Strategies to Comply with the HPAA Privacy Rule Before the HIPAA Security and Enforcement Rules are Final Presented by: Steven S. Lazarus, PhD, FHIMSS.

Slides:



Advertisements
Similar presentations
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
Advertisements

HIPAA Privacy Practices. Notice A copy of the current DMH Notice must be posted at each service site where persons seeking DMH services will be able to.
Minimum Necessary Standard Version 1.0
Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) ; Victoria Nemerson.
Health Insurance Portability and Accountability Act (HIPAA)HIPAA.
HIPAA Minimum Necessary: Use/Disclosure & Role-based Access  Charlene Dunbar Madonna Rehabilitation Hospital  Sheila Wrobel Nebraska Health System.
NAU HIPAA Awareness Training
1 Louisiana Department of Health and Hospitals Basic HIPAA Privacy Training: Policies and Procedures 01/09/
ITEC 6324 Health Insurance Portability and Accountability (HIPAA) Act of 1996 Instructor: Dr. E. Crowley Name: Victor Wong Date: 2 Sept
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.
© 2011 The McGraw-Hill Companies, Inc. All rights reserved. 2.5 HIPAA Legislation and its Impact on Physician Practices 2-15 The Health Insurance Portability.
COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.
Jill Moore April 2013 HIPAA Update: New Rules, New Challenges.
Are you ready for HIPPO??? Welcome to HIPAA
Improving Efficiency and Increasing Patient Satisfaction by Leveraging HIPAA Standards, Including Privacy and Transactions and Data Code Sets Presented.
August 10, 2001 NESNIP PRIVACY WORKGROUP HIPAA’s Minimum Necessary Standard Presented by: Mildred L. Johnson, J.D.
Version 6.0 Approved by HIPAA Implementation Team April 14, HIPAA Learning Module The following is an educational Powerpoint presentation on the.
HIPAA Health Insurance Portability & Accountability Act of 1996.
HIPAA Collaborative of Wisconsin PAYMENT, COLLECTIONS, AND ACCEPTED BENEFITS FURTHER DEFINITION OF THE PRIVACY RULE Copyright HIPAA Collaborative.
HIPAA PRIVACY AND SECURITY AWARENESS.
HIPAA The Privacy Rule Health Insurance Portability and Accountability Act of 1996 (HIPAA) The 104 th Congress passed the Act, Public Law ,
Approaches to Implementation of the Transactions and Codes Sets Addendum Presented by: Steven S. Lazarus, PhD, FHIMSS President Boundary Information Group.
Copyright Fleisher & Associates A HIPAA PRIMER FOR PUBLIC HEALTH PEOPLE CPHA-N Conference 2003 January 30, 2003 Presented by: Steven M. Fleisher,
Health Insurance Portability and Accountability Act (HIPAA)
Privacy and Security Laws for Health Care Organizations Presented by Robert J. Scott Scott & Scott, LLP
Copyright ©2011 by Pearson Education, Inc. Upper Saddle River, New Jersey All rights reserved. Health Information Technology and Management Richard.
HIPAA Michigan Cancer Registrars Association 2005 Annual Educational Conference Sandy Routhier.
Copyright Boundary Information Group 2002 HIPAA CASE STUDIES: A SURVEY OF 10 HEALTH SYSTEMS’ HIPAA COMPLIANCE EFFORTS Steven S. Lazarus, PhD, FHIMSS President,
Health Insurance Portability and Accountability Act (HIPAA) CCAC.
Understanding HIPAA (Health Insurandce Portability and Accountability Act)
The Fifth National HIPAA Summit – October 30, 2002 What to Do Now: Operational Implementation of HIPAA Privacy and Security Training Presented by: Steven.
PricewaterhouseCoopers 1 Administrative Simplification: Privacy Audioconference April 14, 2003 William R. Braithwaite, MD, PhD “Doctor HIPAA” HIPAA Today.
HIPAA PRACTICAL APPLICATION WORKSHOP Orientation Module 1B Anderson Health Information Systems, Inc.
Rhonda Anderson, RHIA, President  …is a PROCESS, not a PROJECT 2.
HIPAA Health Insurance Portability and Accountability Act of 1996.
The IT Vendor: HIPAA Security Savior for Smaller Health Plans?
HIPAA History March 3, HIPAA Ruling Health Insurance Portability Accountability Act Health Insurance Portability Accountability Act Passed by Congress.
Vendor and Clearinghouse Requirements for HIPAA Compliance HIPAA Summit Audio Conference Presented By: Steven S. Lazarus, PhD, FHIMSS Boundary Information.
Copyright © 2015 by Saunders, an imprint of Elsevier Inc. All rights reserved. Chapter 3 Privacy, Confidentiality, and Security.
March 19, 2003 Audioconference Approaches to Compliance with the HIPAA Privacy and Security Workforce Training Requirements Presented by: Steven S. Lazarus,
HIPAA Transactions and Code Sets U.S. Healthcare Industry at a Tipping Point Steven S. Lazarus, PhD, CPHIT, CPEHR, FHIMSS April 7, :30 pm –
HIPAA HEALTH INSURANCE PORTABILITY ACOUNTABILITY ACT.
ASCA Transaction Extension and Resources to Help Extending Your Compliance Deadline for Transactions & Code Sets April 19, 2002 Steven S. Lazarus, PhD,
The Health Insurance Portability and Accountability Act of 1996 “HIPAA” Public Law
The Health Insurance Portability and Accountability Act (HIPAA) requires Plumas County to train all employees in covered departments about the County’s.
April 14, 2003 – HIPAA Privacy Audioconference The Importance of April 14, 2003: Where you should be regarding HIPAA privacy policies and procedures and.
The Fourth National HIPAA Summit, April 26, 2002 A SURVEY OF 10 HEALTH SYSTEMS’ HIPAA COMPLIANCE STRATEGIES Presented by: Margret Amatayakul, RHIA, FHIMSS.
The Health Insurance Portability and Accountability Act 
HIPAA Privacy Rule Training
HIPAA CONFIDENTIALITY
Moderated by: Steven S. Lazarus, PhD, FHIMSS President
Paul T. Smith Davis Wright Tremaine LLP
EMPLOYER HIPAA COMPLIANCE STRATEGIES HIPAA Summit Audio Conference
Electronic Health Records: Overview, Acquisition and Implementation
Disability Services Agencies Briefing On HIPAA
HIPAA Pros - Minimum Necessary
HIPAA Transactions and Code Sets Implementation June 6, 2003
Presented by: Steven S. Lazarus, PhD, FHIMSS
OVERVIEW OF CMS GUIDANCE
HIPAA Security Standards Final Rule
HIPAA SECURITY RULE Copyright © 2008, 2006, 2004 by Saunders an imprint of Elsevier Inc. All rights reserved.
Making Your IRBs and Clinical Investigators HIPAA-Ready
National HIPAA Audioconference: update on Crucial HIPAA Privacy and Security Developments – 5 Years After Implementation Steven S. Lazarus, PhD, CPEHR,
The Importance of April 16, 2003: Where You Should be in HIPAA Data Code Sets/Transactions Testing and Compliance Presented by: Steven S. Lazarus, PhD,
Steven S. Lazarus, PhD, CPEHR, CPHIT, FHIMSS President
HIPAA Privacy and Security Update - 5 Years After Implementation
Presentation transcript:

