Audit Preparedness in Long-Term Care Claims: Implementing Proactive Measures

The practice of LTC pharmacy is different – look no farther than the dichotomy between prescriptions and orders. While state laws may be vague or unclear, resulting in pharmacists using professional judgement, PBMs have their own requirements. Do PBM Provider Manuals (and auditors) view LTC differently? The answer may surprise you—not as much as one may think and following the “LTC is different” mindset may lead to a lot of extra work (or recoupments) if you find yourself with an audit. Insufficient documentation for Long-Term Care (LTC) prescription claims is a topic PAAS National® analysts cover frequently during audit preparation consultations with members operating combo shop pharmacies and/or closed door LTC pharmacies. Our analysts are experts in understanding the documentation requirements for both retail and LTC claims and want you to be comfortable and confident in your documentation as well. One reference tool the PAAS analyst will utilize when educating pharmacies …

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!

Did you know there is much more to your audit assistance membership than just help with audits? The PAAS Member Portal contains a wealth of information and resources to assist you with audits and member service questions. Below is a list of 6 pages found on the Audit Assistance section of the PAAS Member Portal to assist you and your pharmacy staff to be proactive when it comes to audits.

  • Access Services
    • Audit Documentation Submission Guidance
    • An online form to submit safe filling and billing questions
    • Your PAAS Membership Manual
  • Newsline
    • Monthly newsletter articles, written by our expert PAAS analyst team, provide safe filling and billing tips and relays relevant/current PBM trends to be help prevent audits
    • Search the Newsline Archive to get PAAS tips at the click of a button
    • Special Edition Newslines including: Top 10 articles of the prior year, DMEPOS Article Series and a Self-Audit Article Series
    • Ability to print monthly issues or individual articles
  • Proactive Tips
    • Audit flags – list of various claim attributes the PBMs use to select claims for audit
    • Billing insulin vials – flowchart to assist whether you should bill Medicare Part B vs Part D
    • DAW Codes Explained – use to understand when to effectively use DAW codes, their definitions and why claims may be flagged for audit if a DAW code is used incorrectly
    • Basic DMEPOS documentation guidance
    • Onsite Credentialing Checklist and expanded definitions of policies and procedures
    • Proof of refill request and affirmative response form for DMEPOS items
    • Steps on how to prepare for an onsite audit
    • And more!
  • Days’ Supply Charts
    • Utilize the days’ supply charts for inhalers, insulins, nasal sprays, eye drops and topicals to aid you in calculating the correct days’ supply
    • Guidance on overbilled quantities and incorrect days’ supply account for a sizable portion of audit chargebacks
    • Additional miscellaneous charts, which include: Dispense in Original Container and Return to Stock
  • Forms
    • Signature Logbook for print
    • Signature Trifold Mailer
    • Fax and Email Coversheet
    • Patient Attestation for over-the-counter COVID-19 test kits
  • On-Demand Webinars
    • Short webinars on hot topics in the PBM industry. Here are a few examples:
      • USP 800 Compliance
      • Cultural Competency Training
      • Dispensing Prescriptions Off-Label
      • Biologic Medications and Interchangeability
      • Continuous Glucose Monitor Requirements for Medicare Part B

PAAS Tips:

  • MORE AUDITS, MORE INSIGHT – PAAS National® is the industry-leading defender of community pharmacy dealings with Prescription Benefit Programs, including Caremark, Express Scripts, Humana, Medicaid, OptumRx, Prime Therapeutics., and more. PAAS assists on all third-party audits, including: desktop audits, onsite audits, invoice audits, OIG/Medicaid audits, Medicare B audits. The PAAS team is dedicated to helping you! We have five pharmacists and a complement of technician analysts with over 50 years of dedicated audit assistance experience. PAAS continuously updates their database with every audit received — in fact, we even keep a scorecard on individual auditors.
  • Get answers to your questions on days’ supply calculations, drug substitutions, billing practices, required documentation, prior authorization requirements, record retention, and internal audit procedures – just to name a few. As a trusted partner, we will provide tailored guidance to help you proactively prevent audits. Remember, the prescription claims you submit today are the audits of the future.
  • Keep your employees engaged and help lower audit risk by adding all employees to the portal and giving them permission to access these tools, resources and eNewsline. For more information review September 2019 Newsline article, What Are You Waiting For? Make Sure ALL of Your Employees are Added to the PAAS Portal!
  • Contact PAAS at (608) 873-1342, if you would like a tour of your PAAS Member Portal, so you can reap all the benefits of your PAAS Audit Assistance. We appreciate you being a member.

