Small dental practices, large ambulatory service centers, optometrists and basically any medical practice under the sun all have one thing in common: They have to be compliant to the Health Insurance Portability and Accountability Act.
Medical Consulting Group LLC is working to seize that opportunity.
The company operates several small businesses under the MCG name, offering development and management services to creative branding and marketing, for medical practices, ASCs and medical device manufacturers. In summer 2017, MCG launched a new division, MCG Compliancy.
Bill Rabourn started Medical Consulting Group 29 years ago, along with Wes Dunn. But in 1995, the two split the company in half, and Dunn went to work for the St. Louis company they sold a portion to, now known as TLC Vision.
Today, MCG is owned by Rabourn and the other managing principals, Stephen Sheppard and Rob McCarville.
Revenue in 2017 was about $6 million, with roughly half of sales from the management divisions, such as billing and ASC services. Sheppard says the remainder is from the creative team for marketing and branding work. With recent growth, the creative team is moving to another building across South Ingram Mill Road.
MCG Compliancy is the brainchild of Brock Fick, compliancy implementation specialist; Tripp Rabourn, a client development specialist; and Brenden Gallagher, director of information technology.
Sheppard says MCG started the compliancy division after years of helping manage medical practices and ASCs. MCG has developed 65 ASCs in 29 states and one in Canada.
“As we started to look into (compliancy), we realized just how complicated it really is,” he says. “Probably three or four years ago, the federal government kind of switched philosophically from educating health care organizations about how to comply with all these requirements to enforcement.”
MCG Compliancy partnered with Greenlawn, New York-based Compliancy Group, which educates and provides software to safely and securely store important medical information into one database. Called The Guard, the software not only provides security, but also trains employees of medical centers on how to be HIPAA compliant.
Tripp Rabourn says MCG Compliancy lifts clients’ burdens brought on by regulations.
“They don’t have to worry about accounting, business operations and stuff like that,” he says. “We found (compliancy) to be a good piece, because there’s a lot of complexity in understanding HIPAA and protecting yourself from fines that could really impact your business health.”
Citing stats from Compliancy Group, Fick says HIPAA fines in 2017 exceeded $19 million across the medical field in the United States, and there’s been almost a fourfold increase in fines over the past two years.
World of compliance
Marc Haskelson, president and CEO of Compliancy Group, says there are multiple layers to being HIPAA compliant and remaining so is a constant process.
“An office that is HIPAA compliant and is doing it correctly, what they’re doing is looking at their office and assessing all the risks they have,” Haskelson says. “Is information displayed on the screen when you walk in? Are there file cabinets in the hall where someone could steal something? Is the staff trained where they know not to discuss certain topics close enough to the exam room where people could be hearing it?”
He says those are the details to identify and fix.
Haskelson says patients often think it’s hackers and cybersecurity issues that pose the risks, and they do, but the biggest problem in health care security is actually lost information.
Not only can compliance failures get a practice fined by the federal government, Haskelson says it also can lose patients, as now more people are worried about protecting their information in a doctor’s office.
“Fifty-three percent of the people who had an identity theft believe it originated from health care and that the doctor’s office was the cause of it,” he says. “To put it in perspective, with the Anthem/Blue Cross breach a few years ago, it affected 79 million people. That’s a quarter of the U.S.”
Unfortunately, there is not a perfect formula to being HIPAA compliant 100 percent of the time. Whether by cyberattack or by an employee sending information through a nonencrypted email to another employee, mistakes are bound to happen.
“You can’t keep your information in the silo in health care,” Gallagher says. “If I get hit by a truck in Oklahoma, I have to be able to go to the hospital there and have to be able to get my records. You have to share in health care.”
However, due diligence makes a difference not only in preventative measures, but also in how hard the fines will hit a practice, Sheppard says.
“You’ve trained your people, you’ve updated your policies, you’re annually reviewing all this stuff,” he says. “You don’t just buy a binder and put it on the shelf. It actually becomes part of your culture to be HIPAA compliant. At that point, no one’s perfect, but you’ve made a good faith, sincere effort to comply with those regulations. That’s a presumption in your favor.”
Features Editor Christine Temple interviews the director of interior design at Sapp Design Associates Architects PC.
“I’m ending something that I really… I really have enjoyed,” says Terry Bloodworth, owner and operator of Springfield Hot Glass Studio. Bloodworth says he’s ambivalent about closing his …
“Ready. Set. Give.” is an eight-part series that helps companies create a culture of giving. “One way employees can get involved is to volunteer as a lunch buddy. That’s where you would spend …
“My father started it in 1948 after returning home from World War II,” says Ron Kinney with Kinney Vending, Amusement, and Billiards Company. Kinney’s mother and father used GI money to open a …
Rich Callahan, General Manager of Air Services Heating and Air Conditioning and All Service Plumbing, says he believes servant leadership is the most important aspect of managing employees. “You …
Mickey Moore, CEO of Tomo Drug Testing, says he sees a tremendous amount of loyalty in his employees. “I think that also leads to the second challenge that we’ve faced over the last several years …
Travis Miller, Owner and Senior Structural Engineer with Miller Engineering, says his experience in the construction industry paid off when he opened his engineering firm. Miller says being a …
“If I were to plan that out, that would never have looked like the best time to have children,” says Jessica Kruse, Associate Circuit Judge, Division 3 in Christian County. Kruse and her husband …
“When searching for an assisted living community for your loved one, we want to make sure that it meets their personality and their personal needs,” says Alecia Robinson, Administrator at …
“It’s so easy to get wrapped up in the wonderful idea that you have, that you can set aside the things that are really going to make that work,” says Debra Horn, Senior Associate with BKD, LLP. …
Shawn Usery, Chief Medical Officer at Cox Medical Center Branson, says two staff members at his high school helped him become the person he is today. “So, I was always that kid who was never going …