EDITOR’S NOTE: This is a fictional story that could become much too real.
In the bustling corridors of General Hospital USA, the heart of the administrative operations pulsed with urgency. The hospital’s CFO, Jennifer Morgan, was wrapping up a conference call when a soft knock on her door interrupted her train of thought.
“Come in,” Jennifer called out, her voice steady and authoritative.
The door opened to reveal the hospital’s Compliance Officer, Mark Davis. His usually calm demeanor was clouded with concern, a sight that made Jennifer’s own sense of unease grow.
“Mark, good to see you. What’s on your mind?” she asked, gesturing for him to take a seat.
“Jennifer, we have a serious issue that needs immediate attention,” Mark began, his tone grave. “It’s about our accounting system. I’ve discovered some invoices attached to it that contain patient information. This is a clear HIPAA violation.”
Jennifer’s face paled slightly as she absorbed the news. “How did this happen?” she asked, leaning forward, her eyes locked onto Mark’s.
Mark sighed, running a hand through his graying hair. “It seems that some of the invoices were uploaded by mistake. These invoices include patient names, treatment details, and other protected health information. Our accounting system isn’t HIPAA compliant, which means we’re in breach of the regulations.”
Jennifer took a deep breath, trying to process the implications. “How many invoices are we talking about?”
“From what I’ve seen so far, it’s about a hundred,” Mark replied. “But we need to conduct a thorough audit to identify the full scope of the issue.”
Jennifer nodded, her mind racing. “We need to act fast. The first step is to remove those invoices from the system immediately. Can you coordinate with IT to get that done?”
“Already on it,” Mark said, a hint of relief in his voice. “But we also need to inform the affected patients and report this breach to the Department of Health and Human Services. It’s crucial that we handle this by the book to mitigate any potential penalties.”
“Agreed,” Jennifer said, her tone resolute. “Let’s also ensure we have a team to review our current procedures and prevent this from happening again. We’ll need to provide additional training to our staff on handling patient information.”
Mark nodded. “I’ll get started on the breach notification and coordinate with our legal team to draft the communications for the affected patients. We need to be transparent about this mistake and reassure them that we’re taking all necessary steps to protect their information.”
While this is just a work of fiction, I want to demonstrate how easily hospitals and other healthcare providers can get caught in HIPAA violations when you assume that all of the systems in the organizations are HIPAA compliant. Now is always a good time to talk to your compliance officer about which hospital systems are HIPAA compliant. Even if certain software is compliant, you also need to make sure your organization has a “Business Associates” agreement with the vendor.
There is a lot of talk lately about the need to follow orders given by a member of law enforcement. I would like to explore
UnitedHealthcare (UHC) Medicare Advantage will begin reinforcing denialsbased on its interpretation of the International Classification of Disease, 10 thEdition, Clinical Modification (ICD-10-CM) Excludes 1.(https://www.uhcprovider.com/content/dam/provider/docs/public/policies/medadv-reimbursement/rpub/UHC-MEDADV-RPUB-JAN-2026.pdf) As
Please log in to your account to comment on this article.
Uncover essential coding insights with nationally recognized coding authority Kay Piper, RHIA, CDIP, CCS. Through ICD10monitor’s interactive, on‑demand webcast series, Kay walks you through the AHA’s 2026 ICD‑10‑CM/PCS Quarterly Coding Clinics, translating each update into practical, easy‑to‑apply guidance designed to sharpen precision, ensure compliance, and strengthen day‑to‑day decision‑making. Available shortly after each official release.
Uncover critical guidance on the ICD-10-CM/PCS code updates. Kay Piper reviews and explains ICD-10-CM/PCS coding guidelines in the AHA’s fourth quarter 2026 ICD-10-CM/PCS Coding Clinic in an easy to access on-demand webcast.
Uncover critical guidance on the ICD-10-CM/PCS code updates. Kay Piper reviews and explains ICD-10-CM/PCS coding guidelines in the AHA’s third quarter 2026 ICD-10-CM/PCS Coding Clinic in an easy to access on-demand webcast.
Uncover critical guidance on the ICD-10-CM/PCS code updates. Kay Piper reviews and explains ICD-10-CM/PCS coding guidelines in the AHA’s second quarter 2026 ICD-10-CM/PCS Coding Clinic in an easy to access on-demand webcast.
Federal auditors are intensifying their focus on inpatient psychiatric facilities, using advanced data analytics to spotlight outliers and pursue high‑dollar repayments. In this high‑impact webcast, Michael Calahan, PA, MBA, Compliance Officer and V.P., Hospital & Physician Compliance, breaks down what regulators are really targeting in IPF-PPS admissions, documentation, treatment and discharge planning. Attendees will learn practical steps to tighten processes, avoid common audit triggers and protect reimbursement and reduce the risk of multimillion-dollar repayment demands.
In this timely session, Stacey Shillito, CDIP, CPMA, CCS, CCS-P, CPEDC, COPC, breaks down the complexities of Medical Decision Making (MDM) documentation so providers can confidently capture the true complexity of their care. Attendees will learn practical, efficient strategies to ensure documentation aligns with current E/M guidelines, supports accurate coding, and reduces audit risk, all without adding to charting time.
Join Ronald Hirsch, MD, FACP, CHCQM for The PEPPER Returns – Risk and Opportunity at Your Fingertips, a practical webcast that demystifies the PEPPER and shows you how to turn complex claims data into actionable insights. Dr. Hirsch will explain how to interpret key measures, identify compliance risks, uncover missed revenue opportunities, and understand new updates in the PEPPER, all to help your organization stay ahead of audits and use this powerful data proactively.
Stay ahead of the 2026-2027 audit surge with “Top 10 Audit Targets for 2026-2027 for Hospitals & Physicians: Protect Your Revenue,” a high-impact webcast led by Michael Calahan, PA, MBA. This concise session gives hospitals and physicians clear insight into the most likely federal audit targets, such as E/M services, split/shared and critical care, observation and admissions, device credits, and Two-Midnight Rule changes, and shows how to tighten documentation, coding, and internal processes to reduce denials, recoupments, and penalties. Attendees walk away with practical best practices to protect revenue, strengthen compliance, and better prepare their teams for inevitable audits.
Happy National Doctor’s Day! Learn how to get a complimentary webcast on ‘Decoding Social Admissions’ as a token of our heartfelt appreciation! Click here to learn more →
BLOOM INTO SAVINGS! Get 25% OFF during our spring sale through March 27. Use code SPRING26 at checkout to claim this offer.
CYBER WEEK IS HERE! Don’t miss your chance to get 20% off now until Dec. 1 with code CYBER25
CYBER WEEK IS HERE! Don’t miss your chance to get 20% off now until Dec. 2 with code CYBER24
