Preferred Partners
About Us
Contact Us



Management Training -
Introducing RLL Solutions, LLC
new strategic leadership
training series.  Click Here
to review a short video explaining the curriculum that can empower leaders in your organization.


Customized Digital
Training -

Why settle for standard "high level" HIPAA training when you need something to drive business results and provide the workforce with your best practices?  Check out information on customized digital presentations for your organization.


News and Views


N-Tegrity Solutions Group keeps editorial content focused on the pulse of the issues important to our client base.  Read recent questions or requests from our most important asset - YOU!


CMS releases compliance-program effectiveness results

  The Centers for Medicare and Medicaid Services (CMS) just recently released its final results of a compliance-program effectiveness program.  This particular emphasis was on reducing billing errors and to identify best practices commonly employed by hospitals and other large providers.  However the lessons learned apply directly to covered entities and others affected by HIPAA privacy and security- and offer some basic steps which equate to a successful compliance process.  The five steps gleaned after conducting a series of on-site hospital visits included the following: 


(1)  Code of Conduct- CMS suggests the code of conduct be issued under the signature of the organization’s CEO or President.  In other words- it needs to be a concise and easy to understand message which is disseminated and supported throughout the entire organization from the top down.  Applying this to HIPAA should be an easy step such as “We take Patient confidentiality and HIPAA seriously”, or “Use and Disclose Patient Information for Treatment, Payment and Operations”. 

(2)  Policies and Procedures- Policy and procedure documents should have been thoroughly integrated into the organizations business practices.  They should be current, reviewed regularly, and employees should be familiar with those that affect their job functions.  In fact, some of the most effective training programs leverage the base content of the actual policies and procedures in order to assure there is no miscommunication between the way the organization wants them to act and what is told to the workforce members. 

(3)  Education and Training-CMS suggests that there is no one method which must be followed, but having a program that is supported by all management, with ongoing and routine reinforcement is best.  N-Tegrity Solutions suggests that a HIPAA privacy and security training curriculum be based upon the organization’s policies and procedures, and include customized scenarios which reflect the organization’s common business challenges so that the workforce members gain a clear understanding of expectations especially related to using and disclosing protected health information. 

(4)  Lines of Communication- CMS suggests that keeping ongoing compliance activity systems in place to monitor maintenance items such as tracking complaints.  NSG suggests employing the same kind of tracking mechanisms to assure that all of the HIPAA privacy rights (access, amendment accounting of disclosure etc...) are responded to according to state and federal laws and in accordance with organizational policy. 

(5)  Auditing and Monitoring-CMS suggests that audits themselves are planned, tracked and staff reeducated when needed.  NSG recommends adopting auditing and monitoring steps as part of the initial implementation of each privacy/security policy and procedure.   

Healthcare organizations can learn from the CMS compliance program effectiveness pilot and leverage the best practices set forth in the findings above to implement effective HIPAA compliance (and other compliance programs).



Copyright (c) 2007 N-Tegrity Solutions Group. LLC. All rights reserved.