Nebraska Statewide Telehealth Network Privacy and Security Reta Studnicka Laura Meyers

Slides:

Advertisements

Similar presentations

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

Advertisements

Todd Frech Ocius Medical Informatics 6650 Rivers Ave, Suite 137 North Charleston, SC Health Insurance Portability.

Oklahoma Health Care Authority - A Presentation for Tribal Facilities, Urban Indian Clinics and the Indian Health Service 317: Telemedicine Effective.

Presented by Elena Chan, UCSF Pharm.D. Candidate Tiffany Jew, USC Pharm.D. Candidate March 14, 2007 P HARMACEUTICAL C ONSULTANTS, I NC. P RO P HARMA HIPAA.

Oklahoma Telemedicine Conference 2014: Telehealth Transition October 16, 2014 Cynthia Scheideman-Miller, MHSA Heartland Telehealth Resource Center.

National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.

Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna

 Original Intent: ◦ Act passed in 1996 with two main goals: 1.Ensure individuals would be able to maintain their health insurance between jobs (the “portability”

CHAPTER © 2011 The McGraw-Hill Companies, Inc. All rights reserved. 2 The Use of Health Information Technology in Physician Practices.

Reviewing the World of HIPAA Stephanie Anderson, CPC October 2006.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

Understanding Meaningful Use Presented by: Allison Bryan MS, CHES December 7, 2012 Purdue Research Foundation 2012 Review of Stage 1 and Stage 2.

What value does it bring to Pretend Hospital? Pretend Hospital Logo Caring For You.

© Copyright 2014 Saul Ewing LLP The Coalition for Academic Scientific Computation HIPAA Legal Framework and Breach Analysis Presented by: Bruce D. Armon,

HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.

Behavioral Health Coding that Works in Primary Care Mary Jean Mork, LCSW April 16 & 17, 2009.

1 HIPAA Security Overview Centers for Medicare & Medicaid Services (CMS)

Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.

© 2009 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Career Education Computers in the Medical Office Chapter 2: Information Technology.

Notice of Privacy Practices Nebraska SNIP Privacy Subgroup July 18, 2002 Michael J. Brown, MHA, CPA Vice-President, Administrative & Regulatory Affairs,

What is HIPAA? H ealth I nsurance P ortability and A ccountability A ct (Kennedy-Kassenbaum Bill) nAdministrative Simplification –Privacy –Transactions.

The Use of Health Information Technology in Physician Practices

HIPAA PRIVACY AND SECURITY AWARENESS.

“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.

Copyright ©2011 by Pearson Education, Inc. Upper Saddle River, New Jersey All rights reserved. Health Information Technology and Management Richard.

2012 Audits of Covered Entity Compliance with HIPAA Privacy, Security and Breach Notification Rules Initial Analysis February 2013.

Working with Health IT Systems Protecting Privacy, Security, and Confidentiality in HIT Systems Lecture a This material (Comp7_Unit7a) was developed by.

HIPAA Michigan Cancer Registrars Association 2005 Annual Educational Conference Sandy Routhier.

LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think.

Occupational Health. Occupational Medicine Recognized Specialty Since 1949 Combines Clinical Skills With Toxicology, Epidemiology, Safety, Rehabilitation,

Understanding HIPAA (Health Insurandce Portability and Accountability Act)

Eliza de Guzman HTM 520 Health Information Exchange.

© 2013 The McGraw-Hill Companies, Inc. All rights reserved. Ch 8 Privacy Law and HIPAA.

Building Clinical Infrastructure and Expert Support Michael Steinberg, MD, FACR ULAAC Disparity Project Centinela/Freeman Health System.

HIPAA THE PRIVACY RULE. 2 HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti- depressant medications.

The Culture of Healthcare Privacy, Confidentiality, and Security Lecture d This material (Comp2_Unit9d) was developed by Oregon Health and Science University,

1 HIPAA Administrative Simplification Standards Yesterday, Today, and Tomorrow Stanley Nachimson CMS Office of HIPAA Standards.

Working with HIT Systems

1 TELEMEDICINE AND TELE-MENTAL HEALTH IN WYOMING Rex E. Gantenbein, PhD Center for Rural Health Research and Education WY Psychological Association

Component 8/Unit 6aHealth IT Workforce Curriculum Version 1.0 Fall Installation and Maintenance of Health IT Systems Unit 6a System Security Procedures.

