As a downstream service entity, ARMS Inc is required to comply with the same Centers for Medicare & Medicaid Services (CMS) regulations as its healthcare provider and insurance company customers.
CMS is a federal agency within the U.S. Department of Health and Human Services that administers the Medicare program and works in partnership with state governments to administer Medicaid and other federal programs.
Downstream service entities required to meet four elements of CMS regulations
Written policies and procedures – This includes standards of conduct; security policies that stipulate how documents are classified and handled; the retention of records as it relates to Medicare and Medicaid documents within the information system; and annual review to ensure ongoing compliance.
Compliance oversight – ARMS is required to have a designated compliance officer on staff, as well as a designated compliance committee for review purposes. In ARMS’s case, our executive management team serves as our compliance committee.
Staff training – CMS regulations stipulate that ARMS must have a formal training plan in place, with training sessions conducted annually at a minimum. Regulations also cover distribution of the security policy itself to staff; distribution of Medicare and Medicaid standards of conduct; distribution of a conflict of interest policy and questionnaire; and fraud abuse training, including ways staff can report possible abuse either named or anonymously to a different source.
Public posting – ARMS is required to publicly post how to report suspected fraud.
As a downstream entity provider, ARMS also is required to cooperate with any government investigations involving customers covered by CMS regulations.
FulL-Service Information Management and Destruction Services from ARMS Inc
ARMS is an industry leader in records and information technology solutions, providing organizations “best practice” consulting in the Green Bay, Wisconsin, area and across the United States. ARMS is an SSAE 16-audited company that meets today’s information regulatory requirements such as HIPAA, HITECH and FACTA. Services include traditional document storage, certified information destruction, data protection and media vaulting, and automated workflow solutions.
For more information about services available through ARMS, please call 877-764-2767 or visit https://arms4rim.com/.
View original article on CMS regulations here.