: “Metrics for Compliance Program Effectiveness”

2019 HCCA Indy Regional Conference: “Metrics for Compliance Program Effectiveness”

Join James Rose, Managing Director of SunHawk Consulting, as he discusses how measuring outcomes, not just activities, is key to regulatory expectations, and how the DOJ’s guidance, from April 2019, on the evaluation of compliance programs should factor into your metrics. James will also touch on how authentic measurement and reasonable mitigation builds regulatory trust, and that perfection is not the expectation. For more information or to speak with an expert, click here. To register for the conference, click here. #HCCA #Compliance #SunHawkConsulting

SunHawk Consulting Sponsors 2019 HCCA Denver Regional

SunHawk Consulting Sponsors 2019 HCCA Denver Regional

Join SunHawk Consulting at this year’s HCCA Denver Regional! This one-day conference provides attendees insights on various compliance topics including: ​DOJ Enforcement Initiatives Compliance Concerns to the Opioid Epidemic The Art of Benchmarking for Risk: How to target your outliers without needing a math degree 2019 Health Care Legislation Updates Research Compliance SunHawk Consulting will be onsite to answer your questions. Schedule your appointment with one of our expert advisors attending the conference, now! Where: Doubletree Denver-Stapleton North When: October 18, 2019 8:00am - 4:00pm SunHawk Key Contacts: #SunHawkConsulting #Healthcare #Compliance #HCCA

SunHawk Consulting Sponsors 2019 HCCA Indianapolis Regional

SunHawk Consulting Sponsors 2019 HCCA Indianapolis Regional

Join SunHawk Consulting at this year's HCCA Indy Regional! This one-day conference provides attendees insights on various compliance topics including: Metrics for Compliance Program Effectiveness Drug Diversion: Enforcement, Trends and Best Practices Whistleblower Case Study Building an integrated Behavioral Health and Primacy Care Model Tips for Privacy Officers Quality Improvement Programs SunHawk Consulting will be onsite to answer your questions. Schedule your appointment with one of our expert advisors attending the conference, now! Where: Indianapolis Marriott North When: September 27, 2019 8:00am - 4:00pm SunHawk Key Contacts: #Compliance #SunHawkConsulting #HCCA #Indianapolis

Communicating with Regulators & Enforcement: Avoiding Pitfalls

Communicating with Regulators & Enforcement: Avoiding Pitfalls

At the Scottsdale HCCA Regional Conference that took place November 8, 2019, James Rough (CHC, CFE, CCEP), President and Founder of SunHawk Consulting, moderated a panel discussion on best practices for organizations engaging with regulators and enforcement professionals. Participating Panelist included: Lon Leavitt – Former Assistant United States Attorney District of AZ, Affirmative Civil Enforcement Coordinator, and the Civil Health Care Fraud Coordinator, District of AZ Lauren Hanover – Special Agent for Health and Human Services, Office of Investigations, Arizona Region James Schwegel – Supervising Special Agent Arizona Attorney General’s Office Vanessa Templeman – Deputy Inspector General Office of Inspector General – Arizona Health Care Cost Containment System The theme of the panel was the importance of clear, respectful, complete and competent communication. All too often, company representatives directly or indirectly regard regulators and enforcement professionals as threats or unwelcome intruders. This emotionally charged response can often set up unhelpful barriers to proper and proactive communication with regulators and enforcement officials. It is important to understand the mindset of Regulators and Enforcement personnel. During the presentation, Lon Leavitt clearly communicated that all violations of Federal Law could potentially trigger an investigation, even those with a small monetary threshold. Companies should strongly consider self-reporting violations in order to help save time and treasure. For more information or to reach out to one of our expert consultants, click here!

Risk Assessments & Compliance Program Buildout

Risk Assessments & Compliance Program Buildout

SunHawk is thrilled to be Sponsoring AECC's first quarter Roundtable along with Arizona State University! Join James Rose, Managing Director of SunHawk Consulting, as he discuss why risk assessments and compliance programs are crucial to your company. He will touch on types of risk assessments, governance risk and a way to buildout an effective compliance program. You don't want to miss this, as James & SunHawk will offer an free Compliance Effictiveness Tool download at the end of the Conference. For more information or to speak with an expert, click here. To register for the conference, click here. #HCCA #HealthcareCompliance #SunHawkConsulting

Front Office Privacy Breaches. HOW ARE YOU AT RISK?

Front Office Privacy Breaches. HOW ARE YOU AT RISK?

