Download your Free copy of my "Medical Coding From Home Ebook" at the top right corner of this page

2018 CPC Practice Exam Answer Key 150 Questions With Full Rationale (HCPCS, ICD-9-CM, ICD-10, CPT Codes) Click here for more sample CPC practice exam questions with Full Rationale Answers

Click here for more sample CPC practice exam questions and answers with full rationale

Picking the Right Coding Vendor

Posted on May 22, 2020 by CPC Exam Medical Coding Updates

Picking the right coding vendor can be challenging. There so many options and they all tell you they offer accurate coding to ensure revenue optimization and compliance risk minimization. To help you select the right coding vendor, we have compiled some considerations to help narrow down your decision.

Always ask if the codes that they use are specialty specific. Generalist coders are unable to provide the most accurate coding possible and some multi-specialty coding vendors have coders working across multiple unrelated specialties. The best multispecialty coding vendors only utilize specialty specific coders and will not let their coders handle materials they are not only unfamiliar with but also do not have the requisite experience in. It is also important to make sure that specific coders will be assigned to your account, this helps ensure that if there are disputes or disagreements coders can be held accountable for their work.

Additionally, it is wise to ask about their hiring criteria. Look for answers that stress single specialty experience. Just as important is whether or not the vendor is validating the caliber of the coder. This is primarily done in two ways: 1) prior to the engagement of the coder by the vendor, testing them up front to see that they have the requisite skills to code in a particular specialty irrespective of their job experience coding in that discipline, and 2) ongoing coding audits of the coders to validate that they are maintaining their proficiency in that specialty.

Of great import is to ensure that there is a contractual guarantee that all coding work is performed in the USA. Offshore coding opens the group up to both accuracy and privacy/security issues. We have also seen companies pull a bait and switch on their clients for vendors that operate a mixed model of possessing both onshore and offshore coders. They have US based coders to handle dispute, questions, and customer service, but they will send the bulk of their day-to-day work offshore. Getting a contractual agreement stating that all coding work is US based provides you as the client with more control and greater sense of security that the coders performing work for you are the ones you wanted when you selected the vendor.

These considerations are not all inclusive but should allow for a solid foundation for your coding vendor search.

The post Picking the Right Coding Vendor appeared first on The Coding Network.

The Coding Network

Prevalent Vendor Assess evaluates third-party vendors’ HIPAA compliance

Posted on April 5, 2019 by CPC Exam Medical Coding Updates

Product watch

Prevalent Vendor Assess evaluates third-party vendors’ HIPAA compliance

by Chris Apgar, CISSP

Much of today’s healthcare industry is reliant on third-party vendors. If you haven’t asked your vendors whether they are compliant with HIPAA and have implemented sound information privacy and security programs, you are likely facing unknown?and possibly significant?risks. Covered entities (CE) and business associates (BA) are required by HIPAA to exercise due diligence when it comes to their BAs and BA subcontractors. Assessing the risk of those vendors is necessary, especially if those vendors support critical functions in support of CE operations.

Prevalent offers Vendor Assess: a software as a service-based tool that can automate a large part of third-party vendor assessments. Its third-party risk management solution can help CEs and BAs manage the risks associated with BAs and BA subcontractors. And Vendor Assess provides the information and tools necessary to require vendors to address risks that could have an adverse impact on business and clinical operations.

Vendor Assess is a subscription-based service which uses industry best practices to efficiently support CEs and BAs to conduct third-party assessments without the need for additional staff or resources. Prevalent Vendor Assess leverages Prevalent’s Vendor Risk Manager platform to generate focused third-party risk assessments and store the results in an easily accessible web portal. Also, Prevalent’s Vendor Threat Monitor is available to support the collection of real-time vendor threat intelligence information. THe subscription includes a single assessment, threat intelligence monitoring, reporting, and assessment recommendations by Prevalent.

Vendor Assess uses predeveloped third-party security questionnaires to identify CE and BA vendor risks. The questionnaires sent to vendors are customized to address areas of risk that are associated with each vendor versus a static set of questions that are not necessarily suited for each vendor. Because risks vary depending on the vendors and the services provided, the customization is an added bonus?especially when evaluating critical vendor information security risk to CEs and BAs.

The tool can be used to electronically generate questionnaires that can be distributed to vendors and takes a lot less time than manually generating, addressing, and sending questionnaires that are geared to identify risks that vendors pose to their CE and BA clients. The tool creates a centralized repository that can be used to track vendor risk management activities and questionnaire returns and create a baseline of vendor risk that can be used for future Vendor Assess assessments.

In addition to providing a sound solution to assess vendor risk, Prevalent’s offerings include the Prevalent Vendor Risk Maturity Assessment. The Vendor Risk Maturity Assessment was created to help CEs and BAs understand the maturity of their vendor risk management program, review specific actions for maturity improvement, and benchmark overall maturity with other Prevalent clients.

