Presentation is loading. Please wait.

Presentation is loading. Please wait.

To improve the quality and efficiency of health care for all stakeholders in the Santa Cruz community. To deliver technology assistance, guidance and.

Published byTerrence Charleson Modified over 9 years ago

Similar presentations

Presentation on theme: "To improve the quality and efficiency of health care for all stakeholders in the Santa Cruz community. To deliver technology assistance, guidance and."— Presentation transcript:

1

2 To improve the quality and efficiency of health care for all stakeholders in the Santa Cruz community. To deliver technology assistance, guidance and information on best practices to providers with the goal of creating a healthcare delivery system that offers a seamless, integrated experience for patients and providers. Provide services and tools to participating healthcare providers to become meaningful users of EHRs connected to the Santa Cruz Health Information Exchange. These are foundational for Accountable Care, Clinical Integration, Medical Home Model and surviving payment reform as independent physicians

3 Privacy refers to patients’ health information and their right to have that information kept confidential. Security refers to the storage, use and electronic exchange of patient health information in a secure environment. Protecting patients’ privacy and securing their health information is a core requirement for the Medicare and Medicaid Electronic Health Records (EHR) Incentive Program referred to as “Meaningful Use Program” (MU). All Providers must comply with HIPAA, not just those with EHR’s or seeking MU incentives

4 On January 17, 2013, the Department of Health and Human Services (HHS) issued a final rule modifying the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security and Enforcement rules, including changes required by the Health Information Technology for Economic and Clinical Health Act (HITECH Act). The rule contains sweeping changes to privacy regulatory requirements which are intended to improve protection and control of personal health information. 4 main topics changed in this final rule: Business associate obligations. – A BA is now defined as any person that Creates, Receives, Maintains or Transmits PHI. New template available March 2013 Enhanced protections for PHI – Limitations on use of disclosure for marketing & fundraising Expanded individual rights – Patients have the right to electronic copies f PHI, and the right to RESTRICT PHI to health plan where the patient has paid out of pocket. Enhanced penalties and enforcement – Penalties are capped at max of $1.5 per violation Modified breach notification protocol – Entities no longer have discretion in deciding whether an incident was a “breach”. You must report The Final Rule is effective on March 26, 2013, and compliance is required by September 23, 2013

5 Your practice is responsible for taking the steps needed to protect the confidentiality, integrity and availability of health information, to comply with HIPAA Policies that are already in place, and to comply with CMS Meaningful Use Requirements.

6

7 To facilitate the electronic exchange of patient information a secure and professionally maintained internet connection is a necessity, not an option. To gain patients’ trust, it is important to ensure that all security measures and policies are up-to- date and enforced.

8  Surgeons of Lake County – Server taken over  Billing service recycles paper PHI – Doctors fined $140K  Hospice of North Idaho – Laptop stolen $50K fine  Common Themes ◦ “did not adequately implement sufficient protections to ensure security of electronic protected health information” ◦ “failed to manage business associate relationships”

9  Build and manage infrastructure.  Departmentalize staff & set security levels.  Manage vendor relationships; have BAA’s when required (new laws effective 2013), audit annually.  Develop security awareness programs and training, repeating regularly. Keep documentation for audit purposes.  Each Practice MUST have a Privacy AND a Security Officer – and they must fulfill their responsibilities  Anticipate and Address Patient Privacy Concerns.

10 To fulfill requirements for Stage 1 Meaningful Use EP’s needed to attest they have met certain requirements regarding use of the EHR for patient care. The attestation for Core Measure 15 is a confirmation, on the part of the EP, that those requirements have been met. CMS is actively conducting audits on information systems (IS) to ensure those requirements have been successfully met and documented. You are required to conduct a security risk analysis, implement security updates and identify security deficiencies.

11 CalOHII provides several unique tools to help California patients, providers, and health information organizations understand secure exchange of health information. There is a very valuable FREE tool available to you to perform a self-security audit. The HIPAA Security Toolkit is designed to assist medium to small providers with understanding HIPAA security standards requirements and for them to ascertain their organization’s HIPAA security needs. Click on the link Create a user account Allow approximately. 1-2 hours to complete Review report. You will be able to go back into the system and update your answers as you identified gaps and develop processes, policies and procedures. Self-Assessment Security Audit Tool

12 Resources It is highly recommended that you conduct a security self-audit. CalOHII has a free tool available to guide you through the process and provide you with reports which allows you to save and update as you correct areas of compliance concerns. https://www.ohii.ca.gov/securitytool/downloads/CalOHII_HSR_User_Guide.pdf http://www.ohii.ca.gov/calohi/PrivacySecurity/ToolstoHelpYou.aspx Other resources available:  Health Information Privacy, Security, and Your EHR: http://www.healthit.gov/providers- professionals/ehr-privacy-securityhttp://www.healthit.gov/providers- professionals/ehr-privacy-security  Communicating with your patients about health information privacy: http://www.healthit.gov/patients-families http://www.healthit.gov/patients-families  Healthcare Info Security: http://www.healthcareinfosecurity.comhttp://www.healthcareinfosecurity.com

13  Public Website with the entire series of webinars and documents in February  PMG “Blue Portal”  PMG Technology Support 465-7877

14

15 What’s Next? CHEQ Interface Grant Announcement – Webinar Mon, Feb 4, 2013 Choosing an EHR – Webinar Fri, Feb 15, 2013 Direct Messaging – Webinar Tues, Feb 19, 2013 2013 PMG Electronic Citizenship – Webinar, Thurs, Feb 28, 2013

16 Questions?

17 Thank you for attending ! Please complete the survey that you will be receiving shortly We welcome your feedback and comments! Contact: info@pmgscc.cominfo@pmgscc.com PMG IT Depart. 831-465-7877

Download ppt "To improve the quality and efficiency of health care for all stakeholders in the Santa Cruz community. To deliver technology assistance, guidance and."

Similar presentations

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.
1 The Health Insurance Portability and Accountability Act (HIPAA) A guided tutorial for GVSU employees.

1 The Health Insurance Portability and Accountability Act (HIPAA) A guided tutorial for GVSU employees.
HIPAA Basics Brian Fleetham Dickinson Wright PLLC.

HIPAA Basics Brian Fleetham Dickinson Wright PLLC.
SCHIE Mission To improve the quality and efficiency of health care for all stakeholders in the Santa Cruz community. To deliver technology assistance,

SCHIE Mission To improve the quality and efficiency of health care for all stakeholders in the Santa Cruz community. To deliver technology assistance,
Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.

Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.
HIPAA Privacy Rule Training

HIPAA Privacy Rule Training
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
HIPAA What’s New? 2010. What Is HIPAA Health Insurance Portability and Accountability Act of 1996 Health Insurance Portability and Accountability Act.

HIPAA What’s New? What Is HIPAA Health Insurance Portability and Accountability Act of 1996 Health Insurance Portability and Accountability Act.
Changes to HIPAA (as they pertain to records management) Health Information Technology for Economic Clinical Health Act (HITECH) – federal regulation included.

Changes to HIPAA (as they pertain to records management) Health Information Technology for Economic Clinical Health Act (HITECH) – federal regulation included.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna 412-396-4419.

Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna
NAU HIPAA Awareness Training

NAU HIPAA Awareness Training
Reviewing the World of HIPAA Stephanie Anderson, CPC October 2006.

Reviewing the World of HIPAA Stephanie Anderson, CPC October 2006.
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
Topics Rule Changes Skagit County, WA HIPAA Magic Bullet HIPAA Culture of Compliance Foundation to HIPAA Privacy and Security Compliance Security Officer.

Topics Rule Changes Skagit County, WA HIPAA Magic Bullet HIPAA Culture of Compliance Foundation to HIPAA Privacy and Security Compliance Security Officer.
HIPAA Regulations What do you need to know?.

HIPAA Regulations What do you need to know?.
HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.

HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.
COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.

COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.
2014 HIPAA Refresher Omnibus Rule & HIPAA Security.

2014 HIPAA Refresher Omnibus Rule & HIPAA Security.
Jill Moore April 2013 HIPAA Update: New Rules, New Challenges.

Jill Moore April 2013 HIPAA Update: New Rules, New Challenges.

Similar presentations

Ads by Google