Small dental practices, large ambulatory service centers, optometrists and basically any medical practice under the sun all have one thing in common: They have to be compliant to the Health Insurance Portability and Accountability Act.
Medical Consulting Group LLC is working to seize that opportunity.
The company operates several small businesses under the MCG name, offering development and management services to creative branding and marketing, for medical practices, ASCs and medical device manufacturers. In summer 2017, MCG launched a new division, MCG Compliancy.
Bill Rabourn started Medical Consulting Group 29 years ago, along with Wes Dunn. But in 1995, the two split the company in half, and Dunn went to work for the St. Louis company they sold a portion to, now known as TLC Vision.
Today, MCG is owned by Rabourn and the other managing principals, Stephen Sheppard and Rob McCarville.
Revenue in 2017 was about $6 million, with roughly half of sales from the management divisions, such as billing and ASC services. Sheppard says the remainder is from the creative team for marketing and branding work. With recent growth, the creative team is moving to another building across South Ingram Mill Road.
MCG Compliancy is the brainchild of Brock Fick, compliancy implementation specialist; Tripp Rabourn, a client development specialist; and Brenden Gallagher, director of information technology.
Sheppard says MCG started the compliancy division after years of helping manage medical practices and ASCs. MCG has developed 65 ASCs in 29 states and one in Canada.
“As we started to look into (compliancy), we realized just how complicated it really is,” he says. “Probably three or four years ago, the federal government kind of switched philosophically from educating health care organizations about how to comply with all these requirements to enforcement.”
MCG Compliancy partnered with Greenlawn, New York-based Compliancy Group, which educates and provides software to safely and securely store important medical information into one database. Called The Guard, the software not only provides security, but also trains employees of medical centers on how to be HIPAA compliant.
Tripp Rabourn says MCG Compliancy lifts clients’ burdens brought on by regulations.
“They don’t have to worry about accounting, business operations and stuff like that,” he says. “We found (compliancy) to be a good piece, because there’s a lot of complexity in understanding HIPAA and protecting yourself from fines that could really impact your business health.”
Citing stats from Compliancy Group, Fick says HIPAA fines in 2017 exceeded $19 million across the medical field in the United States, and there’s been almost a fourfold increase in fines over the past two years.
World of compliance
Marc Haskelson, president and CEO of Compliancy Group, says there are multiple layers to being HIPAA compliant and remaining so is a constant process.
“An office that is HIPAA compliant and is doing it correctly, what they’re doing is looking at their office and assessing all the risks they have,” Haskelson says. “Is information displayed on the screen when you walk in? Are there file cabinets in the hall where someone could steal something? Is the staff trained where they know not to discuss certain topics close enough to the exam room where people could be hearing it?”
He says those are the details to identify and fix.
Haskelson says patients often think it’s hackers and cybersecurity issues that pose the risks, and they do, but the biggest problem in health care security is actually lost information.
Not only can compliance failures get a practice fined by the federal government, Haskelson says it also can lose patients, as now more people are worried about protecting their information in a doctor’s office.
“Fifty-three percent of the people who had an identity theft believe it originated from health care and that the doctor’s office was the cause of it,” he says. “To put it in perspective, with the Anthem/Blue Cross breach a few years ago, it affected 79 million people. That’s a quarter of the U.S.”
Unfortunately, there is not a perfect formula to being HIPAA compliant 100 percent of the time. Whether by cyberattack or by an employee sending information through a nonencrypted email to another employee, mistakes are bound to happen.
“You can’t keep your information in the silo in health care,” Gallagher says. “If I get hit by a truck in Oklahoma, I have to be able to go to the hospital there and have to be able to get my records. You have to share in health care.”
However, due diligence makes a difference not only in preventative measures, but also in how hard the fines will hit a practice, Sheppard says.
“You’ve trained your people, you’ve updated your policies, you’re annually reviewing all this stuff,” he says. “You don’t just buy a binder and put it on the shelf. It actually becomes part of your culture to be HIPAA compliant. At that point, no one’s perfect, but you’ve made a good faith, sincere effort to comply with those regulations. That’s a presumption in your favor.”
Starting Strength Online Coaching is changing the gym experience — by removing it.
“I definitely, especially in the last few years, have made a point to make sure that I turn off work before I walk in the door. That’s been a lesson that I’ve learned,” says Travis Miller, …
Don’t procrastinate. Rob Keck, Director of Conservation at Bass Pro Shops, says his great-uncle Bill told him to never put off anything he wanted to do. “That’s something that has inspired me …
“It’s very important for me to prioritize and that’s kind of how I get through each day is prioritizing, setting a list of things for me to do,” says Austin O’Reilly, Owner and Founder of …
“Ready. Set. Give.” is an eight-part series that helps companies create a culture of giving. “The best, most efficient way a company can help is just start that conversation,” says Esther …
“You have to fail to succeed. It takes multiple failures to arrive at success,” says Shanda Trautman with Old Missouri Bank. Trautman says marketing isn’t a one-stop shop where developing your …
“When starting the company, the first thing I thought was who are the people I want to be with every day? What’s the culture I want,” says Mark Steiner, Co-founder and CEO of GigSalad. Steiner …
“The biggest key is the leader’s effect on the environment. That goes right smack back to culture,” says Mark Holmes President and owner of Consultant Board Inc. Holmes says culture is …
Rachel Anderson, Acting Director at The efactory, says one of her former supervisors made every new employee read “The Four Agreements” by Don Miguel Ruiz. “[I] encourage anyone to read that …
“When I first started in insurance, I was trying to mimic the way others were doing it,” says Leah Callahan with Insurance Group of the Ozarks. Callahan says once she embraced who she was, she …
Mickey Moore, CEO of Tomo Drug Testing, says there are times as a business owner when you must wear every hat. Moore also says, if you surround yourself with great people, who are better than you at …