Joyce Freville

Compliance and HIPPA Consultant, Compliance Matters LLC

Dr. Freville is an independent consultant who advises healthcare clients regarding many regulatory issues including but not limited to compliance and HIPAA/HITECH program effectiveness.

She establishes compliance department operations to include planning, designing, and implementing system-wide Corporate Compliance and HIPAA/HITECH Programs. She writes Codes of Ethical Conduct and compliance policies and procedures for providers.

In a previous position, Dr. Freville assisted with the design and management of a company-wide infrastructure to support a Corporate Integrity Agreement (CIA) with the U.S. Department of Health and Human Services with clinical and financial components.

In addition, she was a Senior Medicare Auditor and has over 14 years experience as Directors of Finance, Accounting, and Reimbursement in home health, hospital, pharmacy, and long-term care. In addition, she was a healthcare Compliance Officer for 13 years. Dr. Freville retired from the U.S. Army Reserve as a Command Sergeant Major.

Dr. Freville earned a doctorate in Human Services with a specialization in Health Care Administration from Capella University. In addition, she earned a Master of Business Administration from Webster University, a Bachelor of Science in Accounting from Arizona State University, and is certified in Health Care Compliance (CHC) and Health Privacy Compliance (CHPC). Additionally, she is a member of the Health Care Compliance Association, Louisville Armed Forces Committee and Federal Bureau of Investigation Citizen Academy Alumni.

HIPAA Risk Analysis: The HIPAA Standard, HIPAA Security Rule

The HIPAA Security Rule establishes national standards to protect individuals electronic personal health information that is created, received, used, or maintained by a covered entity. The Security Rule requires appropriate administrative, physical and technical safeguards to ensure the confidentiality, integrity, and security of electronic protected health information.

Be Prepared for a HIPAA Security Audit

Office of Civil Rights will conduct security audits on covered entities and business associates. Covered entities and business associates should proactively develop a work plan to review their operations in light of the specifications identified in the protocol. The detailed audit guidance can serve as a roadmap for compliance. Covered entities and business associates may assess current practices for each established performance criterion using OCR's audit procedures in order to understand their current state of compliance. Such efforts may help reduce the risks of adverse findings in an actual audit, and reduce the likelihood of a breach or some other form of HIPAA violation.

The SNF 'Perfect Storm'…A Convergence of Quality, Compliance and Risk Management

The U.S. Department of Health and Human Services' (HHS) and the Office of Inspector General (OIG) believe that an effective compliance program can significantly reduce fraud, waste and abuse. In addition, prosecutors may not pursue a criminal action against organizations that have an effective compliance program. Consequently, implementing an effective compliance program could minimize the consequences resulting from a violation of the law. Generally, the OIG will look to the effectiveness of the compliance program as a factor when determining the level of sanctions, penalties, and/or exclusions to be imposed on the provider.

What You Don't Know Can Hurt You: Understanding Medicare and Medicaid Overpayments

The Affordable Care Act requires that Medicare and Medicaid "overpayments" be reported and returned by the later of 60 days after the overpayment was "identified" or the date any corresponding cost report is due (if applicable). This standard is intended to encourage providers and suppliers to exercise reasonable diligence to determine whether an overpayment exists. Failure to identify and return overpayments could result in liabilities. There are several sources of liability.