V-Go® All-In-One Insulin Delivery Patch

The V-Go® all-in-one insulin delivery patch is a disposable device approved for use in patients with Type 2 diabetes. Because it is “disposable” and not “durable”, it is covered under Medicare Part D (rather than Part B). The device comes in three different strengths that deliver a basal dose of 20 units, 30 units, or 40 units of rapid acting U-100 insulin (such as Humalog® or Novolog®) per 24 hours. Additionally, each device can deliver up to 36 units of on-demand bolus insulin for mealtimes (in 2-unit increments). Prescribers will need to issue two separate prescriptions for patients – the prescription for #30 V-Go® devices to last one month and a prescription for the rapid acting U-100 insulin to put into the devices (typically 20-30 mL).

According to the instructions for patient use, patients must fill each device completely each day and each device holds slightly more than it can actually deliver. The amount of insulin each device can hold is referred to by the manufacturer as the Minimum System Daily Insulin Requirement and the amount of insulin each device can deliver is referred to as the Minimum Reservoir Dosing Capacity.

The table below summarizes each device and provides an estimated day supply to bill based on the number of vials of insulin and the amount of insulin used to fill each device.

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!

Did you know there is much more to your audit assistance membership than just help with audits? The PAAS Member Portal contains a wealth of information and resources to assist you with audits and member service questions. Below is a list of 6 pages found on the Audit Assistance section of the PAAS Member Portal to assist you and your pharmacy staff to be proactive when it comes to audits.

  • Access Services
    • Audit Documentation Submission Guidance
    • An online form to submit safe filling and billing questions
    • Your PAAS Membership Manual
  • Newsline
    • Monthly newsletter articles, written by our expert PAAS analyst team, provide safe filling and billing tips and relays relevant/current PBM trends to be help prevent audits
    • Search the Newsline Archive to get PAAS tips at the click of a button
    • Special Edition Newslines including: Top 10 articles of the prior year, DMEPOS Article Series and a Self-Audit Article Series
    • Ability to print monthly issues or individual articles
  • Proactive Tips
    • Audit flags – list of various claim attributes the PBMs use to select claims for audit
    • Billing insulin vials – flowchart to assist whether you should bill Medicare Part B vs Part D
    • DAW Codes Explained – use to understand when to effectively use DAW codes, their definitions and why claims may be flagged for audit if a DAW code is used incorrectly
    • Basic DMEPOS documentation guidance
    • Onsite Credentialing Checklist and expanded definitions of policies and procedures
    • Proof of refill request and affirmative response form for DMEPOS items
    • Steps on how to prepare for an onsite audit
    • And more!
  • Days’ Supply Charts
    • Utilize the days’ supply charts for inhalers, insulins, nasal sprays, eye drops and topicals to aid you in calculating the correct days’ supply
    • Guidance on overbilled quantities and incorrect days’ supply account for a sizable portion of audit chargebacks
    • Additional miscellaneous charts, which include: Dispense in Original Container and Return to Stock
  • Forms
    • Signature Logbook for print
    • Signature Trifold Mailer
    • Fax and Email Coversheet
    • Patient Attestation for over-the-counter COVID-19 test kits
  • On-Demand Webinars
    • Short webinars on hot topics in the PBM industry. Here are a few examples:
      • USP 800 Compliance
      • Cultural Competency Training
      • Dispensing Prescriptions Off-Label
      • Biologic Medications and Interchangeability
      • Continuous Glucose Monitor Requirements for Medicare Part B

PAAS Tips:

