March 19, 2003 Audioconference Approaches to Compliance with the HIPAA Privacy and Security Workforce Training Requirements Presented by: Steven S. Lazarus,

Slides:

Advertisements

Similar presentations

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

Advertisements

Electronic Medical Records: Implications of HIPAA for Selecting and Implementing an EMR Todd Frech Senior Partner

Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

NAU HIPAA Awareness Training

Improving Efficiency and Increasing Patient Satisfaction by Leveraging HIPAA Standards, Including Privacy and Transactions and Data Code Sets Presented.

Walking Through the Breach Notification Process - Beginning to End HIPAA COW Presentation and Panel April 8, 2011.

Security Controls – What Works

1 CHCOHS312A Follow safety procedures for direct care work.

COMPLYING WITH HIPAA BUSINESS ASSOCIATE REQUIREMENTS Quick, Cost Effective Solutions for HIPAA Compliance: Business Associate Agreements.

1 HIPAA Security Overview Centers for Medicare & Medicaid Services (CMS)

Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.

Component 2: The Culture of Health Care Unit 3: Health Care Settings— The Places Where Care Is Delivered Lecture 3 This material was developed by Oregon.

“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.

WORKSHOP IV Integrating Ethics, Compliance, Privacy and Security into a Single Organizational Initiative Geralyn Kidera JD Senior Vice President Council.

Approaches to Implementation of the Transactions and Codes Sets Addendum Presented by: Steven S. Lazarus, PhD, FHIMSS President Boundary Information Group.

Copyright ©2011 by Pearson Education, Inc. Upper Saddle River, New Jersey All rights reserved. Health Information Technology and Management Richard.

Making Health Savings Accounts Work: Interoperable with Health Plans, Providers and Patients Steven S. Lazarus, PhD, CPEHR, CPHIT, FHIMSS September 27,

STEVEN S. LAZARUS, PHD, CPEHR, CPHIT, FHIMSS PRESIDENT, BOUNDARY INFORMATION GROUP AUGUST 20, – The Twelve Year Journey is Not Over.

HIPAA Policies, Procedures and Training Margret Amatayakul, RHIA, CHPS, FHIMSS President, Margret\A Consulting, LLC Steven S. Lazarus, PhD, FHIMSS Boundary.

Transactions and Code Sets and the National Provider Identifier (NPI) By: Steven. Lazarus, PhD, CPEHR, CPHIT, FHIMSS Boundary Information Group December.

Strategic Human Resource Management Copyright © Texas Education Agency, All rights reserved.

Copyright Boundary Information Group 2002 HIPAA CASE STUDIES: A SURVEY OF 10 HEALTH SYSTEMS’ HIPAA COMPLIANCE EFFORTS Steven S. Lazarus, PhD, FHIMSS President,

1.Summary of Needs Analysis 2.Summary of Action Plan 3.Systems Analysis between Microsoft SharePoint® and OpenText Content Server 4.System Recommendation.

Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill Chapter 6 The Privacy and Security of Electronic Health Information.

Eliza de Guzman HTM 520 Health Information Exchange.

September 12, 2004 Simplifying the Administration of HIPAA Security Angel Hoffman, RN, MSN Director, Corporate Compliance University of Pittsburgh Medical.

© 2013 The McGraw-Hill Companies, Inc. All rights reserved. Ch 8 Privacy Law and HIPAA.

The Fifth National HIPAA Summit – October 30, 2002 What to Do Now: Operational Implementation of HIPAA Privacy and Security Training Presented by: Steven.

HIPAA Vendor Readiness Siemens/HDX Audio Telecast July 24, 2002.

The Culture of Healthcare Privacy, Confidentiality, and Security Lecture d This material (Comp2_Unit9d) was developed by Oregon Health and Science University,

Working with HIT Systems

HIPAA Security A Quantitative and Qualitative Risk Assessment Rosemary B. Abell Director, National Healthcare Vertical Keane, Inc. HIPAA Summit VII September.

