The HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Interview: J. Veronica Xu, Chief Compliance Officer, Saber Healthcare Group

HIPAA Journal is conducting interviews with healthcare professionals and vendors to get their points of view on HIPAA, how the legislation relates to their roles, and the successes and challenges they face with HIPAA compliance. This week, J. Veronica Xu, Chief Compliance Officer, Saber Healthcare Group, shared her thoughts.

J. Veronica Xu, Chief Compliance Officer, Saber Healthcare Group

Tell the readers about your career in the healthcare industry

I currently serve as the Chief Compliance Officer for Saber Healthcare Group – one of the largest long-term care providers in the nation. As a long-term care provider with more than 120 facilities in the nation (including skilled nursing facilities and assisted living facilities), we provide individualized care to patients and residents in seven states.

What was your first position?

Get the FREE
HIPAA Compliance Checklist

Delivered via email so please ensure you enter your email address correctly.

Your Privacy Respected

HIPAA Journal Privacy Policy

I worked as an attorney at a law firm.

When did you first get involved in HIPAA compliance?

When I was practicing law and advising corporate and individual clients on various legal matters, HIPAA compliance issues would come up from time to time.  When I first assumed the current role, HIPAA compliance was part of the compliance department’s responsibility.  So naturally, I took on the task, and have been managing our organization’s HIPAA compliance since then.

What attracted you to further your career in compliance?

I love what I do and I am passionate about compliance work.  As people can imagine, compliance is not an easy field and it is full of roadblocks and challenges, but that makes it exciting too because the risk landscape is constantly evolving, which requires compliance professionals to adapt, adjust, assess, reflect, and improve.  Furthermore, compliance work is important.

What are the main challenges in your position?

Keeping up with emerging risks, operationalizing legal and regulatory requirements and incorporating them into daily practices and processes, maintaining the compliance momentum, and fostering a culture of compliance.

What are your main challenges regarding HIPAA?

Operationalizing the legal and regulatory requirements, making the rules easy to understand for everyone in the workforce, and continuing to heighten employees’ awareness of the HIPAA Rules and the importance of HIPAA compliance.

What do you think needs to be improved in the HIPAA regulations?

I think it is safe to say laws and regulations are not the world’s most interesting or digestible thing for people to read.  The reality is they are written by legal professionals, but not everyone in our society is a lawyer.  When doing compliance work, we always keep some key elements in mind, such as clarity, simplicity, and practicality, because we want our staff members and patients/residents to appreciate what the requirements and expectations are.

If the language of the rules seems vague or confusing, it will be hard for front-line staff to comprehend, thus further making it difficult to operationalize and ensure compliance.  When patients/residents don’t understand the HIPAA Rules and are applying them incorrectly, it can cause unnecessary tension between the patient/resident and the provider.  Clear, concise language would certainly help.  Moreover, practicality and feasibility should also be taken into consideration.  Sometimes, certain measures look wonderful on paper, but may not be realistic or have any pragmatic values in practice. The bottom line is: we all want to meet our residents’ needs.  The laws and regulations not only serve as guardrails and deterrence but should also be a resource, tool, and guide that can help all of us carry out our responsibilities in the most effective and efficient manner.

Do you have any predictions for the future of healthcare regulation?

As new risks and challenges continue to emerge, there will definitely be more rules and regulations concerning the practices in the healthcare industry – whether it is relating to the care that people receive or the technology that is used to assist with care delivery or information transmission.

Do you have any predictions for the future of healthcare technology?

Technology will become more advanced and will be able to assist healthcare providers with catching errors early on and rendering high-quality care to patients. It will be an indispensable tool in the healthcare sector.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.


Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist