Dec 16, 2011

2012 Fire Safety Plan Review

As 2011 comes to a close and we begin a new year, it’s a great time to prepare for 2012 by reviewing some basic safety practices.

The following fire safety steps are designed to help keep you, your staff, and your patients’ safe in the event of a fire. Every staff member should be trained on your fire safety plan at least annually. Need assistance training your staff on a fire safety plan? The steps below are customizable and presented in the Compliance PhD Online OSHA Training. Visit for details.  

Step 1: Establish a code word for FIRE

In the event of a fire, most people want to shout the word “FIRE” as their code word. This is not recommended. During an emergency, such as a fire, it is important to keep everyone as calm as possible. Shouting the word FIRE may send members of your staff or even your patients into frenzy. Try using something like “CODE RED.”

Step 2: Identify Location of Fire Extinguishers

Employees must be aware of the location of all fire extinguishers on each floor. Many local fire departments will test extinguishers for you, and identify fire hazards in your office. If you expect an employee to use the fire extinguishers, OSHA requires that you train your employee on how to use it.  The PASS system is the most common method.

Step 3:  Post your escape routes

OSHA requires you to have at least 2 escape routes posted on each level. If you don’t have 2 posted on every floor, click HERE to download a form. This form will allow you to customize your routes. Post these routes immediately!

Step 4: Establish a final gathering place

A final gathering place will allow you to take note of individuals who may still need assistance. Having a count will allow Fire Fighters to more quickly assist persons still in your building.  An example could be “the parking lot across the street.”

Note: a fully customizable Fire Safety Plan is available through Compliance PhD Online OSHA training. Visit or call 720-475-0134 with any questions. 

Nov 28, 2011

Reporting a HIPAA Violation is Easy. Are you Prepared?

Did you know that anyone can file a complaint against your practice? It’s true. Current and former employees, as well as current and former patients have the right to file a HIPAA Compliant against you as long as they comply with the following 3 easy requirements.

1. Submit their written complaint by mail, email, or fax;

2. Include the name of your practice and the violations they believe you committed;

3. File their complaint within 180 days of when they believe your practice violations occurred. (The Office for Civil Rights OCR may extend the individual an additional 180 days if they can demonstrate “good cause.”)

It’s really that easy. As a reminder, HIPAA Security & HIPAA Privacy Training is required at least annually. This annual training is mandatory for ALL Staff, and not just new hires. If you have not completed training in awhile, your office may be primed for a violation, and a complaint may not be far behind.

If you are unsure when your staff last completed HIPAA Training, or don’t know how to begin training your staff. Visit to find out how we can help protect your practice by training your staff in current HIPAA regulations.

HIPAA protects employees and patients from retaliation and retribution by Covered Entities accused of violating HIPAA Law. If you believe a HIPAA Violation has occurred, you can submit a complaint to your OCR Regional Office. Click HERE to view a list of Regional Offices.

Nov 7, 2011

The Do's and Don'ts of Leaving a Phone Message

When leaving a message on an Answering Machine or with a 3rd Party...

1. Mention Lab Results
2. Mention Treatment
3. Mention Medication
4. Mention Health Information

1. Leave the name of the practice
2. Leave a phone number of the practice
3. Request the patient return the call
4. Remind patient of next appointment time

Click the link below for a copy of these reminders that can be posted next to every phone.

Do's and Don'ts of Leaving a Phone Message

Oct 18, 2011

How do I know when I am Compliant?

My first experience working in Healthcare was in college while I was studying Spanish. As part of a capstone course, I volunteered at a local Hospital translating for Spanish speaking patients.  It wasn’t an easy job for me, as the sight of blood and needles makes my stomach queasy.  The experience did however; start me down the path of a career in healthcare. Working in compliance has been a much better fit for me... and my stomach.

For the better part of my career, I’ve been working almost exclusively in healthcare compliance and government regulations. Working in the private sector, I’ve taken thousands of calls from healthcare professionals with different compliance related questions. The calls come from every state and from nearly every specialty. Some of my favorites questions include: “Do we need to burn used needles in the back parking lot?” “Can HIPAA give a fine to my employee for smoking?” “Is it OK for me to draw my own blood?” Some of the questions were shocking and others just made me laugh, however, the most common question I receive is:
 How do I know when I am compliant? “ I’ve learned that what providers and their staff are really asking is “How do I know when I‘ve done enough to avoid an audit or survive one it when it happens?”

Years of observation have taught me that a majority of those working in healthcare today view compliance as something to check off your list, or finish. If you view compliance this way, you’ve set your self up for frustration. This frustration usually leads to ignoring or disregarding compliance, then mistakes, followed by audits and fines. Ignoring compliance will cost you. Some providers disregard compliance thinking that because some training took place years ago they are still protected.  Even if you took a couple of minutes to train a new hire, DO NOT make the mistake of thinking past training equals protection today.

Three major events usually trigger an audit. They are: injuries, state specific crackdowns, and complaints.  Complaints are by far the audit-triggering leader, with the majority of complaints coming from your own employees. Training must remain current, and occur at least every year, especially if you have high turnover.  A disgruntled employee is the best candidate to file a complaint against you.

            The reality is you’re never done when it comes to compliance, BUT you can reach a point where you can be confident you’ve done enough to avoid most audits and survive one if it came to your way. Those who pay no attention to compliance because they have never been audited are typically the ones who receive the largest fines. To feel confident, you must establish a “foundation for protection.”

Whenever I get a call about a very detailed or complex compliance issue, I first try to determine what kind of foundation is in place. I do this because if the foundation isn’t in place, you have bigger problems than getting the answer to a complex question.  This doesn’t mean you should ignore complex details that surround compliance- they can get you into trouble, but rather pay attention to them AFTER your foundation is in place. You wouldn’t install a stained glass window onto a home before the foundation was secure. Here are three steps to help you determine if you have a secure foundation.

1.      Have you established a current, written training program?
2.      Have you trained EVERYONE in your office at least every year?
3.      Have you documented training AND verified your staff understood it?

I’m not saying that if you do these you’ll never be audited. You can’t always control what your staff or patients do. I am saying that if you’ve set up a secure foundation using the steps above, you can feel confident that you’ll avoid most audits, AND if you’re unlucky enough to be audited you should do well.

 Having helped providers get through audits, and after interviewing several compliance auditors, I’ve learned a lot. I know what auditors look for and the common mistakes that will bring them to your practice. Some auditors have even given me the checklists that they take with them during an audit. If you want to see what the checklists looks like, email me and I’ll send you a copy

Finally, I’ve attended many national health information conventions and group compliance trainings. Most attendees usually leave with mounds of paper and no clue about what to do to protect their practice, or how to avoid audit-triggering mistakes. Perhaps you’ve attended a similar training and had this experience. Maybe you have tried to train your staff yourself and felt overwhelmed by the process. If you’re unsure about your foundation, or if you need help with some of the complex details of compliance, Compliance PhD can help. You don’t need to spend a lot of time or money to become compliant. Visit our website at

Thanks for reading and look for future blog posts where I will go into further detail about each of the steps to secure your foundation.

M. E. Ensign

Oct 6, 2011

Membership Benefits

  • One Membership Trains Entire Practice
  • Customizable Online Training
  • Access To Complete Training Library
  • Multi-location Compatible
  • Fulfill Annual Training Requirements
  • Self -Paced Training, Anytime, Anywhere
  • Quizzes & Certificates
  • Required Posters & Forms
  • Monthly Compliance Corner Newsletter
  • Automated Email Reminders
  • Self-Auditing Reports