Strategies to Comply with the HPAA Privacy Rule Before the HIPAA Security and Enforcement Rules are Final Presented by: Steven S. Lazarus, PhD, FHIMSS Boundary Information Group (303) 488-9911 sslazarus@aol.com Copyright Boundary Information Group

BOUNDARY INFORMATION GROUP Virtual Consortium of health care information systems consulting firms founded in 1995 Internet-Based Company website: www.boundary.net BIG HIPAA Resources: www.hipaainfo.net Senior Consultants with HIPAA Leadership Experience Since 1992 Clients include: Hospitals and multi-hospital organizations Medical groups Health plans Vendors Third party administrators Copyright Boundary Information Group 2002

Workgroup on Electronic Data Interchange Nonprofit Trade Association, founded 1991 203 organizational members Consumers, Government, Mixed Payer/Providers, Payers, Providers, Standards Organizations, Vendors Named in 1996 HIPAA Legislation as an Advisor to the Secretary of DHHS Website: www.wedi.org Strategic National Implementation Process (SNIP) - snip.wedi.org WEDI Foundation formed in 2001 Steven Lazarus, WEDI Chair (2001-2002) Copyright Boundary Information Group 2002

1. Enforcement The Federal Government has the authority to enforce all laws and regulations Assume that there will be Federal enforcement on Privacy on April 14, 2003 Privacy requires Security Many of the press accounts of privacy breeches have been security breeches that disclosed PHI Copyright Boundary Information Group 2002

Privacy Rule, 45 CFR 164.530(c) Existing: “A covered entity must reasonably safeguard protected health information from any intentional or unintentional use or disclosure that is in violation of the standards, implementation specifications or other requirements of this subpart.” Proposed: “A covered entity must reasonably safeguard protected health information to limit incidental uses or disclosures made pursuant to an otherwise permitted or required use or disclosure Copyright Boundary Information Group 2002

2. Security Strategy Prepare HIPAA Security policies and procedures to support the Privacy Compliance activity Prepare to train for both security and privacy Copyright Boundary Information Group 2002

Security to Support the Privacy Requirement for Minimum Necessary Role-based or user-based access Access controls Unique identifier Password Password management Automatic log-off settings Link access authorization to job description Terminate access upon workforce termination or change in role Copyright Boundary Information Group 2002

Security to Ensure that System Users are Properly Identified Use of strong passwords, biometrics, tokens or other forms of entity identification Copyright Boundary Information Group 2002

Final Thoughts Privacy and security fit together. Covered Entities can not comply with privacy without security Apply security to all PHI, not just electronic data and its progeny Copyright Boundary Information Group 2002

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.