Why Us?

We know the law and we know the web.

We help companies safely and securely do business on the web.

HITECH / HIPAA October 2011 Newsletter

HITECH Act Compliance is a Team Sport:  Is your team HITECH ready?

 October 2011 Issue No. 22
In This Issue
Products now available in the HSG Store
HITECH / HIPAA Compliance: a checklist manifesto?
In the News

OIG continues to announce  enforcement actions:



Corporate Integrity Agreement Added to List  http://go.usa.gov/0FX 


September 14, 2011; U.S. Attorney; Eastern District of Pennsylvania

Durable Medical Equipment Company and Owner Sentenced In Medicare Fraud and Kickback Scheme 


September 14, 2011; U.S. Attorney; Northern District of Georgia

Fake Doctor Pleads Guilty To Health Care Fraud and Criminal HIPAA Violations 


September 14, 2011; U.S. Attorney; Southern District of Florida

Jury Convicts Miami Man for Stealing Identity Information from DCF Computers for Use in Medicare Fraud Scam  




September 12, 2011; U.S. Attorney for the District of New Jersey

Maxim Healthcare Services Charged with Fraud, Agrees to Pay Approximately $150 Million, Enact Reforms After False Billings Revealed as Common Practice  





August 31, 2011; U.S. Attorney; Southern District of Texas

Houston Medical Equipment Company Owner Lands in Federal Prison for Medicare Fraud  


August 31, 2011; U.S. Department of Justice

Miami-Area Nurse Pleads Guilty in $25 Million Health Care Fraud Scheme



HITECH Switch OnProducts now available in the HSG Store. 
We are also pleased to announce our Combo Package which includes:  
  1. Business Associate Agreement: HITECH Ready Model Contract
  2. Breach Notification Framework
  3. Breach Notification Policy
  4. The Security Rule Under HITECH: a Business Associate's Perspective
Save over $100.00 off the retail price. 

Buy Now...  

HIPAA Breach Notification Framework 

Our HIPAA Breach Notification Framework walks you through the process of analyzing security incidents to determine what actions you must take to ensure your response complies with the HITECH Breach Notification requirements. The Framework discusses HITECH breach compliance in simple terms and uses twelve flowchart diagrams to help you navigate the process. It also includes tools and templates that help "jump start" your breach notification compliance initiative.


 Buy Now... 


Our HIPAA Breach Notification Policy

This policy implements section 13402 of the HITECH Act which requires HIPAA covered entities and their business associates to provide notification following a breach of unsecured protected health information. The policy was derived from our HIPAA Breach Notification Framework and is included as a FREE gift that product


Buy Now... 

Business Associate Agreement: a HITECH Ready Model Contract

Our model Business Associate Agreement includes provisions that meet the requirements of HIPAA/HITECH and is fully annotated with links to the relevant statutory/regulatory authority that underpins each Contract clause. The Contract package also includes a complete "User's Guide," with a clause-by-clause explanation of the issues addressed in the Contract. 

Use discount code "HFBAA1" (without quotes) and save $40.00 off retail price

Buy Now...

The Security Rule Under HITECH:
a Business Associate Perspective
First Edition

The most important step for building a "good SR compliance story" is for the business associate to get started. The approach in The Security Rule Under HITECH is to build the story iteratively over time. Most business associates (large or small) will likely need help in creating the story. The framework discussed throughout this document provides a good road map to follow.

Buy Now...

HIPAA Survival Guide Third Edition

The Third Edition of the HIPAA Survival Guide updates various substantive text of the first two editions and adds completely new material. The HITECH Act has indeed proven to be transformational. In order to deal more effectively with its changing regulatory landscape we have decided to release an updated version available here and on Amazon's Kindle platform.

Buy Now...

Quick Links
HIPAA Lawyer
Join Our Mailing List
Interested in staying current on HITECH / HIPAA compliance issues? Click the "join our list" link above and receive your own copy of the newsletter each month.

Other Resources

HSG Logo 
Dear Carlos,

Welcome to the October 2011 HITECH / HIPAA Compliance Newsletter. 