  • MORE AUDITS, MORE INSIGHT – PAAS National® is the industry-leading defender of community pharmacy dealings with Prescription Benefit Programs, including Caremark, Express Scripts, Humana, Medicaid, OptumRx, Prime Therapeutics., and more. PAAS assists on all third-party audits, including: desktop audits, onsite audits, invoice audits, OIG/Medicaid audits, Medicare B audits. The PAAS team is dedicated to helping you! We have five pharmacists and a complement of technician analysts with over 50 years of dedicated audit assistance experience. PAAS continuously updates their database with every audit received — in fact, we even keep a scorecard on individual auditors.
  • Get answers to your questions on days’ supply calculations, drug substitutions, billing practices, required documentation, prior authorization requirements, record retention, and internal audit procedures – just to name a few. As a trusted partner, we will provide tailored guidance to help you proactively prevent audits. Remember, the prescription claims you submit today are the audits of the future.
  • Keep your employees engaged and help lower audit risk by adding all employees to the portal and giving them permission to access these tools, resources and eNewsline. For more information review September 2019 Newsline article, What Are You Waiting For? Make Sure ALL of Your Employees are Added to the PAAS Portal!
  • Contact PAAS at (608) 873-1342, if you would like a tour of your PAAS Member Portal, so you can reap all the benefits of your PAAS Audit Assistance. We appreciate you being a member.

The Alarming Toll of HIPAA Breaches: Over 41 Million Individuals Affected in 2022

Each year, the Health and Human Services Office for Civil Rights (OCR) composes detailed reports on HIPAA compliance and breaches of unsecured Protected Health Information (PHI) and delivers them to Congress. The latest report is that of events from the 2022 calendar year. These reports can teach us about weaknesses in the HIPAA policies and procedures of other entities, the most common types of threats from malicious actors, and help educate staff on identifying vulnerabilities in the pharmacy’s safeguards during their next Risk Analysis.

Here are a few of the key takeaways from the 2022 Annual Report to Congress on HIPAA Privacy, Security, and Breach Notification Rule Compliance:

  • There was a 17% increase in the number of HIPAA complaints received from 2018 to 2022
  • There was a 107% increase in the number of large breaches reported from 2018 to 2022
  • OCR was able to resolve 87% of the complaints before initiating an investigation; pre-investigation closures could have resulted because:
    • The complaint was against an entity not covered by the HIPAA Rules
    • Allegations were about conduct that did not violate the HIPAA Rules
    • Complaints were untimely because they were not filed within 180 days of when the individual submitting the complaint knew or should have known about the act or omission that was the subject of their complaint
  • OCR completed 846 compliance reviews, of which 80% of the entities had to take corrective action or pay a civil money penalty
    • OCR may open a compliance review investigation “based on an event or incident brought to OCR’s attention, such as through the media, referrals from other agencies, or based upon patterns identified through multiple complaints alleging the same or similar violations against the same entity
    • OCR initiated 676 compliance reviews that did not arise from complaints but were instead initiated by OCR after a breach report was filed. Of that 626 of these stemmed from breach reports affecting 500 or more individuals, 2 were from breach reports affecting less than 500 individuals, and 48 were brought to OCR’s attention by other means

The 2022 Annual Report to Congress on Breaches of Unsecured Protected Health Information had several key takeaways as well:

  • OCR received 626 notifications of breaches affecting 500 or more individuals
    • The total number of individuals affected by those breaches was approximately 41.7 million
    • 68% of these breaches were from health care providers, 19% from business associates, 13% from health plans, and <1% from health care clearinghouses
    • 74% of these breaches were reportedly due to hacking/IT incident of electronic equipment or a network service, 19% from unauthorized access or disclosure of records, 4% theft, <1% from a loss of electronic media or paper records containing PHI, and <1% was from improper disposal
    • The PHI was most commonly from network servers (58%), but also from email (22%), paper records (6%), electronic medical records (6%), desktop computer (4%), other portable electronic devices (3%), laptop computer (2%), and other (<1%)
  • The largest breach in 2022 was an incident where hackers utilized ransomware to compromise the servers of a healthcare provider with PHI on them, which affected over 3.3 million individuals
  • Other hacking/IT incidents included the use of malware, phishing, and the posting of PHI to public websites
  • Remedial actions often included:
    • Implementing multi-factor authentication for remote access
    • Revising policies and procedures
    • Training/retraining staff that handle PHI
    • Adopting encryption technologies
    • Imposing sanctions on workforce members who violated policies and procedures regarding the proper handling of PHI
    • Performing a new risk analysis

According to OCR, “There is a continued need for regulated entities to improve compliance with HIPAA Rules. In particular, the Security Rule standards and implementation of specifications of risk analysis, risk management, information system activity review, audit controls, response and reporting, and person or entity authentication were areas identified as needing improvement in 2022 OCR breach investigations.”