Oklahoma Health Care Authority Telemedicine. 2 Policy: 317: Billing Technology.

HIPAA Security Final Rule Overview

Copyright © 2015 by Saunders, an imprint of Elsevier Inc. All rights reserved. Chapter 3 Privacy, Confidentiality, and Security.

1 © CHC Healthcare Solutions 2004 All rights reserved HIPAA Issues for Counties – PHI, Prisoners, Disaster Preparedness and Homeland Security March 9,

The Medical Record, Documentation, and Filing

Case Study: Applying Authentication Technologies as Part of a HIPAA Compliance Strategy.

HIPAA Compliance Case Study: Establishing and Implementing a Program to Audit HIPAA Compliance Drew Hunt Network Security Analyst Valley Medical Center.

Understanding Policy Regulations and Reimbursement Practices Impacting Telehealth Programs Rena Brewer, RN, MA CEO, Global Partnership for Telehealth Lloyd.

The Health Insurance Portability and Accountability Act of 1996 “HIPAA” Public Law

Board of Directors – March 24, 2016 Denise Mannon, AHFI, CHPC Corporate Compliance Officer.

HIPAA Yesterday, Today and Tomorrow? Dianne S. Faup Office of HIPAA Standards Centers for Medicare & Medicaid Services.

HIPAA: So You Think You’re Compliant September 1, 2011 Carolyn Heyman-Layne, J.D.

Juvenile Legislative Update 2013 Confidential Records and Protected Disclosures.

Installation and Maintenance of Health IT Systems System Security Procedures and Standards Lecture a This material Comp8_Unit6a was developed by Duke University,

The Ethics of Telepsychology

What is HIPAA? HIPAA stands for “Health Insurance Portability & Accountability Act” It was an Act of Congress passed into law in HEALTH INSURANCE.

Health Insurance Portability and Accountability Act

Refuah Community Health Collaborative (RCHC) PPS

HIPAA PRIVACY AWARENESS, COMPLIANCE and ENFORCEMENT

Disability Services Agencies Briefing On HIPAA

Health Insurance Portability and Accountability Act

HIPAA Privacy and Security Summit 2018 HIPAA Privacy Rule: Compliance Plans, Training, Internal Audits and Patient Rights Widener University Delaware.

HIPAA Security Standards Final Rule

THE 13TH NATIONAL HIPAA SUMMIT HEALTH INFORMATION PRIVACY & SECURITY IN SHARED HEALTH RECORD SYSTEMS SEPTEMBER 26, 2006 Paul T. Smith, Esq. Partner,

HIPAA Compliance Services CTG HealthCare Solutions, Inc.

Virtual Care – The Future of Healthcare

Presentation transcript:

Nebraska Statewide Telehealth Network Privacy and Security Reta Studnicka Laura Meyers

Mission of the Nebraska Statewide Telehealth Network (NSTN) To increase the quality, availability and accessibility of health care throughout the state of Nebraska, particularly as it impacts the rural population within the state. To create video-conferencing capability allowing the rural areas of the State to have access to other health providers and information without the need for extensive travel within a Private Network.

Patient Benefits Decreases travel time Lowers job absenteeism Cost savings Provides earlier disease intervention: Screening opportunities Increased availability of local follow-up care may decrease ALOS in tertiary center

Community Benefits Improves Quality of Medical Services Strengthens Ties to Specialty Care Increases Confidence in Local Providers Alleviates Isolation of Rural Providers Increases Diagnostic Resources

Provider Benefits Potential for decreasing outmigration Enhances clinical support Increased referral opportunities Provides the opportunity to enhance and supplement the services provided at existing outreach clinics

Provider Benefits Easy access to continuing education Opportunities to consult with other professionals, even internationally

Connection Status Today Hub Sites: –UNMC (Omaha) –St. Elizabeth’s Regional Medical Center (Lincoln) –BryanLGH Medical Center (Lincoln) –St. Francis Medical Center (Grand Island) –Good Samaritan Hospital (Kearney) –Great Plains Regional Medical Center (North Platte) –Faith Regional Health Services (Norfolk) –Regional West Medical Center (Scottsbluff)

