Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Chapter 3: A Blueprint for Compliance with the Privacy Rule.

Slides:



Advertisements
Similar presentations
Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.
Advertisements

Shelby County Health Department
The Department has declared itself to be a single covered entity. Thus, each and every one of our divisions is a covered entity and must comply with.
HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.
K eep I t C onfidential Prepared by: Security Architecture Collaboration Team.
Privacy and Information Security Training ( ) VUMC Privacy Website
1. As a Florida KidCare community partner families entrust you to not only help them navigate the Florida KidCare system but to keep the information they.
HIPAA and Privacy An Overview of the New Federal Requirements of the Health Insurance Portability and Accountability Act (HIPAA) Reid Cushman, UM Ethics.
HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.
HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.
HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website:
Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.
HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.
National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
The HIPAA Privacy Training Video for EMS Field Providers
HIPAA What’s New? What Is HIPAA Health Insurance Portability and Accountability Act of 1996 Health Insurance Portability and Accountability Act.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
NAU HIPAA Awareness Training
HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.
2014 HIPAA Refresher Omnibus Rule & HIPAA Security.
Jill Moore April 2013 HIPAA Update: New Rules, New Challenges.
Privacy, Security, Confidentiality, and Legal Issues
Business Associate Contracts: Time Is Running Out... Rebecca L. Williams, RN, JD Partner Davis Wright Tremaine LLP Seattle, WA
Copyright © 2009 Wolters Kluwer Health | Lippincott Williams & Wilkins Chapter 9 Recording and Reporting.
Lippincott's Illustrated Reviews: Biochemistry
HIPAA Privacy & Security EVMS Health Services 2004 Training.
HCCA HIPAA Readiness Survey Results Jody Noon Principal Deloitte & Touche Portland, OR November, 2002 John Steiner Esq. Chief Compliance Officer Cleveland.
Protected Health Information (PHI). Privileged Communication An exchange of information between two individuals in a confidential relationship. (Examples:
HIPAA PRIVACY AND SECURITY AWARENESS.
“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.
Privacy and Security of Protected Health Information NorthPoint Health & Wellness Center 2011.
Integrating HIPAA Into Your Compliance Program Fifth Annual National Congress on Health Care Compliance February 7, 2002 Glenna S. Jackson Vice President.
Dealing with Business Associates Business Associates Business Associates are persons or organizations that on behalf of a covered entity: –Perform any.
Copyright ©2011 by Pearson Education, Inc. Upper Saddle River, New Jersey All rights reserved. Health Information Technology and Management Richard.
Computerized Networking of HIV Providers Workshop Data Security, Privacy and HIPAA: Focus on Privacy Joy L. Pritts, J.D. Assistant Research Professor Health.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
© 2009 The McGraw-Hill Companies, Inc. All rights reserved. 1 McGraw-Hill Chapter 2 The HIPAA Privacy Standards HIPAA for Allied Health Careers.
Medical Law and Ethics, Third Edition Bonnie F. Fremgen Copyright ©2009 by Pearson Education, Inc. Upper Saddle River, New Jersey All rights reserved.
Building a Privacy Foundation. Setting the Standard for Privacy Health Insurance Portability and Accountability Act (HIPAA) Patient Bill of Rights Federal.
LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think.
Advanced Issues in Privacy: Drafting and Negotiating Business Associate Contracts Thomas E. Jeffry, Jr. Partner Davis Wright Tremaine LLP Los Angeles,
Davis Wright Tremaine LLP Case Study: Small Group Health Plan HIPAA Privacy Compliance for Employers September 15, 2003 Speaker Jason Froggatt Becky Williams.
Health Insurance Portability and Accountability Act of 1996 HIPAA Privacy Training for County Employees.
Privacy & Confidentiality
HIPAA BASIC TRAINING Presented by Anderson Health Information Systems, Inc.
HIPAA BASIC TRAINING MODULE 1C – Overview (For staff who do not generally create Protected Health Information) Anderson Health Information Systems, Inc.
HIPAA PRACTICAL APPLICATION WORKSHOP Orientation Module 1B Anderson Health Information Systems, Inc.
HIPAA THE PRIVACY RULE. 2 HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti- depressant medications.
Rhonda Anderson, RHIA, President  …is a PROCESS, not a PROJECT 2.
Copyright ©2014 by Saunders, an imprint of Elsevier Inc. All rights reserved 1 Chapter 02 Compliance, Privacy, Fraud, and Abuse in Insurance Billing Insurance.
Copyright © 2008 Wolters Kluwer Health | Lippincott Williams & Wilkins Chapter 14 Designing and Implementing a Data Collection Plan.
HIPAA Privacy Rules: What Are Plan Sponsors Required to Do?
1 Privacy Plan of Action © HIPAA Pros 2002 All rights reserved.
What is HIPAA? Health Insurance Portability and Accountability Act of HIPAA is a major law primarily concentrating on the prolongation of health.
HIPAA Privacy What Every Staff Member Needs to Know.
Reid Cushman, UM Ethics Programs
HIPAA.
Move this to online module slides 11-56
Disability Services Agencies Briefing On HIPAA
Lesson 1  7 Basic Components of an Effective Compliance Plan
HIPAA SECURITY RULE Copyright © 2008, 2006, 2004 by Saunders an imprint of Elsevier Inc. All rights reserved.
Enforcement and Policy Challenges in Health Information Privacy
HIPAA Policy & Procedure Strategies
The Health Insurance Portability and Accountability Act
Introduction to the PACS Security
Presentation transcript:

Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Chapter 3: A Blueprint for Compliance with the Privacy Rule

Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Where Do You Start? Gap Analysis –Identify where you need to be, where you are now, analyze the gap, and ZAP the gaps! Vendor Compliance Checklist –List all vendors and their access to PHI to determine what you need to do Training Checklist –Keep a list of all staff trained and the topics covered

Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Policies to Create Privacy Officer Policy –Be sure you have a privacy officer named and list their duties and responsibilities Policy for the Use of PHI –How will PHI be used in the organization Policy for the use of PHI in QA and Education –It is okay to use PHI here, just protect it. Training Policy –Must be done initially and when policies change

Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Policies (cont’d) Computer Security Policy –How will your computers be secure to protect PHI? Confidentiality Agreements –Everyone must sign a confidentiality agreement Work Area Arrangements –Work area policies for offices –Work area policies for home workers Access Policy for Digital Dictation Systems –Who can access this and how will you protect the information during access?

Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Policies (cont’d) Policy for the Use of Hard Copy PHI –Be sure that hard copy PHI is shredded when you are done using it Policy for Use of the Fax Machine –Be sure you have a privacy notice on all fax cover sheets Policy –When used, should be encrypted for ultimate protection

Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Policies (cont’d) Disaster Recovery Policy –How will you continue to provide both access and protection during a disaster and how will the data be recovered? Policy for Offsite Workers –What special considerations need to be covered if you have offsite workers? Termination Policy –Be sure access is removed when someone is terminated.

Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Policies (cont’d) Breaches and Sanctions Policies –How will breaches be reported? –What sanctions will be used when someone breaches PHI? Complaint Policy –If someone has a complaint, who do they contact and what is the procedure for addressing it? Vendor Policy –What will you require of your vendors to protect the PHI they access in providing services?

Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Policies for Business Associates Business Associate Contract –Agreement to protect the PHI –A statement that says they comply with the laws as if they were a covered entity –Outlines how breaches will be handled –Assures that their subcontractors will also protect the PHI

Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins What about Using Offshore Labor? Offshore labor is not prohibited by the rule Obtain assurances that the offshore worker is capable of protecting the information Require full disclosure about where the work is done Offshore labor is a decision entities needs to make for themselves; just make it a well informed decision!

Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Indemnification Protection in case of a breach of information Will you require it of your business associates? Will your business associates require it of you?

Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Always Remember the Goal: It is about protecting the patient’s information in all circumstances.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.