Our Certified Compliance Officer serves as the spearhead over the critical areas of Human Resources and Security. This individual is responsible for CompMed’s Compliance Program and resulting training, as well as the security of our technology and connectivity.
CompMed conducts regular internal pre- and post-billing audits to ensure that we are billing correctly. We procure external auditors to add an extra level of auditing and review to ensure HIPAA compliance.
CompMed regularly provides HIPAA education, training, and written documentation and instructions to its employees to ensure they know how to properly handle PHI.
CompMed’s IT staff is trained in HIPAA compliance – we regularly assess and improve our Technology, Administrative, and Security Safeguards to comply with the most current regulations. We perform regular Risk Assessments as a part of our Compliance Program.
CompMed requires that all vendors that we do business with sign a Business Associate Agreement, to ensure that they properly handle and safeguard all patient information. This includes clients, landlords, shred company, etc.
CompMed handles ePHI properly – we secure all protected health information that is transmitted in an electronic manner. Information/PHI is restricted to only those employees who are authorized to be privy to that information. We require written authorization from the patient to discuss any PHI with a third party.
We install firewalls and sophisticated automated technology alarms to detect electronic entry by unauthorized entities or any aberrant behavior.
CompMed conducts pre-hire screenings and background checks to ensure the individual is not an Excluded Individual, and then we check the Exclusions Databases and other databases on a monthly basis thereafter.
CompMed has redundant data backup systems, an off-site physical encrypted backup system, and a data recovery disaster plan.
We require written authorization from the patient to discuss any PHI with a third party.
CompMed reviews the OIG’s Work Plan annually to review items they are targeting for the coming year. This ensures we continually maintain compliance with every aspect of our billing process.
We review the Federal Register for updates to ensure we comply with all billing regulations.