Connection Status Today Sixty-seven rural hospitals are connected to these hubs. Nineteen public health departments will be connected (15-17 are connected at this time) Also have connections to all but one bioterrorism lab Omaha hospitals: Immanuel, Bergan Mercy, Creighton, Childrens, Methodist, Midlands, The Nebraska Medical Center Other connections on the horizon: Winnebago Indian Hospital and Tecumseh State Correctional Institution

Network Uses: Clinical Clinical Consults –Rehabilitation Therapy –Disease Management –Emergent Care: Trauma, EPC, Mental Health –Family Advocacy Network: abuse and sexual abuse –Deaf and Hard of Hearing –On the horizon: Telepharmacy and Teledentistry

Services Approved for Reimbursement Consultations (CPT Codes ) Office or Other Outpatient Visits ( ) Individual Psychotherapy ( ) Pharmacologic Management (90862) Psychiatric Diagnostic Interview Exams (90801) End Stage Renal Disease (HCPCS codes G0308, G0309, G0311, G0312, G0314, G0317, G0318)

Sites Approved for Reimbursement Hospitals (inpatient/outpatient) Critical Access Hospitals Physician/Practitioner Offices Rural Health Clinics Federally Qualified Health Centers

Network Uses: Education Education –CMEs and CEUs –Grand Rounds –EMS Continuing Training/Considering Initial Training –RN/Allied Health Professional Degree Programs –Community Education/Support Groups –

Network Uses: Other Administrative Meetings Health Alert Network Routine Testing Lung Surgery “Scared Straight” Language Interpretation

Network Uses at This Time Telehealth Education and Training –On-Going Conducting Clinical Consults for Practitioners Peripheral Devices Creating a Telehealth Business Plan Privacy and Security Community Mental Health and Telehealth Electronic Health Records

The NSTN: Current Decision Making Structure, Priorities, Committees Network Advisory Committee Network Operations Group NSTN Education Committee –Scheduling –Website –Evaluation Privacy & Security Subcommittee

HIPAA PRIVACY, SECURITY, and TELEHEALTH Covered Entities that must comply with the HIPAA Privacy and Security Standards Health Care Providers Health Plans Health Care Clearinghouses

A Reminder…. The HIPAA Privacy Regulation ensures that covered entities will comply with the HIPAA Privacy standards to protect patient’s health information from non- permitted uses and disclosures. For many covered entities, this required the development and implementation of over 50 new policies and procedures with related forms!

Adding Telehealth Policies: Telehealth Encounters Must Protect Patient Health Information Proper patient admission/registration Notice of Privacy Rights and Practices Acknowledgement Telehealth Visit Consent Form Providing a Private and Secure Telehealth Transmission Providing a Private and Secure physical location for the telehealth encounter Authorized personnel in attendance for telehealth medical visit

...couple of more requirements Properly credentialed healthcare providers (Recommendation to credential as you would all “in person” healthcare providers) Organized Healthcare arrangements “OHCA” – with the properly credentialed healthcare providers

HIPAA SECURITY REGULATION Ensures that covered entities will comply with the HIPAA standards to protect the confidentiality, integrity and availability of Electronic Protected Health Information (EPHI). In the final rule, CMS divides security into three categories – these implementation specifications may be Required or Addressable: Administrative safeguards ( ) Physical safeguards ( ) Technical safeguards ( )

Required vs. Addressable Required Must implement the specification in order to successfully implement the standard Addressable Consider the specification, and implement if reasonable and appropriate If not, document why it would not be reasonable and appropriate to implement the specification; and Implement an equivalent alternative measure if reasonable and appropriate

Security Standards Protect against any reasonably anticipated threats or hazards to the security or integrity of such information Protect against any reasonably anticipated uses or disclosures of such information that are not permitted or required under the security standards Ensure compliance with the security standards by the workforce Ensure confidentiality, integrity and availability of all EPHI the covered entity creates, receives, maintains, or transmits

Next Steps Coordination between Privacy and Security Officer within the organization Include Telehealth when performing the required HIPAA Security Risk Analysis Include Telehealth when considering Risk Management Include Telehealth when developing and implementing Policies and Procedures

Nebraska Statewide Telehealth Network Privacy and Security Subcommittee Goals: Conduct the HIPAA Security Risk Analysis for the NSTN Develop policy and procedure templates for Privacy and Security that are applicable to telehealth for the NSTN Gather input from NSTN providers for best practices regarding privacy and security

Questions?