If you are not sure where to start, contact PAAS National® (608) 873-1342 for more information on PAAS’ FWA/HIPAA Compliance Program that is easy to set-up, web-based and customized for your pharmacy.

On-demand webinar: Cybersecurity Considerations for Pharmacies

On May 8, 2024 PAAS National® hosted “Cybersecurity Considerations for Pharmacies” webinar.

In a world where threats lurk around every digital corner, safeguarding sensitive information has never been more crucial. Recent events, such as the Change Healthcare cyberattack, serve as stark reminders of the pressing need for robust cybersecurity measures. In pharmacies, where compliance with regulations like HIPAA are of great importance, the stakes are higher than ever.

President of PAAS National®, Trent Thiede, discussed:

  • The importance of cybersecurity in pharmacy
  • The top threats facing healthcare cybersecurity
  • Components, and importance, of a HIPAA Security Risk Analysis

Access the recorded webinar

  • PAAS Audit Assistance members have access to the recorded webinar, in addition to many other tools and resources on the PAAS Member Portal.
  • PAAS FWA/HIPAA Compliance members also have access to this webinar under Resources upon logging into the Portal.

Distribution Required: Medicare Prescription Drug Coverage and Your Rights (CMS-10147)

When a pharmacy receives a rejection for a claim not being covered by Medicare Part D, the pharmacy must provide the patient with the CMS-10147 form, also known as the Medicare Prescription Drug Coverage and Your Rights. All pharmacies, including mail order, specialty, and LTC, must arrange for this form to be distributed to the patient. The notice instructs enrollees about their right to contact their Part D plan to request a coverage determination, including an exception.

While documentation is not required when distributing the CMS-10147, your pharmacy should have a policy and procedure in place addressing how and when the form is being distributed to patients. PBM field auditors may ask you questions about your process and will possibly want to see a copy of your form to ensure you have the most up-to-date version.

PAAS Tips:

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!

Did you know there is much more to your audit assistance membership than just help with audits? The PAAS Member Portal contains a wealth of information and resources to assist you with audits and member service questions. Below is a list of 6 pages found on the Audit Assistance section of the PAAS Member Portal to assist you and your pharmacy staff to be proactive when it comes to audits.

  • Access Services
    • Audit Documentation Submission Guidance
    • An online form to submit safe filling and billing questions
    • Your PAAS Membership Manual
  • Newsline
    • Monthly newsletter articles, written by our expert PAAS analyst team, provide safe filling and billing tips and relays relevant/current PBM trends to be help prevent audits
    • Search the Newsline Archive to get PAAS tips at the click of a button
    • Special Edition Newslines including: Top 10 articles of the prior year, DMEPOS Article Series and a Self-Audit Article Series
    • Ability to print monthly issues or individual articles
  • Proactive Tips
    • Audit flags – list of various claim attributes the PBMs use to select claims for audit
    • Billing insulin vials – flowchart to assist whether you should bill Medicare Part B vs Part D
    • DAW Codes Explained – use to understand when to effectively use DAW codes, their definitions and why claims may be flagged for audit if a DAW code is used incorrectly
    • Basic DMEPOS documentation guidance
    • Onsite Credentialing Checklist and expanded definitions of policies and procedures
    • Proof of refill request and affirmative response form for DMEPOS items
    • Steps on how to prepare for an onsite audit
    • And more!
  • Days’ Supply Charts
    • Utilize the days’ supply charts for inhalers, insulins, nasal sprays, eye drops and topicals to aid you in calculating the correct days’ supply
    • Guidance on overbilled quantities and incorrect days’ supply account for a sizable portion of audit chargebacks
    • Additional miscellaneous charts, which include: Dispense in Original Container and Return to Stock
  • Forms
    • Signature Logbook for print
    • Signature Trifold Mailer
    • Fax and Email Coversheet
    • Patient Attestation for over-the-counter COVID-19 test kits
  • On-Demand Webinars
    • Short webinars on hot topics in the PBM industry. Here are a few examples:
      • USP 800 Compliance
      • Cultural Competency Training
      • Dispensing Prescriptions Off-Label
      • Biologic Medications and Interchangeability
      • Continuous Glucose Monitor Requirements for Medicare Part B