Copyright © Emerson Strategic Group, Inc. All Rights Reserved 1 Ninth National HIPAA Summit Auditing for Privacy Compliance: A Case Study September.

The IT Vendor: HIPAA Security Savior for Smaller Health Plans?

Transactions and Code Sets and the National Provider Identifier (NPI) Steven S. Lazarus, PhD, CPEHR, CPHIT, FHIMSS September 25, 2006.

Confidential 1 HIPAA Compliance at Blue Cross Blue Shield of Minnesota: A Case Study Tim Wittenburg Director of Corporate Architecture & Data Management.

Vendor and Clearinghouse Requirements for HIPAA Compliance HIPAA Summit Audio Conference Presented By: Steven S. Lazarus, PhD, FHIMSS Boundary Information.

HIPAA Security Final Rule Overview

Careers in Distribution, Copyright 2005, WERC Careers in Distribution Management Jobs.

HIPAA Security John Parmigiani Director HIPAA Compliance Services CTG HealthCare Solutions, Inc.

Chapter 8 Auditing in an E-commerce Environment

HIPAA Transactions and Code Sets U.S. Healthcare Industry at a Tipping Point Steven S. Lazarus, PhD, CPHIT, CPEHR, FHIMSS April 7, :30 pm –

HIPAA HEALTH INSURANCE PORTABILITY ACOUNTABILITY ACT.

ASCA Transaction Extension and Resources to Help Extending Your Compliance Deadline for Transactions & Code Sets April 19, 2002 Steven S. Lazarus, PhD,

Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill/Irwin Chapter 6 The Privacy and Security of Electronic Health Information.

April 14, 2003 – HIPAA Privacy Audioconference The Importance of April 14, 2003: Where you should be regarding HIPAA privacy policies and procedures and.

The Fourth National HIPAA Summit, April 26, 2002 A SURVEY OF 10 HEALTH SYSTEMS’ HIPAA COMPLIANCE STRATEGIES Presented by: Margret Amatayakul, RHIA, FHIMSS.

Acknowledgement The presenters acknowledge the contributions and suggestions of Margret Amatayakul, RHIA, CHPS, FHIMSS, President, Margret\A Consulting,

Moderated by: Steven S. Lazarus, PhD, FHIMSS President

Paul T. Smith Davis Wright Tremaine LLP

EMPLOYER HIPAA COMPLIANCE STRATEGIES HIPAA Summit Audio Conference

Transactions and Code Sets and the National Provider Identifier (NPI) – Getting Value From the HIPAA Standards Presented by: Steven S. Lazarus, PhD, CPEHR,

HIPAA Update J. T. Ash University of Hawaii System

HIPAA Transactions and Code Sets Implementation Roundtable

Red Flags Rule An Introduction County College of Morris

Electronic Health Records: Overview, Acquisition and Implementation

Final HIPAA Security Rule

HIPAA Transactions and Code Sets Implementation June 6, 2003

Presented by: Steven S. Lazarus, PhD, FHIMSS

OVERVIEW OF CMS GUIDANCE

HIPAA Security Standards Final Rule

HIPAA Security A Quantitative and Qualitative Risk Assessment

National HIPAA Audioconference: update on Crucial HIPAA Privacy and Security Developments – 5 Years After Implementation Steven S. Lazarus, PhD, CPEHR,

The Importance of April 16, 2003: Where You Should be in HIPAA Data Code Sets/Transactions Testing and Compliance Presented by: Steven S. Lazarus, PhD,

Steven S. Lazarus, PhD, CPEHR, CPHIT, FHIMSS President

Strategies to Comply with the HPAA Privacy Rule Before the HIPAA Security and Enforcement Rules are Final Presented by: Steven S. Lazarus, PhD, FHIMSS.

MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further

Colorado “Protections For Consumer Data Privacy” Law

Equipment Maintenance Office Supplies Replenishment

Presentation transcript:

March 19, 2003 Audioconference Approaches to Compliance with the HIPAA Privacy and Security Workforce Training Requirements Presented by: Steven S. Lazarus, PhD, FHIMSS Boundary Information Group, President Training for Compliance, Inc., Vice Chair Workgroup for Electronic Data Interchange, Past Chair March 19, 2003

Copyright © Boundary Information Group BOUNDARY INFORMATION GROUP  Virtual Consortium of health care information systems consulting firms founded in 1995  Internet-Based –Company website: –BIG HIPAA Resources:  Senior Consultants with HIPAA Leadership Experience Since 1992  Clients include: –Hospitals and multi-hospital organizations –Medical groups –Health plans –Vendors

Copyright © Boundary Information Group  Nonprofit Trade Association, founded 1991  190 organizational members –Consumers, Government, Mixed Payer/Providers, Payers, Providers, Standards Organizations, Vendors  Named in 1996 HIPAA Legislation as an Advisor to the Secretary of DHHS  Website:  Strategic National Implementation Process (SNIP) – snip.wedi.org  WEDI Foundation formed in 2001  Steven Lazarus, WEDI Past Chair and Foundation Trustee Workgroup on Electronic Data Interchange

Copyright © Boundary Information Group Workforce Definition  Workforce means employees, volunteers, trainees, and other persons whose conduct, in the performance of work for a covered entity, is under the direct control of such entity, whether or not they are paid by the covered entity.

Copyright © Boundary Information Group Achieving Effective Privacy and Security  Need good Security to achieve Privacy  Privacy Regulation requires Security  Reminders, periodic training, and “breach monitoring” reporting and management will be needed to achieve effective Privacy  Need to train the workforce on the organization’s policies and procedures for Privacy and Security

Copyright © Boundary Information Group Training Issues and Options  Define workforce categories –Few workforce categories Easy to administer –Assign workforce to courses Less customization to create and maintain –Many workforce categories May be difficult to administer –Complex management of workforce to training content choices Potential to highly customize content to workforce categories

Copyright © Boundary Information Group Training Issues and Options –Practical Issues Identify source of workforce lists, identifications and passwords Include employees, physicians, volunteers, long-term contract renewal (e.g., Medical Director in a health plan) Use Human Resource application if capable –Names –Job categories –Identifications and passwords from another source Keep passwords and identifications secure

Copyright © Boundary Information Group Training Issues and Options  Tests –Use to document learning for compliance –Set passing score –Consider Continuing Education credits (can not change content significantly and maintain credits)

Copyright © Boundary Information Group Training Issues and Options  Training Options –In person – classroom Can customize Questions and answers addressed by trainer Difficult to schedule for new workforce members Can use paper or automated testing

Copyright © Boundary Information Group Training Issues and Options –Video or Workbooks Can not customize No questions and answers Need VCRs and/or supply of Workbooks

Copyright © Boundary Information Group Training Issues and Options –E Learning May be able to customize Limited questions and answers Flexible schedule for training for current and new workforce Can integrate training with organization’s policies and procedures There may be technological barriers depending on delivery mode Automated testing and learning reinforcement

Copyright © Boundary Information Group Training Cost  Cost/Budget –Product Fixed price Per course per person Maintenance –Customized setup Policies and Procedures State Law pre-emption for Privacy CEs Assign courses to individuals

Copyright © Boundary Information Group Training Cost –Workforce training time Salaries and benefits CE offset –CE value/budget –Technology Several VCRs, monitors, and rooms, website Support – internal and external –Administrative Record keeping Management

Copyright © Boundary Information Group Setup Issues  Setup Time and Resources –Assignment of internal staff/outsource –Initially may require dedicated staff, rooms, and equipment  Pilot Training –Evaluate learning

Copyright © Boundary Information Group HIPAA READINESS Steve Lazarus Company website: HIPAA website: HIPAA training: HIPAA Regulations and Policies and Procedures: