Presentation is loading. Please wait.

Presentation is loading. Please wait.

HIPAA Requirements for Computer-based Patient Record Systems and the CPR Selection Toolkit Caroline Samuels MD

Published bySilvester Hill Modified over 8 years ago

Similar presentations

Presentation on theme: "HIPAA Requirements for Computer-based Patient Record Systems and the CPR Selection Toolkit Caroline Samuels MD"— Presentation transcript:

1 HIPAA Requirements for Computer-based Patient Record Systems and the CPR Selection Toolkit Caroline Samuels MD csamuels@pol.net

2 JHITA November, 20012 Overview CPR Functional Requirements to Support HIPAA Implementation –Procedural –Technical –Implementation-Dependant CPRI-Host CPR Selection Toolkit –What is it? –Target Population – Users –Target Population - Vendors –How Does it Work?

3 JHITA November, 20013 CPR System Requirements for HIPAA Procedural Most of the new HIPAA Requirements are largely Procedural –Appointment of Security Officer –Security Programs and Training –Consent and Authorization Requirements –Patient rights –Security procedures (audits, assessments, etc.)

4 JHITA November, 20014 CPR System Requirements for HIPAA Technical: Encryption for messages sent “in the clear” Capability to limit functions/access by role Capability to attribute actions to an individual Capability to treat information at a granular level Capability to produce audit trails

5 JHITA November, 20015 CPR System Requirements for HIPAA Implementation-dependent System Implementation vrs System Capability –Example - System may be capable of role- based access, but can be implemented such that all users can access all information. This would result in non- compliance with HIPAA requirements

6 JHITA November, 20016 CPR System Requirements for HIPAA Implementation-dependent For currently installed products –Table modifications (codes, redefinitions) –Upgrades (encryption) –New access categories (patient) –Password functionality (expiration) –Customizations (warning screens)

7 JHITA November, 20017 CPR System Features for HIPAA Support Patient Access to His/Her Record System Requirement: –Print-out of the record or –Access to the electronic record Access to ONLY the patient’s own record If remote access – secure access

8 JHITA November, 20018 CPR System Features for HIPAA Support Patient-requested Amendment System Requirements: –System capable of capturing patient- submitted amendment if accepted –System supports notification of persons who are know to have received previous information –If denied, system captures request/denial

9 JHITA November, 20019 CPR System Features for HIPAA Support Consents System Requirements: –System captures patient consent –System captures revocation of consent

10 JHITA November, 200110 CPR System Features for HIPAA Support Authorization (if supported by CPR) System Requirements: –System captures authorization –System captures revocation, expiration of authorization, and can fire alert based on date –System captures name, address of entity getting the released information –System captures the description of the information released

11 JHITA November, 200111 CPR System Features for HIPAA Support Authorizations (cont.) –System captures a description of the information released –System captures the purpose of the release –System can produce a record of all disclosures for a given patient with all relevant information (enumerated above) covering preceding 6 years

12 JHITA November, 200112 CPR System Features for HIPAA Support Minimum Necessary [Not applicable for treatment purposes] –Role-based access –Database retains and reports information at a granular level –Audits report individual access at a granular level

13 JHITA November, 200113 CPR System Features for HIPAA Support Research [Requirements largely procedural, IRB] –Ability to de-identify information, remove: Name Address All identification numbers All dates except year Etc [regulation contains a complete list] –Ability to report de-identified aggregate data

14 JHITA November, 200114 CPR System Features for HIPAA Security Requirements [final rule pending] Authorization controls Role-based access Emergency access Authentication control Password controls Audit controls Data integrity Workstation time- out Automatic back- up Virus Protection

15 JHITA November, 200115 CPR Selection Toolkit Web-based Service www.cpri-host.org Database of Feature/Functions of a Computer-based Patient Record (CPR) system (over 350 items) Vendor-submitted specifications

16 JHITA November, 200116 CPR Selection Toolkit Target Population - Users Practicing Physicians, Solo and Group Practices Small Clinics Target Vendors CPR Vendors with and without Practice Management partners Niche Vendors supporting medical practice (Rx, Patient call-back, dictation, etc.)