PAAS Tips:

  • MORE AUDITS, MORE INSIGHT – PAAS National® is the industry-leading defender of community pharmacy dealings with Prescription Benefit Programs, including Caremark, Express Scripts, Humana, Medicaid, OptumRx, Prime Therapeutics., and more. PAAS assists on all third-party audits, including: desktop audits, onsite audits, invoice audits, OIG/Medicaid audits, Medicare B audits. The PAAS team is dedicated to helping you! We have five pharmacists and a complement of technician analysts with over 50 years of dedicated audit assistance experience. PAAS continuously updates their database with every audit received — in fact, we even keep a scorecard on individual auditors.
  • Get answers to your questions on days’ supply calculations, drug substitutions, billing practices, required documentation, prior authorization requirements, record retention, and internal audit procedures – just to name a few. As a trusted partner, we will provide tailored guidance to help you proactively prevent audits. Remember, the prescription claims you submit today are the audits of the future.
  • Keep your employees engaged and help lower audit risk by adding all employees to the portal and giving them permission to access these tools, resources and eNewsline. For more information review September 2019 Newsline article, What Are You Waiting For? Make Sure ALL of Your Employees are Added to the PAAS Portal!
  • Contact PAAS at (608) 873-1342, if you would like a tour of your PAAS Member Portal, so you can reap all the benefits of your PAAS Audit Assistance. We appreciate you being a member.

Introducing PAAS Cybersecurity Training

In a world where threats lurk around every digital corner, safeguarding sensitive information has never been more crucial. Recent events, such as the Change Healthcare cyberattack, serve as stark reminders of the pressing need for robust cybersecurity measures. In pharmacies, where compliance with regulations like HIPAA are of great importance, the stakes are higher than ever.

PAAS National® is excited to announce the launching of a new training series to FWA/HIPAA Compliance Program members: PAAS Cybersecurity Training. This comprehensive training series, provided at no extra cost, represents a proactive step towards mitigating risks and fostering a culture of security awareness among pharmacy staff.

Comprising of five modules, each tailored to address specific cybersecurity challenges, PAAS’ training empowers employees with knowledge and best practices to hinder potential threats related to:

  1. Network Connected Medical Device Security
  2. Insider Data Loss
  3. Loss or Theft of Equipment and Data
  4. Ransomware
  5. Social Engineering

PAAS’ unique approach to training ensures its content resonates with all pharmacy staff. PAAS’ Cybersecurity Training will have the same look and feel that FWA/HIPAA compliance members are familiar with.

It’s important to recognize that cybersecurity is not a one-size-fits-all endeavor. The dynamic nature of threats necessitates continual adaptation and vigilance, tailored to the unique circumstances of each organization. While our training equips participants with essential knowledge, it does not provide foolproof safeguards.

We encourage FWA/HIPAA Compliance members to complement this training by reviewing their HIPAA Security Risk Analysis regularly, ensuring it remains current and aligned with evolving natural, human and environmental threats.

Are You Prepared for a Spravato® Audit?

Spravato® is a Schedule III controlled substance delivered via intranasal spray, used in conjunction with an oral antidepressant, to address treatment-resistant depression in adults. It is a part of the Risk Evaluation and Mitigation Strategies (REMS) Program, necessitating, dispensing and administration exclusively in a REMS-certified healthcare setting. The FDA mandates specific requirements to mitigate the risks of serious adverse effects stemming from sedation, dissociation, and the potential for abuse and misuse.

Prescribed for weekly or bi-weekly use, a single Spravato® claim can cost you thousands of dollars. PAAS National® has seen audits with full claim recoupments being requested as a result of missing dosage and frequency instructions, as well as incomplete dispensing records. To minimize the risk of a Spravato® claim being recouped during an audit, consider the following PAAS tips:

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!

Did you know there is much more to your audit assistance membership than just help with audits? The PAAS Member Portal contains a wealth of information and resources to assist you with audits and member service questions. Below is a list of 6 pages found on the Audit Assistance section of the PAAS Member Portal to assist you and your pharmacy staff to be proactive when it comes to audits.

  • Access Services
    • Audit Documentation Submission Guidance
    • An online form to submit safe filling and billing questions
    • Your PAAS Membership Manual
  • Newsline
    • Monthly newsletter articles, written by our expert PAAS analyst team, provide safe filling and billing tips and relays relevant/current PBM trends to be help prevent audits
    • Search the Newsline Archive to get PAAS tips at the click of a button
    • Special Edition Newslines including: Top 10 articles of the prior year, DMEPOS Article Series and a Self-Audit Article Series
    • Ability to print monthly issues or individual articles
  • Proactive Tips
    • Audit flags – list of various claim attributes the PBMs use to select claims for audit
    • Billing insulin vials – flowchart to assist whether you should bill Medicare Part B vs Part D
    • DAW Codes Explained – use to understand when to effectively use DAW codes, their definitions and why claims may be flagged for audit if a DAW code is used incorrectly
    • Basic DMEPOS documentation guidance
    • Onsite Credentialing Checklist and expanded definitions of policies and procedures
    • Proof of refill request and affirmative response form for DMEPOS items
    • Steps on how to prepare for an onsite audit
    • And more!
  • Days’ Supply Charts
    • Utilize the days’ supply charts for inhalers, insulins, nasal sprays, eye drops and topicals to aid you in calculating the correct days’ supply
    • Guidance on overbilled quantities and incorrect days’ supply account for a sizable portion of audit chargebacks
    • Additional miscellaneous charts, which include: Dispense in Original Container and Return to Stock
  • Forms
    • Signature Logbook for print
    • Signature Trifold Mailer
    • Fax and Email Coversheet
    • Patient Attestation for over-the-counter COVID-19 test kits
  • On-Demand Webinars
    • Short webinars on hot topics in the PBM industry. Here are a few examples:
      • USP 800 Compliance
      • Cultural Competency Training
      • Dispensing Prescriptions Off-Label
      • Biologic Medications and Interchangeability
      • Continuous Glucose Monitor Requirements for Medicare Part B

PAAS Tips:

  • MORE AUDITS, MORE INSIGHT – PAAS National® is the industry-leading defender of community pharmacy dealings with Prescription Benefit Programs, including Caremark, Express Scripts, Humana, Medicaid, OptumRx, Prime Therapeutics., and more. PAAS assists on all third-party audits, including: desktop audits, onsite audits, invoice audits, OIG/Medicaid audits, Medicare B audits. The PAAS team is dedicated to helping you! We have five pharmacists and a complement of technician analysts with over 50 years of dedicated audit assistance experience. PAAS continuously updates their database with every audit received — in fact, we even keep a scorecard on individual auditors.
  • Get answers to your questions on days’ supply calculations, drug substitutions, billing practices, required documentation, prior authorization requirements, record retention, and internal audit procedures – just to name a few. As a trusted partner, we will provide tailored guidance to help you proactively prevent audits. Remember, the prescription claims you submit today are the audits of the future.
  • Keep your employees engaged and help lower audit risk by adding all employees to the portal and giving them permission to access these tools, resources and eNewsline. For more information review September 2019 Newsline article, What Are You Waiting For? Make Sure ALL of Your Employees are Added to the PAAS Portal!
  • Contact PAAS at (608) 873-1342, if you would like a tour of your PAAS Member Portal, so you can reap all the benefits of your PAAS Audit Assistance. We appreciate you being a member.

Why Do You Need a HIPAA Risk Analysis? Ask Change Healthcare…

If you have not been affected by the Change Healthcare cyberattack, you have no doubt heard about the sinister actions of the ALPHV Blackcat ransomware gang and the resulting chaos from their February data breach they caused. At the time of this article, the details of the Change Healthcare attack are still widely unknown to the public but two things are certain… (1) the attack should serve as a cautionary tale to all entities handling electronic protected health information (ePHI) and (2) it is a perfect reminder that a HIPAA Risk Analysis is a critical component to the security of your sensitive data.

A Risk Analysis is an accurate and thorough assessment of the potential threats, vulnerabilities and the associated risks to the confidentiality, integrity and availability of ePHI. According to the Guidance on Risk Analysis webpage from the U.S. Department of Health and Human Services (HHS), “All e-PHI created, received, maintained or transmitted by an organization is subject to the Security Rule. The Security Rule requires entities to evaluate risks and vulnerabilities in their environments and to implement reasonable and appropriate security measures to protect against reasonably anticipated threats or hazards to the security or integrity of e-PHI. Risk analysis is the first step in that process.”

