Presentation is loading. Please wait.

Presentation is loading. Please wait.

©2002 by the National Committee for Quality Assurance NCQA and HIPAA “A match made in ?” The Fifth National HIPAA Summit Sharon King Donohue, JD General.

Published byAndrea Fowler Modified over 8 years ago

Similar presentations

Presentation on theme: "©2002 by the National Committee for Quality Assurance NCQA and HIPAA “A match made in ?” The Fifth National HIPAA Summit Sharon King Donohue, JD General."— Presentation transcript:

1 ©2002 by the National Committee for Quality Assurance NCQA and HIPAA “A match made in ?” The Fifth National HIPAA Summit Sharon King Donohue, JD General Counsel, Chief Privacy Officer November 1, 2002

2 NCQA: Mission is to improve the health of people everywhere  Nonprofit accreditor with long standing commitment to protecting privacy  Privacy standards pre-date HIPAA

3 NCQA: Programs and Data  Accreditation & Certification Programs: HMO, PPO, Disease Management, Credentials Verification, Physician Organizations, Managed Behavioral Health, Human Research Protection  Data Collection and Analysis: Measures development; assessment and reporting of quality performance

4 HIPAA & Accreditation Reviews Accreditation & Certification Surveys: Rigorous reviews of the clinical and administrative systems necessary for quality care and service  Includes file reviews containing Protected Health Information (PHI)

5 HIPAA & QI Activities Impact of the final privacy regulation:  Clarified that the definition of “Health Care Operations” includes quality improvement activities, including accreditation [45 CFR 164.501]  Eliminated the consent requirement when PHI is used or disclosed for Treatment, Payment and Health Care Operations (TPO) [67 FR 53182]

6 Alignment of Accreditation Standards with HIPAA Changes effective July 2003: Consent  Removed requirements for organizations to obtain routine consent  For uses beyond TPO, authorization still required  Must give notice of privacy practices (no signature required)

7 Alignment of Accreditation Standards with HIPAA, cont. Changes for 2003: Members’ Rights  Member must have rights to Access, Amend and Receive an Accounting of Disclosures  Incorporated protections concerning disclosure of PHI to employers

8 Alignment of Accreditation Standards with HIPAA (con’t) Changes for 2003: Definitions & Delegations  Incorporate definition of PHI  Privacy Officer  Some BA requirements incorporated in delegation standards

9 HIPAA Comparative Analysis For a comprehensive comparative analysis, see the AHLA publication “National Accreditation Standards and HIPAA: A Comprehensive Analysis.”

10 HIPAA & Data Collection and Analysis HEDIS ® : A set of measures (HEDIS, CAHPS ®, HOS) used to assess the quality of clinical care and services provided. Involves the collection of data containing PHI.  Measures development  Assessment and reporting of quality performance

11 HIPAA & HEDIS Analysis of HEDIS - related activities under HIPAA:  Final rule removed obstacles to requiring access to HEDIS data  Data Use Agreement (DUA) required for NCQA  Limited Data Set applies

12 NCQA HIPAA Readiness: Business Associate Contract Draft Business Associate Contract Addendum Addresses: Business Associate Contract Provisions Required by the Privacy Regulation NCQA’s Data Collection Activities - data aggregation Data Use Agreement

13 Business Associate Contract (Con’t) Timeline for BA Addendum:  Currently being field tested – comments due by 11/06/02  Final version completed by 11/22/02 and mailed to all NCQA accredited and certified covered entities

14 NCQA HIPAA Readiness: Internal Operations Privacy & Security Protections Tracking requests for Access, Amendments and Accounting of Disclosures Data Use, Storage and Disposal Data Transmission

15 Certification for Business Associates  NCQA is developing a program to certify privacy practices of business associates  Goal: To provide “Satisfactory safeguards” of privacy practices  Includes self assessment, review of policies and procedures and on-site review

16 Certification for Business Associates Why get certified or require certification?  Reduces costs of due diligence and oversight  Makes contracting easier  Demonstrates reasonable safeguards and potentially reduces liability  May result in insurance discounts

17 Certification for Business Associates Areas covered under draft standards:  Internal Operations (self-assessment, internal safeguards, personnel, breaches of protections)  Covered entities and agents (contracts, uses & disclosures)  Consumer Rights (access & amendments to PHI, accountings & disclosures, authorizations)  Use and disclosure of PHI (tracking, accountings, minimum necessary, security, de-identification)

