was successfully added to your cart.



compliance Archives - Compliance and Auditing Services

It’s Time To Get Ready For ICD-10

By | ICD-10 | No Comments

helpThe Boy Scout motto was to be prepared. Are you? It’s been my experience as a compliance consultant that when it comes to compliance the vast majority of doctors are completely unprepared for the increased regulation and scrutiny.

This may not surprise you, but according to recent surveys 80% of all providers will not be ready by October 2015, and the percentage is probably higher for chiropractors.

What is perhaps more shocking, is how few of the payers are ready or estimated they would have a finished product ready by the end this year. Only 40%.

I can understand the procrastination of most chiropractors in getting ready. They don’t have a lot of extra time and extra staff around to dedicate to the task.

It’s not time to “panic” yet, but to make a smooth transition
to the October, 2015 deadline, there are several things you can begin doing now.

Bear in mind that even though the number of codes will grow from 17,000 to 140,000, you only need to know the codes that relate directly to chiropractic.

You and your staff will need training in multiple formats. Compliance & Auditing Services’ members will get the codes with explanations and how to cross check for the appropriate codes. Members also have webinars and the training newsletter to make it easy, with unlimited email to get answers to any questions.

It will be too late to learn this new language once ICD -10 goes “live,” because you will be behind the curve.

First, identify how ICD -10 will effect your practice.

1. How will ICD-10 effect your people and processes? To find out, review how and where staff and doctors use ICD-9.

2. Ask your payers and vendors (software systems, clearinghouses, billing services) about ICD-10 readiness. Ask when they will start testing, how long they will need, and how you and other clients will be involved.

3. Develop a plan for communicating with staff and business partners about ICD-10.

4. Estimate and secure budget (potential costs include updates to practice management systems and government payment delays.

5. Ideally, have a cash reserve of at least 3 months operating expenses so your office will be able to continue to function normally.

6. Work on your documentation. ICD-10 codes are much more specific and your documentation will need to improve to match them.

➢ This is important because if the insurance carriers ask for documentation to justify the codes, poor documentation will slow the process down or result in all out denials.

So for now, focus on these first steps in preparing your office for the ICD-10 transition and don’t sweat it.

Together we will make it easy to stay on track. After all, you have better things to do with your time than worry about the constant changes.

Dr. John Davenport
Chief Compliance Officer


By | Uncategorized | No Comments

Tired-Man-computeriStock_000024086772LargeAre you using computers that run on Windows XP in your office? If you are you may be violating HIPAA laws by doing so.

If you haven’t heard, on April 8th, 2014 Microsoft ended support for windows XP; putting an end to the operating system.

Microsoft announced that they are no longer providing security updates and stated that:

“If you continue to use Windows XP after support ends, your computer will still work but it might become more vulnerable to security risks and viruses. What this means is that when using computers with Windows XP, you potentially expose your computers to a security risk. Also, as more software and hardware manufacturers continue to optimize for more recent versions of Windows, you can expect to encounter greater numbers of apps and devices that do not work with Windows XP.”

The OCR has been very clear that unsupported systems are NOT compliant. They cited this routinely during the audits last year whenever identified.

Unsupported systems by definition are unsecure and pose a risk, not only to the data they hold, but the network they reside on, as well.

Additionally, any known vulnerabilities of an operating system should be considered in the covered entity’s risk analysis.

For example, as a compliance and auditing specialist, I tell my doctors that an operating system which includes a known vulnerability, which XP does, has to be considered an issue with regard to your “risk analysis.”

Addressing the risks means that as a doctor, you know what can happen by running XP and that you have a written plan for minimizing the risk.

This plan must be described in detail in your risk analysis and should include a timeline for your transition away from Windows XP.

To stay protected after support ends, you have two options:

  1. Update any current devices that are running Windows XP

This is definitely, the simplest route, and for most doctors offices, it’s the most cost effective.

Unfortunately few older computers will be able to run Windows 8.1, which is the latest version of Windows.

Compliance & Auditing services recommends that you download and run the Windows Upgrade Assistant to check if your PC meets the system requirements.

The Windows 8.1 system requirements are nearly the same as Windows 8, so if your PC can run Windows 8, in most cases, you can get the free update to Windows 8.1.

Upgrade Assistant will also check program and device compatibility, and provide a free compatibility report.

Here is a summary of the system requirements:

Processor: 1 gigahertz (GHz) or faster

RAM: 1 gigabyte (GB) (32-bit) or 2 GB (64-bit)

Free hard drive space: 16 GB (32-bit) or 20 GB (64-bit)

Graphics card: Microsoft DirectX 9 graphics device with WDDM driver

You will need to perform a “clean installation.” This means you won’t be able to keep any files, settings, or programs when you upgrade.

We recommend you back up all files and locate any program installation discs prior to updating.

  1. If your current PC can’t run Windows 8.1, it’s time to consider a new one. Given the fact that the fines for a HIPAA Security Violation would be significantly in excess of purchasing a few new computers.

For most doctors, dealing with the technical stuff is a little bit challenging. After all, you’re an expert at treating patients not computers.

If this is you, then talk with your IT person. They have the expertise in this area and should know exactly what to do.


Dr. John Davenport
Chief Compliance Officer
Compliance & Auditing Services