The Office for Civil Rights (OCR) is responsible for enforcing federal HIPAA Rules and investigating complaints and violations. In many prior OCR investigations, pharmacies and other healthcare entities settling potential HIPAA violations are often cited with failure to perform an accurate and thorough risk analysis. Since HHS considers a risk analysis to be “the first step” in complying with the HIPAA Security Rule, OCR anticipates that a failure to complete the risk analysis will undoubtedly lead to other insufficiencies and a probable hefty monetary settlement.

As stated in the March 5, 2024 press release from HHS regarding the Change Healthcare cyberattack, “This incident is a reminder of the interconnectedness of the domestic health care ecosystem and of the urgency of strengthening cybersecurity resiliency across the ecosystem.” Take steps now to evaluate and strengthen the security and integrity of your ePHI!

PAAS Tips:

Become an audit assistance member today to continue reading this article. As a member, you’ll have access to hundreds of articles and receive our monthly proactive newsletter!

Join today!

Did you know there is much more to your audit assistance membership than just help with audits? The PAAS Member Portal contains a wealth of information and resources to assist you with audits and member service questions. Below is a list of 6 pages found on the Audit Assistance section of the PAAS Member Portal to assist you and your pharmacy staff to be proactive when it comes to audits.

  • Access Services
    • Audit Documentation Submission Guidance
    • An online form to submit safe filling and billing questions
    • Your PAAS Membership Manual
  • Newsline
    • Monthly newsletter articles, written by our expert PAAS analyst team, provide safe filling and billing tips and relays relevant/current PBM trends to be help prevent audits
    • Search the Newsline Archive to get PAAS tips at the click of a button
    • Special Edition Newslines including: Top 10 articles of the prior year, DMEPOS Article Series and a Self-Audit Article Series
    • Ability to print monthly issues or individual articles
  • Proactive Tips
    • Audit flags – list of various claim attributes the PBMs use to select claims for audit
    • Billing insulin vials – flowchart to assist whether you should bill Medicare Part B vs Part D
    • DAW Codes Explained – use to understand when to effectively use DAW codes, their definitions and why claims may be flagged for audit if a DAW code is used incorrectly
    • Basic DMEPOS documentation guidance
    • Onsite Credentialing Checklist and expanded definitions of policies and procedures
    • Proof of refill request and affirmative response form for DMEPOS items
    • Steps on how to prepare for an onsite audit
    • And more!
  • Days’ Supply Charts
    • Utilize the days’ supply charts for inhalers, insulins, nasal sprays, eye drops and topicals to aid you in calculating the correct days’ supply
    • Guidance on overbilled quantities and incorrect days’ supply account for a sizable portion of audit chargebacks
    • Additional miscellaneous charts, which include: Dispense in Original Container and Return to Stock
  • Forms
    • Signature Logbook for print
    • Signature Trifold Mailer
    • Fax and Email Coversheet
    • Patient Attestation for over-the-counter COVID-19 test kits
  • On-Demand Webinars
    • Short webinars on hot topics in the PBM industry. Here are a few examples:
      • USP 800 Compliance
      • Cultural Competency Training
      • Dispensing Prescriptions Off-Label
      • Biologic Medications and Interchangeability
      • Continuous Glucose Monitor Requirements for Medicare Part B

PAAS Tips:

  • MORE AUDITS, MORE INSIGHT – PAAS National® is the industry-leading defender of community pharmacy dealings with Prescription Benefit Programs, including Caremark, Express Scripts, Humana, Medicaid, OptumRx, Prime Therapeutics., and more. PAAS assists on all third-party audits, including: desktop audits, onsite audits, invoice audits, OIG/Medicaid audits, Medicare B audits. The PAAS team is dedicated to helping you! We have five pharmacists and a complement of technician analysts with over 50 years of dedicated audit assistance experience. PAAS continuously updates their database with every audit received — in fact, we even keep a scorecard on individual auditors.
  • Get answers to your questions on days’ supply calculations, drug substitutions, billing practices, required documentation, prior authorization requirements, record retention, and internal audit procedures – just to name a few. As a trusted partner, we will provide tailored guidance to help you proactively prevent audits. Remember, the prescription claims you submit today are the audits of the future.
  • Keep your employees engaged and help lower audit risk by adding all employees to the portal and giving them permission to access these tools, resources and eNewsline. For more information review September 2019 Newsline article, What Are You Waiting For? Make Sure ALL of Your Employees are Added to the PAAS Portal!
  • Contact PAAS at (608) 873-1342, if you would like a tour of your PAAS Member Portal, so you can reap all the benefits of your PAAS Audit Assistance. We appreciate you being a member.