18 Certification for Business Associates  Draft standards public comment mid- November  Final standards mid-April 2003  Surveys commence June 2003  Early adopters December 31, 2003 –First 10 get 20% discount

19 NCQA HIPAA Contacts  BA Addendum – Sharon King Donohue (202) 955-1704 donohue@ncqa.org or Patricia Pergal (202) 955-3595 pergal@ncqa.orgdonohue@ncqa.org pergal@ncqa.org  Certification of privacy practices for Business Associates – Bill Tulloch (202) 955-5145 tulloch@ncqa.org or Anna Mangum (202) 955-1722 mangum@ncqa.orgtulloch@ncqa.org mangum@ncqa.org

Download ppt "©2002 by the National Committee for Quality Assurance NCQA and HIPAA “A match made in ?” The Fifth National HIPAA Summit Sharon King Donohue, JD General."

Similar presentations

JCAHO –A HIPAA Business Associate National HIPAA Summit

JCAHO –A HIPAA Business Associate National HIPAA Summit
The HIPAA Privacy Rule And Its Impact On Agents And Employers National Association of Health Underwriters Capitol Conference March 23, 2003 Joseph T. Holahan,

The HIPAA Privacy Rule And Its Impact On Agents And Employers National Association of Health Underwriters Capitol Conference March 23, 2003 Joseph T. Holahan,
Presented by Elena Chan, UCSF Pharm.D. Candidate Tiffany Jew, USC Pharm.D. Candidate March 14, 2007 P HARMACEUTICAL C ONSULTANTS, I NC. P RO P HARMA HIPAA.

Presented by Elena Chan, UCSF Pharm.D. Candidate Tiffany Jew, USC Pharm.D. Candidate March 14, 2007 P HARMACEUTICAL C ONSULTANTS, I NC. P RO P HARMA HIPAA.
Chapter 3 Health Care Information Systems: A Practical Approach for Health Care Management 2nd Edition Wager ~ Lee ~ Glaser.

Chapter 3 Health Care Information Systems: A Practical Approach for Health Care Management 2nd Edition Wager ~ Lee ~ Glaser.
HIPAA Basics Brian Fleetham Dickinson Wright PLLC.

HIPAA Basics Brian Fleetham Dickinson Wright PLLC.
HIPAA: Privacy, Security, and HITECH, Oh My! Presented by Stephanie L. Ganucheau, Special Assistant Attorney General.

HIPAA: Privacy, Security, and HITECH, Oh My! Presented by Stephanie L. Ganucheau, Special Assistant Attorney General.
1. As a Florida KidCare community partner families entrust you to not only help them navigate the Florida KidCare system but to keep the information they.

1. As a Florida KidCare community partner families entrust you to not only help them navigate the Florida KidCare system but to keep the information they.
HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.

HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.
Confidentiality and HIPAA

Confidentiality and HIPAA
HIPAA Privacy Rule Training

HIPAA Privacy Rule Training
Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.

Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.
HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) 252-9321; Victoria Nemerson.

HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) ; Victoria Nemerson.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.

TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.

COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.
Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.

Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.
August 10, 2001 NESNIP PRIVACY WORKGROUP HIPAA’s Minimum Necessary Standard Presented by: Mildred L. Johnson, J.D.

August 10, 2001 NESNIP PRIVACY WORKGROUP HIPAA’s Minimum Necessary Standard Presented by: Mildred L. Johnson, J.D.
HIPAA Compliance Strategies for Employers, METs, MEWAs and Taft Hartley Union Trust Funds The HIPAA Colloquium at Harvard University Presented by: Melissa.

HIPAA Compliance Strategies for Employers, METs, MEWAs and Taft Hartley Union Trust Funds The HIPAA Colloquium at Harvard University Presented by: Melissa.
HEAVEN’S HANDS COMMUNITY SERVICE H.I.P.A.A. What is HIPAA? HIPAA stands for the Health Insurance Portability and Accountability Act, which was passed.

HEAVEN’S HANDS COMMUNITY SERVICE H.I.P.A.A. What is HIPAA? HIPAA stands for the Health Insurance Portability and Accountability Act, which was passed.

Similar presentations

Ads by Google