17 JHITA November, 200117 CPR Selection Toolkit Function User Selects Priority features, practice setting and price constraints Toolkit software lists CPR products meeting the specified criteria Search parameters modifiable to repeat search in order to adjust length of candidate list Complete feature/function list and contact information of candidate systems reported

18 JHITA November, 200118 Questions

Download ppt "HIPAA Requirements for Computer-based Patient Record Systems and the CPR Selection Toolkit Caroline Samuels MD"

Similar presentations

Todd Frech Ocius Medical Informatics 6650 Rivers Ave, Suite 137 North Charleston, SC 29406 843-576-1426 Health Insurance Portability.

Todd Frech Ocius Medical Informatics 6650 Rivers Ave, Suite 137 North Charleston, SC Health Insurance Portability.
HIPAA Security Standards Emmanuelle Mirsakov USC School of Pharmacy.

HIPAA Security Standards Emmanuelle Mirsakov USC School of Pharmacy.
ISecurity Compliance with HIPAA. Part 1 About HIPAA.

ISecurity Compliance with HIPAA. Part 1 About HIPAA.
Presented by Elena Chan, UCSF Pharm.D. Candidate Tiffany Jew, USC Pharm.D. Candidate March 14, 2007 P HARMACEUTICAL C ONSULTANTS, I NC. P RO P HARMA HIPAA.

Presented by Elena Chan, UCSF Pharm.D. Candidate Tiffany Jew, USC Pharm.D. Candidate March 14, 2007 P HARMACEUTICAL C ONSULTANTS, I NC. P RO P HARMA HIPAA.
1 The HIPAA Privacy Rule and Research This presentation will probably involve audience discussion, which will create action items. Use PowerPoint to keep.

1 The HIPAA Privacy Rule and Research This presentation will probably involve audience discussion, which will create action items. Use PowerPoint to keep.
HIPAA Basics Brian Fleetham Dickinson Wright PLLC.

HIPAA Basics Brian Fleetham Dickinson Wright PLLC.
Chapter 10. Understand the importance of establishing a health care organization-wide security program. Identify significant threats—internal, external,

Chapter 10. Understand the importance of establishing a health care organization-wide security program. Identify significant threats—internal, external,
National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.

National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.
HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.

HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.
Bringing HIPAA to Hospital Systems HIPAA impact on hospital systems viaMD solution for HIPAA compliance W e b e n a b l i n g Pa t i e n t A d m i t t.

Bringing HIPAA to Hospital Systems HIPAA impact on hospital systems viaMD solution for HIPAA compliance W e b e n a b l i n g Pa t i e n t A d m i t t.
Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna 412-396-4419.

Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
Privacy, Security, Confidentiality, and Legal Issues

Privacy, Security, Confidentiality, and Legal Issues
Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.

Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.
Implementation of Privacy Board Reviews at PCMC Mary Thomason, Intermountain Healthcare Privacy Board Chair.

Implementation of Privacy Board Reviews at PCMC Mary Thomason, Intermountain Healthcare Privacy Board Chair.
1 HIPAA, Researchers and the IRB: Part Two Alan Homans, IRB Chair and Nancy Stalnaker, IRB Administrator.

1 HIPAA, Researchers and the IRB: Part Two Alan Homans, IRB Chair and Nancy Stalnaker, IRB Administrator.
HIPAA, Researchers and the IRB Alan Homans, IRB Chair and Nancy Stalnaker, IRB Administrator.

HIPAA, Researchers and the IRB Alan Homans, IRB Chair and Nancy Stalnaker, IRB Administrator.
© 2013 The McGraw-Hill Companies, Inc. All rights reserved. Chapter 9 Tests, Procedures, and Codes.

© 2013 The McGraw-Hill Companies, Inc. All rights reserved. Chapter 9 Tests, Procedures, and Codes.

Similar presentations

Ads by Google