The Vendor Risk Maturity Assessment identifies CEs’ and BAs’ vendor risk management program maturity. The assessment involves a question and answer session with the staff responsible for vendor risk management. A Prevalent analyst reviews the data, identifies areas for improvement, develops a specific action plan for improving maturity across all the CE’s BAs and BA subcontractors and creates an executive presentation to show how an entity’s vendor risk assessment program compares to other Prevalent clients.

Pricing for Prevalent services fits the budget of most small and large CEs and BAs. Pricing is, for the most part, tiered by the number of vendors CEs and BAs will be sending questionnaires out to. Prevalent offers a concierge package of services that has, per Prevalent, appealed to smaller CEs and BAs. More information is available from Prevalent at www.prevalent.net.

Editor’s note

Apgar is president of Apgar & Associates, LLC, in Portland, Oregon. He is also a BOH editorial advisory board member. Opinions expressed are that of the author and do not represent HCPro or ACDIS. This information does not constitute legal advice. Consult legal counsel for answers to specific privacy and security questions. Email your HIPAA questions to Associate Editor Nicole Votta at [email protected].

HCPro.com – Briefings on HIPAA

Patient Statement Vendor

Posted on March 14, 2019 by CPC Exam Medical Coding Updates

I am looking for a new vendor for our patient statements and online patient payments. Does anyone have any suggestions for a vendor they are happy with? I am having such a hard time finding one. I appreciate any feedback! Thanks so much!

Medical Billing and Coding Forum

15 Ways to Vet a Coding/Billing Vendor

Posted on September 6, 2017 by CPC Exam Medical Coding Updates

Find out if what they say is true because your compliance and financial livelihood is in their hands. By Joette Derricks, MPA, FACMPE, CPC, CHC, CSSGB Before outsourcing the coding needs in your medical organization, take time to verify a potential vendor’s claims. Here are 15 ways to dig a little deeper to ensure a […]
AAPC Knowledge Center

FTC fines software vendor over false encryption claims

Posted on July 25, 2017 by CPC Exam Medical Coding Updates

Henry Schein Practice Solutions, Inc., a provider of office management software for dental practices, agreed to pay $ 250,000 to the Federal Trade Commission (FTC) to settle charges that Schein lied to consumers about the level of encryption its product provides. The charges specifically address the level of security offered by Schein’s Dentrix G5 software, an office and data management tool that was marketed to address the day-to-day operations of a dental office including database storage of patient records. The software, originally launched in 2012, was marketed as offering encryption capabilities that would help a practice meet HIPAA security requirements.

In contradiction to Schein’s statements to consumers, Dentrix G5 did not use the National Institute of Standards and Technology (NIST) industry standard Advanced Encryption Standard (AES) security. Schein was aware that its product used a less complicated data encryption method and continued to explicitly promote the software’s data encryption capabilities and claimed that the software met “data protection regulations” in marketing material, the FTC alleged in its complaint.

The U.S. Computer Emergency Readiness Team (US-CERT) issued a warning in 2013 about the data encryption method Schein used in its software. Dentrix G5 used Faircom c-tree-ACE which offers a weak level of obfuscation. The algorithm used in this method was called Faircom Standard Encryption, but the name was changed to Data Camouflage to distinguish it from standard encryption algorithms. Faircom describes their Data Camouflage as a supplement to existing security and not a replacement for other security systems. US-CERT notified Schein of this vulnerability on June 10, 2013.

Schein is required by the consent agreement to notify all customers who purchased Dentrix G5 that the software does not offer industry-standard encryption. Schein agreed to provide the FTC with ongoing progress reports on its notification program, and is prohibited from using false advertising to mislead consumers about its products’ data encryption and security capabilities.

The FTC published a description of the consent agreement in the Federal Register. The consent agreement is open for public comment for 30 days. The FTC will then decide whether to make the consent agreement final. The deadline for public comments is February 4.

HCPro.com – HIM-HIPAA Insider

EHR Vendor Settles Accusations of Falsifying Certification

Posted on June 1, 2017 by CPC Exam Medical Coding Updates

eClinicalWorks (ECW), located in Westborough, Mass., has agreed to pay $ 155 million to avoid prosecution for alleged False Claims Act violations. The U.S. Department of Justice (DOJ) accused ECW of misrepresenting the capabilities of its electronic health record (EHR) software and paying kickbacks to certain customers in exchange for promoting its product. The DOJ contends that […]
AAPC Knowledge Center

How to Choose a Radiology Revenue Cycle Management Vendor – Part 1

Posted on September 30, 2016 by CPC Exam Medical Coding Updates

When a major hospital-based radiology practice realized that their outpatient volume had dropped suddenly, their Revenue Cycle Management (RCM) company stepped up to quickly diagnose the problem. Using their analytic database, they produced a focused referring doctor report that revealed significant outpatient service volume declines concentrated among a handful of providers, one of which had decreased by 60%. It’s this kind of responsiveness that sets a true RCM partner apart from the average vendor.

Medical Billing and Coding Blog

How to Choose a Radiology Revenue Cycle Management Vendor – Part 2