U.S. Benefits Group Fifth National HIPAA Summit A Case Study in Employer HIPAA Privacy Compliance Approaches Fred J. Thiele, JD, MBA Legal Compliance Manager.

Slides:

Advertisements

Similar presentations

H OGAN & H ARTSON, L.L.P.

Advertisements

“Reaching across Arizona to provide comprehensive quality health care for those in need” Our first care is your health care Arizona Health Care Cost Containment.

Presented by Elena Chan, UCSF Pharm.D. Candidate Tiffany Jew, USC Pharm.D. Candidate March 14, 2007 P HARMACEUTICAL C ONSULTANTS, I NC. P RO P HARMA HIPAA.

HIPAA Basics Brian Fleetham Dickinson Wright PLLC.

HIPAA and Public Health 2007 Epi Rapid Response Team Conference.

NATIONAL FORUM ON YOUTH VIOLENCE PREVENTION: HIPAA PRIVACY RULE CONSIDERATIONS November 1, 2011 Iliana L. Peters, JD, LLM HHS Office for Civil Rights.

HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.

HIPAA Privacy Rule Training

Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.

HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.

What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

Presented by the Office of the General Counsel An Overview of HIPAA.

TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.

HIPAA Health Insurance Portability and Accountability Act.

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.

COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.

Jill Moore April 2013 HIPAA Update: New Rules, New Challenges.

Are you ready for HIPPO??? Welcome to HIPAA

Health IT Privacy and Security Policy Jodi Daniel, J.D., M.P.H. Director, Office of Policy and Research, Office of the National Coordinator for Health.

August 10, 2001 NESNIP PRIVACY WORKGROUP HIPAA’s Minimum Necessary Standard Presented by: Mildred L. Johnson, J.D.

HIPAA Compliance Strategies for Employers, METs, MEWAs and Taft Hartley Union Trust Funds The HIPAA Colloquium at Harvard University Presented by: Melissa.

Version 6.0 Approved by HIPAA Implementation Team April 14, HIPAA Learning Module The following is an educational Powerpoint presentation on the.

State Milestones Subsidized Insurance Workgroup High Level Timeline 2011 Jan 2011 Feb 2011 Mar 2011 Apr 2011 May 2011 Jun 2011 Jul 2011 Aug 2011 Sept 2011.

COMPLYING WITH HIPAA BUSINESS ASSOCIATE REQUIREMENTS Quick, Cost Effective Solutions for HIPAA Compliance: Business Associate Agreements.

Notice of Privacy Practices Nebraska SNIP Privacy Subgroup July 18, 2002 Michael J. Brown, MHA, CPA Vice-President, Administrative & Regulatory Affairs,

Key Issues For Your Remaining HIPAA Compliance Time – The Health Plan Perspective Kimberly GrayKirk J. Nahra Chief Privacy OfficerWiley Rein & Fielding.

Employers’ Responsibilities Under HIPAA Case Study: Implementing HIPAA in the Control Group Setting The Sixth National HIPAA Summit March 28, 2003.

HIPAA The Privacy Rule Health Insurance Portability and Accountability Act of 1996 (HIPAA) The 104 th Congress passed the Act, Public Law ,

PricewaterhouseCoopers Transaction Compliance Date Extension & Privacy Standards NPRM Audioconference April 19, 2002 HIPAA Administrative Simplification.

HIPAA Privacy Establishing a Compliance Plan Mazursky & Dunaway LLP Monarch Tower Suite Peachtree Road Atlanta, Georgia

Computerized Networking of HIV Providers Workshop Data Security, Privacy and HIPAA: Focus on Privacy Joy L. Pritts, J.D. Assistant Research Professor Health.

Advanced HIPAA Issues for Biotech and Life Sciences Companies: Mark E. Schreiber Palmer & Dodge LLP 111 Huntington Avenue Boston, MA

HIPAA – How Will the Regulations Impact Research?.

HIPAA Michigan Cancer Registrars Association 2005 Annual Educational Conference Sandy Routhier.

© 2009 The McGraw-Hill Companies, Inc. All rights reserved. 1 McGraw-Hill Chapter 2 The HIPAA Privacy Standards HIPAA for Allied Health Careers.

Advanced Issues in Privacy: Drafting and Negotiating Business Associate Contracts Thomas E. Jeffry, Jr. Partner Davis Wright Tremaine LLP Los Angeles,

Health Insurance Portability and Accountability Act of 1996 HIPAA Privacy Training for County Employees.

Reflections on the State of Privacy Risk Management in Health Care Benefits Administration (one year and counting …) Mark Lutes, Esq. Partner Epstein Becker.

PricewaterhouseCoopers 1 Administrative Simplification: Privacy Audioconference April 14, 2003 William R. Braithwaite, MD, PhD “Doctor HIPAA” HIPAA Today.

FleetBoston Financial HIPAA Privacy Compliance Agnes Bundy Scanlan Managing Director and Chief Privacy Officer FleetBoston Financial.

HIPAA PRACTICAL APPLICATION WORKSHOP Orientation Module 1B Anderson Health Information Systems, Inc.

OHCAs, ACEs and Hybrid Entities Paul Smith Davis Wright Tremaine LLP One Embarcadero Center Suite 600 San Francisco, CA (415)

Rhonda Anderson, RHIA, President  …is a PROCESS, not a PROJECT 2.