In any hospital or medical office, the front office staff is usually the first point of contact for patients. But these locations are also stopping points for individuals with wandering eyes, including vendor reps, family members, and couriers. As a result, front office workspaces are vulnerable to a privacy breach involving patient protected health information (“PHI”). Some examples of potential breaches include: Computer screens with full patient demographic information visible to the public. Face sheets or insurance information sitting out on a desk. Copies of claims waiting to be filed with payers. Messages from patients to clinicians containing symptom, treatment, prescription information. Employee passwords or other credentials written on sticky notes. Given the fact that a patient, or other individual can file a complaint directly to the Department of Health and Human Services, Office for Civil Rights (“OCR”), the above-noted examples often show up as subjects of an OCR investigation. SunHawk would like to offer the following tips to help your front office staff safeguard your PHI: Make sure you have organizational policies addressing the safeguarding of your patient’s PHI. Conduct periodic rounds or observational assessment walk-throughs. Do you see PHI sitting out? Are computer screens viewable to the public? Is PHI properly disposed of? Are there sticky notes with log-in credentials sitting out? Observe your front office area from the patient’s point-of-view. When you walk in, what do you see? Conduct staff education and training specific to the front office staff and how to safeguard your PHI. Call to Action: If you are in need of assistance with auditing your front office staff locations or conducting education and training, SunHawk Consulting’s team of highly skilled and experienced subject matter experts in Healthcare and Life Sciences Industries including Compliance and HIPAA can help. For more information, contact SunHawk Consulting through their website at www.sunhawkconsulting.com.

Managing Business Associate Agreements (BAAs)

Managing Business Associate Agreements (BAAs)

SunHawk Consulting performed an analysis on all Department of Health and Human Services, Office for Civil Rights (“OCR”) settlement agreements, and determined that 1/5 of the settlements, related to Covered Entities, failed to have a Business Associates Agreement (“BAA”) in place or other mismanagement of their BAA Compliance Program.[1] A common theme has been the organization failing to execute a BAA, which is indicative of poor contract management of their BAAs. While there are a number of reasons Providers continue to be a struggle with management of BAAs, Covered Entities (and their Business Associates) would be wise to take a focused look at how these agreements are being managed internally. Below are some tips to help aid in your organization’s compliance. Tips for BAA Compliance: Ensure your organization has a policy in place addressing BAAs. Validate that your organization’s template BAA is up-to-date with the current regulations. Audit your BAAs to identify any gaps in compliance. Make sure you understand the process for executing these contracts. Make sure you understand the process for managing contracts in your organization, including communication with internal and external parties. Ensure that a copy of all your BAAs, and a log of those BAAs can be readily produced upon request. Educate leaders on the importance of BAAs and in engaging compliance to identify when one is needed. If a complaint is made to the OCR involving a potential breach, their investigation will almost certainly include asking about your organization’s BAAs. Call to Action: SunHawk Consulting offers an easy-to-use HIPAA Check™ tool that guides you through the risk assessment process. HIPAA Check™ is a subscription-based HIPAA audit and risk assessment program that uses an algorithm to measure OCR settlement agreements and guidance to assess regulatory risk for each Security Rule requirement including criteria for Business Associate Agreements. The tool helps you prioritize items with higher regulatory risk, which will have a significant impact on the risk to your ePHI. If your organization is in need of assistance in auditing or advising on your BAAs, please contact Jim Rough at Jim@SunHawkConsulting.com. Key SunHawk Privacy and Security Experts: [1]Seethe following OCR Settlements: Advanced Care Hospitalists OCR Settlement: https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/agreements/ach/index.html, Pagosa Springs Medical Center (PSMC), https://www.hhs.gov/about/news/2018/12/11/colorado-hospital-failed-to-terminate-former-employees-access-to-electronic-protected-health-information.html, Cottage Heath, https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/agreements/cottage/index.html

Is your business HIPAA Compliant? How to tell and why it matters

Is your business HIPAA Compliant? How to tell and why it matters

Whether you’re a healthcare provider, developer of a healthcare mobile app/software, or assisting with the transition of patient data- it is important to stop and ask yourself this question: “Is my business compliant with HIPAA?”. While your organization may be doing its best to protect sensitive data and health information, unless you hire a HIPAA Compliance Expert you can never be too sure. What happens if you violate HIPAA? The Health Insurance Portability and Accountability Act of 1996, or more commonly known as HIPAA, aims to hold organizations and healthcare providers accountable in safeguarding patient data. Breaking HIPAA rules can lead to termination or cause you to face criminal charges including fines and imprisonment. Between the civil and criminal penalties the charges can lead to fines as large as $250,000 and up to 10 years in prison depending on the violation. Suspension and loss of license is a possibility as well. How do I know if I am HIPAA Compliant? Staying HIPAA Compliant can be challenging, especially since HIPAA standards are constantly changing, requiring you to update your procedures, policies and for tech companies, software architecture. A good starting point would be to use a HIPAA Compliant Checklist with a built in Risk Assessment and Compliance Auditing to identify if you are at risk — like the tool below:
HIPAA Check — Risk Assessment Tool How to become HIPAA Compliant There are no shortcuts if you want to legally provide products or services to the healthcare industry. If you want to be sure you’re doing everything you can to protect patient data breaches, hiring a professional consultant would be the best idea. Click here to contact a HIPAA compliance expert or call 623–850–8055 #HIPAA #Compliance #Healthcare