This is a much longer Security Notification than we usually write since compliance is very complex. This topic includes much more than just HIPAA.

In November the Office of the Inspector General (OIG) introduced the General Compliance Program Guidance (GCPG) for healthcare providers.

Although this compliance is not anything new, they have added this guidance to assist the health care community. This Compliance Program entails more than HIPAA. It is recommended after reviewing this summary that you review the Program Guidance in full.

Similar to the HIPAA Security Rule, the GCPG repeats certain information. This is because OIG recognizes that users may read, or may later reference, specific sections only, and not the whole document. Therefore, relevant information may be included and repeated in multiple sections.

The GCPG applies to all individuals and organizations involved in the health care industry. The GCPG addresses the seven elements of a compliance program. They have adaptations for small and large organizations. They anticipate updating the GCPG as changes in compliance practices or legal requirements.

Starting in 2024, the OIG will be publishing industry specific CPGs (ICPGs) for different types of providers, suppliers, and other participants in the health care industry. ICPGs will be tailored to fraud and abuse risk areas for each industry. They will also address compliance measures that the industry participants can take to reduce these risks. ICPGs are intended to be updated periodically to address newly identified risk areas and compliance measures and to ensure timely and meaningful guidance from OIG.

Keep in mind, the OIG’s compliance plan is a resource for healthcare providers and does not imply that it is a complete compliance program. Every organization is different, and this is not a one size fits all system.

To read the rest of this article:


Tuesday, January 2, 2024

« Back