Archive | August, 2018

5 Things to Avoid When Collecting Debt From Customers

22 Aug

Before conducting debt collections, make sure you understand the do’s and don’ts of the industry.

The do’s and don’ts of collecting debt are a sticky wicket. If you do it wrong, you can alienate potential customers, ruin your reputation, and maybe even pick up a hefty fine from regulators. Playing by the rules means compliance with all laws, certainly, but also collecting debt in a way that treats every customer with dignity and respect.

Here are five things to avoid when collecting debt from customers.

Do Not Try This at Home – or at the Office

We’ve heard all the horror stories from collections gone awry. Industry publications such as Inside ARM often report on companies fined by regulators for breaking collection regulations. Our biggest complaint, beyond the fact that these techniques are generally not effective, is that conducting yourself in this manner gives the collections industry a bad reputation. Not good!

The best course of action is to partner with a professional collection agency like TSI. But just in case you plan to give debt recovery on your own a try, here are some things that should never be part of your DIY debt collection strategy:

  1. Don’t stalk your customers. Really! This means you (or the debt collector for that matter) cannot show up at someone’s workplace and demand they pay you. The law also prohibits you from publicizing the debt, too, so even though you want to go on Facebook call out someone that owes you money – don’t. Here is the caveat: You may, respectfully, call the customer at work but you cannot let the other workers know that you’re trying to collect on a debt. Plus, if the customer asks you to not call them at work, you legally must comply.
  2. Don’t harass your customers. See #1. But actions such as repeated calls, threats of violence, and extreme language are not only bad form, they’re illegal too. For a small business owner, it feels personal when someone doesn’t pay. But conducting yourself in a professional way will pay off in the long run.

There are rules about pursuing debt collections – make sure you follow them.

  1. You can’t arrest the debtor. Sorry, we know this may not feel fair, but if a customer is 90-days past due, you cannot call 911 for help. However, there may be legal actions you can take in certain circumstances.
  2. You cannot pursue the debtor for things they don’t owe. This happens a lot when the data you have on the customer is inaccurate. So many times we see that the person already paid the debt but the information wasn’t logged properly. A simple mistake can land you in hot water, so use caution and double-check the facts before pursuing a debt.
  3. You cannot call at odd hours of the day and night. Did you know there are rules that state you can only call a past-due customer between 8:00 am and 9:00 pm? For small business owners that work hard all day, this means just because you’re up at 7:30 am you can’t squeeze in a few collections calls.

If you’re worried about running afoul of the rules of collecting debt, you don’t need to.

Contact me today at 888-780-1333, and I’ll show you how to collect more money, cut costs, and stay 100% compliant with all of the many laws and regulations that relate to debt collection.

After all…it’s your money!  Keep more of it!!

Tags: , , , , , , , , ,

All You Need To Know About HIPAA Business Associate Agreements

18 Aug

Source:  Jeff Broudy, PCIHIPAA

Medical and dental practices are hearing more and more about large fines and data breaches surrounding HIPAA (Health Insurance Portability and Accountability Act of 1996).   Many are fearful that significant fines could affect their practice, their patients, and their livelihood.  Is this a real threat?  I believe it is.  HIPAA law is confusing and protecting the security and privacy of your patient information is critical.  And with the enactment of the Omnibus Rule back in 2013, HIPAA compliance now extends to your Business Associates.

The Ponemon Institute states that 39% of all Business Associates have experienced a data breach, and in one case a practice was fined $31,000 for not having a Business Associate Agreement on file.  That’s an expensive document!

As HIPAA Compliance Specialists, a day rarely goes by that we don’t receive questions about Business Associates.  “Who’s a Business Associate?”  “Do I have risks if I don’t have execute the proper agreements?“ What does my practice need to do?”  In fact, out partners at PCIHIPAA created a HIPAA Webinar Series for our clients to help answer these questions.  Let me know if you would like more information on this webinar series, and let me help clarify some of these questions.

) “Do I need to have a Business Associate Agreements on file?”

Yes.  If you are a Covered Entity under HIPAA, you are required to execute Business Associate Agreements. The Health and Human Services website (HHS.gov) defines a Covered Entity as health care providers who electronically transmit any health information in connection with transactions for which HHS has adopted standards.

Bottom line:  Examples of Covered Entities under HIPAA are: Doctors, Clinics, Psychologists, Dentists, Chiropractors, Oral Surgeons, Podiatrists, Opthamologists, Nursing Homes, Pharmacies, Health Insurance Companies, HOMs, Company Health Plans, and Labs are all considered to be Covered Entities.

2) “Then, who is a Business Associate?

A Business Associate as any organization or person working in association with, or providing services to, a Covered Entity who handles or discloses Protected Health Information (PHI) or Personal Health Records (PHR.)  A business associate may also be a subcontractor that creates, receives, maintains, or transmits PHI on behalf of another business associate.  Think of it this way, if you contract with a person or an entity that needs access to your PHI to do their job, they are most likely a Business Associate.

Bottom line:  Examples of Business Associates are Lawyers, Accountants, IT Programmers and Representatives, Shredding Companies, Marketing Software Companies, Practice Management Software Providers, Data Backup and Storage Companies, and Billing Companies.   

“Are there exceptions?”

Yes.  HIPAA excludes conduits of information (UPS, FedEx), governmental agencies (Medicare and Medicaid), and anyone else this is not required to handle your PHI to do their jobs (Janitors, Landlords, Water Delivery Services).  Also your employees are not considered Business Associates.  They need to be trained on HIPAA, but you don’t need to execute Business Associate Agreements with your employees. 

3) “What exactly is a Business Associate Agreement, and why is it important?”

A Business Associate Agreement is a binding legal document that is now required under HIPAA for you to execute with all of your Business Associates. It is imperative that your practice has Business Associate Agreements in place, with a log kept for reference. Because your practice (as a Covered Entity) is sharing PHI with your Business Associate, this document ensures that the HIPAA mandates are in place and that your patients are protected.   If you use the right Business Associate Agreement, it also includes an “Indemnity Clause.”  The Indemnity Clause protects you financially, if PHI is compromised under your Business Associate’s watch.  This is a crucial clause that should be included in any Business Associate Agreement you execute.

Contact me for more information and/or assistance in creating a Business Associate Agreement (BAA) for your practice.

Click Here to take a free, no-obligation, HIPAA Risk Assessment.  The results will inform you of where you are compliant and where you are deficient in your HIPPA security.

Tags: , , , , , ,

%d