HIPAA Privacy Rules: What Are Plan Sponsors Required to Do?

1 Privacy Plan of Action © HIPAA Pros 2002 All rights reserved.

© 2004 Moses & Singer LLP HIPAA and Patient Privacy Issues Raised by the New Medicare Prescription Drug Program National Medicare Prescription Drug Congress.

HIPAA Privacy Rule Implementation Status Report Richard M. Campanelli, J.D. Director, Office for Civil Rights Before the The Tenth National HIPAA Summit.

U.S. Benefits Group HIPAA Summit Audioconference A Case Study in Employer HIPAA Privacy Compliance Approaches Fred J. Thiele, JD, MBA Legal Compliance.

HIPAA Privacy Rule Positive Changes Affecting Hospitals’ Implementation of the Rule.

CAN THE CANNED FORMS: Practical Advice in Implementing HIPAA Privacy Policies and Forms Margaret Marchak, Esq. Rachel Nosowsky, Esq. HIPAA Summit West.

©2002 by the National Committee for Quality Assurance NCQA and HIPAA “A match made in ?” The Fifth National HIPAA Summit Sharon King Donohue, JD General.

HIPAA TRIVIA Do you know HIPAA?. HIPAA was created by?  The Affordable Care Act  Health Insurance companies  United States Congress  United States.

Final HIPAA Privacy Rule: The Research Provisions Julie Kaneshiro DHHS Office for Human Research Protections Phone: Fax:

HIPAA Privacy Rule Training

Overview of Structure General Data Protection Regulation (GDPR)

Jan 2016 Solar Lunar Data.

IT Strategy Roadmap Template

Timeline Roadmap Template

HIPAA Administrative Simplification

Disability Services Agencies Briefing On HIPAA

HIPAA Privacy The Morning After

Gantt Chart Enter Year Here Activities Jan Feb Mar Apr May Jun Jul Aug

Purchasing Contracts Training

National Congress on Health Care Compliance

HIPAA Policy & Procedure Strategies

Back-End Payor Sub-Group

Analysis of Final HIPAA Privacy Modification Rule

Presentation transcript:

U.S. Benefits Group Fifth National HIPAA Summit A Case Study in Employer HIPAA Privacy Compliance Approaches Fred J. Thiele, JD, MBA Legal Compliance Manager U.S. Benefits Group Intel Corporation Chandler, AZ November 1, 2002

U.S. Benefits Group Page 2 11/1/02 Employer Case Study – Intel ® Intel is “covered entity” under HIPAA regs by virtue of fact that it maintains a self- funded group health plan Cross-functional HIPAA privacy compliance team assembled in January 2002 –Representatives from Benefits Design/Ops, Call Center, HRD, Occ Health, Gen. Acctg., HR Legal –Coordination with other corporate privacy initiatives (e.g., SSN) –Trained in basic “ins and outs” of HIPAA privacy

U.S. Benefits Group Page 3 11/1/02 Employer Case Study – Intel ® First task: Root out all uses or disclosures of “individually identifiable health information” in company –Accomplished via comprehensive information inventory conducted by team Aggregate inventory subjected to two tests for classification purposes: –“Protected Health Info.” vs. Non-PHI LOA, STD/LTD, and “de-identified” or “summary health” items fell out as non-PHI –“Treatment, Payment, H/C Ops” vs. Non-TPO All PHI items at Intel were TPO, which is favored over non-TPO and thus has fewer restrictions

U.S. Benefits Group Page 4 11/1/02 Employer Case Study – Intel ® Inventory turned up 10 unique uses and disclosures of PHI –Drafted compliant internal guidelines/procedures tailored to these uses and disclosures Applying “minimum necessary” and proper safeguards Good news is that business disruption will be minimal since company already does fine job honoring privacy Group health plan documents and supplier contracts revised as required –Amended plan documents to allow plan sponsor access to PHI (Sec (f)) –Implemented “business associate” (BA) agreements with outside suppliers Corp. Purchasing negotiated model HHS language into new/existing supplier contracts

U.S. Benefits Group Page 5 11/1/02 Employer Case Study – Intel ® Key tasks remaining on roadway to compliance... –Designation of privacy official –Execution of training and communication plans Training for Benefits Ops, Call Center Privacy notice distribution; revision of employee handbook (SPD), Call Center scripting –Quality Assurance Final review of all relevant HHS regs/guidance against compliance processes leading up to 4/14/03

U.S. Benefits Group Page 6 11/1/02 Employer Case Study – Intel ® Biggest challenges throughout project: –Seizing upon ERISA preemption to shield company from any stronger state privacy regs –Possible independent CE status of Occ Health under “health care provider” definition in regs –Differentiating “consents” from “authorizations” Final regs render former almost irrelevant –Understanding shifting concept of “marketing” so as not to get tangled in its grasp Company wanted to ensure that popular disease management and wellness initiatives didn’t cross line

U.S. Benefits Group Page 7 11/1/02 HIPAA Privacy Compliance Project High Level Project Timeline Ongoing Review of HHS Regs and Guidance Jan Feb Mar Apr May Jun Jul Aug Sept Oct Nov Dec Jan Feb Mar Apr Team Org. Analysis Compliance Plan Design Guideline Preparation Plan Docs Amendment Implementation Training Communications QA Compliance Date (4/14/03) We are here