Audit & HIPAA Privacy for the Greater
Hudson Valley Health System?
TM: Well, I’ve held a few roles in IT and
learned a little more about our healthcare
organization in each. When I first started,
way back when, I used to key central supply
charges into batches for patient charges. As a
computer operator, I gained an understanding of which charges were associated to what
diagnosis. Then as my roles expanded from
Coordinator up to Director, I learned more
about the business aspects of healthcare and
was able to expand on my leadership skills.
This all assisted tremendously in my new
compliance role as I was familiar with what
systems were installed in each department and
also had familiarity with the responsible staff.
I had experience managing staff, both clinical
and non-clinical, across the organization to
ensure workflow processes were compliant
and were best practice.
LS: The Compliance field has certainly
grown and changed a great deal over the
years. What are some of the significant
changes you’ve seen in the past five years of
your compliance career?
TM: Yes, Compliance certainly has grown,
and it continues to do so. The biggest change
for me in the last five years was the finalization of the HIPAA Omnibus Rule in 2013. It
was exciting for me to tackle the modified and
new requirements as it enabled me to learn
more about HIPAA Privacy, Security, and
Compliance and also granted me the opportunity to put new processes in place.
LS: What accomplishments has Compliance
made in your organization that you are most
TM: I would say that I’m most proud of
the way we conduct employee education
and outreach. We use various methods to
educate, including live training, targeted
education, and also fun with Captain Integrity.
I’m also proud of our close work with the
Board to develop best practices and our
growing dashboard platform that tracks our
LS: What area of healthcare compliance
inspires you the most?
TM: I like to inspire others and educate on
the laws, regulations, and company policies.
Helping employees understand how to avoid
violations, mitigate risk, and create an optimal
working environment is a task my team and
I take to heart. We process hundreds of compliance interactions every year. I think that is
great evidence that staff look at us as a service
department where they can go for advice.
When staff try to do the right thing up front, it
certainly makes Compliance more effective!
LS: What do you see as the greatest risk in
healthcare compliance in 2017?
TM: There is risk in healthcare compliance every year, but for 2017, I think there are
a couple of high-risk areas that would benefit
from additional focus. There’s technology, both
from a privacy and security perspective. It’s
important to have risk assessments completed
and documented and to have the policies
and trainings in place. There is also the need
to continue our focus on reimbursements to
ensure appropriate payments are received
and/or returned to comply with the 60-day
repayment rule. We don’t want to end up in
LS: You are certified in Compliance
and Privacy, having both your CHC and
CHPC credentials through the Compliance
Certification Board. Why did you seek these
certifications? What professional benefits do
you find in having these certifications?
TM: Yes, I am dual certified, and I’m very
proud of myself for accomplishing these