LIVE Webinar: Cybersecurity Considerations for Pharmacies

In a world where threats lurk around every digital corner, safeguarding sensitive information has never been more crucial. Recent events, such as the Change Healthcare cyberattack, serve as stark reminders of the pressing need for robust cybersecurity measures. In pharmacies, where compliance with regulations like HIPAA are of great importance, the stakes are higher than ever.

Join President of PAAS National®, Trent Thiede, on Wednesday, May 8, 2024 from 2:00-2:45 pm CT as he discusses:

  • The importance of cybersecurity in pharmacy
  • The top threats facing healthcare cybersecurity
  • Components, and importance, of a HIPAA Security Risk Analysis
REGISTER TODAY!

We will allow for some Q&A at the end of the webinar. If you would like to submit questions prior to the webinar, please click here.

PAAS Audit Assistance and FWA/HIPAA Compliance Program members will have access to the webinar recording following the LIVE event. 

2023 Health and Human Services Language Access Plan Released: New Plan, Same Goal

Equal access to health care is far from a new topic, dating back to Title VI of the Civil Rights Act of 1964. In recent years, there has been a noticeable increase in enforcement. In November 2021, Rite Aid Corporation reached a settlement with the U.S. Attorney’s Office due to the company’s COVID-19 registration portal not being compatible with screen reader software used by some patients with disabilities and the inability to utilize the tab key when filling out the consent form for those who have issues using a mouse. Furthermore, in the July 2023 Newsline article HHS Reports Successes in Access to Meaningful Language Assistance Services, the Office for Civil Rights (OCR) relaunched the Language Access Steering Committee in October of 2022. The committee was tasked with implementing goals from the 2022 HHS Equity Plan, in part aiming to ease access to federal programs by providing language tools in an individual’s preferred language. In addition, the position of HHS Language Access Coordinator was created. They were tasked in part with updating and revising HHS’ 2013 Language Access Plan. In a November 2023 press release, HHS announced the Language Access Steering Committee issued the which prioritizes inclusivity of communication within services to the public and is applicable across every HHS agency, including the Centers for Medicare and Medicaid Services (CMS), Food and Drug Administration (FDA), and Office for Civil Rights (OCR).

The following are components of the 2023 Language Access Plan that is pertinent to the practice of pharmacy:

  • Each HHS agency will have an annual budget assessment that will be used to develop a budget request to enhance the agency’s ability to assist the LEP patient population
  • “Each HHS agency shall ensure access to timely, quality language assistance services (LAS) for individuals with limited English proficiency”
  • There is an increased focus on HHS agencies taking steps to ensure appropriate language assistance services, including face-to-face, virtual, or telephonic encounters, are being provided free of charge
  • There is a push to decrease the amount of family, community members, and/or children from being recruited as a translator in medical situations as research has shown negative health consequences. In its place, “qualified interpreters” who are able to interpret medical terms and adhere to patient ethics and confidentiality requirements
  • HHS agencies are to continually collect and share metrics including but not limited to identifying the primary channels of contact with LEP community members and “maintaining an inventory of who attended language access training”
  • “HHS agencies must take reasonable steps to ensure meaningful access to their programs…by persons with LEP, including notifying persons with LEP who are current or potential customers about the availability of language assistance at no cost”
  • The Language Access Plan acknowledges “health care and human services partners can provide agencies with qualitative and first-hand data on the needs of their current and potential individuals with LEP”

As we witness federal agencies increasing the effort put forth in battling health inequity, pharmacies will prove to be a key component in making a difference in the fight. Training staff to help provide equitable access to care, and potentially grow your business, is the first step. Inquire about PAAS’ Cultural Competency Training and Linguistically Appropriate Services and the PAAS Care ModelTM today!