The featured article this month is entitled HITECH / HIPAA Compliance: a checklist manifesto?


This article explores how, in a world that is increasingly becoming more complex, where the volume of knowledge often exceeds an individual's ability to assimilate and communicate it, simple tools such as checklists are having a profound and compelling positive impact on dealing with complexity. In particular, this article explores how checklists can be used as HITECH / HIPAA compliance tools.

HITECH / HIPAA Newsletter 


HSG Announcements
HSG Logo
Want to ensure that you meet all the State I Meaningful Use Requirements so that you can legally attest in good faith when you register to receive your EHR incentives? Click here or on the image below for more information.
Apex Newsletter Banner 

Our EHR Library remains one of our most popular downloads. Here you will find content that will help you select the right EHR package for your practice or facility and other useful EHR collateral.
HITECH Switch On  

Stay Connected
Want to stay updated throughout the month? Follow Debbie on Twitter by clicking on the badge below.  If you would like to read more regarding the authors' views on HIT and compliance click here and here and subscribe to their blogs.  

Become a Fan
Follow us on FaceBook by becoming a fan of the guide and support the HSG by purchasing some HSG Wearables. Also, be sure to check out our HITECH Videos.

Advertising Opportunities
HSG is now welcoming advertisers to help support one of the most comprehensive and usable HITECH / HIPAA sites on the Internet. Our audience continues to grow as healthcare providers, both large and small, return to HSG again and again.
HITECH / HIPAA Compliance: a checklist manifesto?
Webtones PointerThis article explores how, in a world that is increasingly becoming more complex, where the volume of knowledge often exceeds an individual's ability to assimilate and communicate it, simple tools such as checklists are having a profound and compelling positive impact on dealing with complexity. In particular, this article explores how checklists can be used as  HITECH / HIPAA compliance tools.


What is a compliance checklist?    
HITECH / HIPAA NewsletterThis begs the question: what do we mean by a checklist, and more specifically in this context, a legal/compliance checklist? The short answer is that it is a way to "attack" a particular problem or issue. Checklists have been widely adopted across industries (e.g. aviation) and are now becoming quite acclaimed in the practice of medicine. A checklist combines reusable solutions with analysis patterns, research, useful organizational techniques, and specific examples of successful approaches; it is similar to having your own personal library, which can be tailored specifically to your experience and background.

The publication of The Checklist Manifesto: How to Get Things Right, by Atul Gawande, has led to widespread interest in checklists within the healthcare industry. A checklist, from our perspective, is most useful when an organization is confronting a difficult problem that is either entirely new, or for some reason has taken on additional complexity, or has never really been solved to stakeholders' satisfaction (e.g. the problem continues to be plagued with repeatable errors). Checklists provide guidance on thinking through and solving a problem based upon the experience of others.

A checklist is not a cookbook methodology or solution; there are no cookbook solutions to wicked problems, but rather a kind of roadmap from a fellow traveler that has already crossed the same (or similar) territory. A good compliance checklist from our perspective will make recommendations regarding policies, processes and tracking mechanisms within a particular compliance subject matter domain.


What comprises a compliance checklist item?

Key Contract SectionsIn our view, compliance checklists are comprised of checklist items that have the following components: 

  1. A policy statement that reflects an organization's intentions-the what;
  2. A definition of a process by which the policy is implemented-the how; and
  3. Suggested mechanism(s) for capturing the results of the process-the tracking mechanism or measurement.



About Us
HITECH Puzzles3Lions Publishing, Inc. is now the owner/operator of the HIPAA Survival Guide website and the official sponsor of this newsletter. Our mission is to bring you HITECH / HIPAA statutes and regulations in an easy to read and digestible format, products that help reduce the burden of compliance, and "news you can use" via our newsletter.

We take a partnering and collaborative approach to the marketplace. If you would like to see specific topics covered in this newsletter, or additional products, then please let us know.

Carlos Leyva, CEO
3Lions Publishing, Inc.


Contact us today