Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Implementation of HIPAA Joan M. Kiel, Ph.D., C.H.P.S. Duquesne University Pittsburgh, Pennsylvania.

Published byMadeline Morgan Modified over 9 years ago

Similar presentations

Presentation on theme: "The Implementation of HIPAA Joan M. Kiel, Ph.D., C.H.P.S. Duquesne University Pittsburgh, Pennsylvania."— Presentation transcript:

1 The Implementation of HIPAA Joan M. Kiel, Ph.D., C.H.P.S. Duquesne University Pittsburgh, Pennsylvania

2 HIPAA Parts HIPAA: 6 of 11 Parts Released: Transactions & Code Sets [2002] Privacy [2003] Unique Identifier- Employer [2004] Security [2005] Enforcement [2006] Unique Identifier – Provider (NPI) [2007]

3 HIPAA Parts HITECH: Health Information Technology for Economic & Clinical Health Act [2/2010] HIPAA Compliance Audit Protocol [7/2012] HIPAA “MegaRule” [1/25/2013]

4 HIPAA Personnel Role Privacy Person [45CFR164.530(a)(1)(i)] Security Person [45CFR164.308(a)(2)] The Federal Government mandates that covered entities have both a privacy person and a security person. This person(s) implements and manages the previously mentioned policies

5 What Needs to Be Done For each of the policies, the HIPAA person will do the following 11 items. This is an ongoing process as an item is truly never done; just like your other work.

6 1. HIPAA Committee Representatives from health services and medical records, information technology, management, finance, and policy.

7 2. Policies & Procedures For the six HIPAA Rules to date, develop policies from the law, not secondary sources The laws are released in the Federal Register

8 3. Training & Awareness Live or on-line, but must be ongoing Staff meeting awareness Payroll stuffers/emails as awareness Integrate awareness to daily activities

9 4. Documentation Documentation must be retained for six years Critical with July 2012 HIPAA Compliance Audit Protocol & MegaRule

10 5. Risk Assessments & Audits Quarterly Authentication: most likely passwords Data integrity checks Have a policy and process to act on the findings

11 6. Complaint Process People need to be aware of how to file a complaint; thus, post process to file complaints Complaints are only to be HIPAA related Have a policy & process to act on the complaints

12 7. Sanction Process Sanction only for the HIPAA violation Internal investigation and/or OCR Civil and criminal penalties per Enforcement Rule Follow-up on the sanction and charge

13 8. Web Site If the covered entity has a web site, the Notice* of Health Information Privacy Practices must be prominently displayed on the web site. Keep the web site updated * Notice as of February 2009 & MegaRule – July 15, 2014

14 9. Formage Develop forms from the laws. May or may not be able to use from other covered entities (ie. addressable Security Rule policies) Educate staff on the formage

15 10. Business Associate Agreements Assess all those external to the workforce who have access to the covered entity’s PHI Both the Privacy Rule & the Security Rule cover BAA’s. HITECH & MegaRule brought tougher BAA requirements

16 11. Research Play an integral role with the covered entity’s Institutional Review Board Ensure minimum necessary standards for data used in research Look for changes in 2013 or 2014

17 Summary Position outlined by the Six Rules of HIPAA that have been released; stay informed on changes and upcoming Rules Communication Organization Keep current

Download ppt "The Implementation of HIPAA Joan M. Kiel, Ph.D., C.H.P.S. Duquesne University Pittsburgh, Pennsylvania."

Similar presentations

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.
HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.

HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.
HIPAA Basics Brian Fleetham Dickinson Wright PLLC.

HIPAA Basics Brian Fleetham Dickinson Wright PLLC.
HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.

HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.
Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.

Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.
Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.

Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.
HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.

HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.
National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.

National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
Changes to HIPAA (as they pertain to records management) Health Information Technology for Economic Clinical Health Act (HITECH) – federal regulation included.

Changes to HIPAA (as they pertain to records management) Health Information Technology for Economic Clinical Health Act (HITECH) – federal regulation included.
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna 412-396-4419.

Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna
Where to start Ben Burton, JD, MBA, RHIA, CHP, CHC.

Where to start Ben Burton, JD, MBA, RHIA, CHP, CHC.
NAU HIPAA Awareness Training

NAU HIPAA Awareness Training
WHAT IS HIPAA? The Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides certain protections for any of your health information.

WHAT IS HIPAA? The Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides certain protections for any of your health information.
Reviewing the World of HIPAA Stephanie Anderson, CPC October 2006.

Reviewing the World of HIPAA Stephanie Anderson, CPC October 2006.
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
Topics Rule Changes Skagit County, WA HIPAA Magic Bullet HIPAA Culture of Compliance Foundation to HIPAA Privacy and Security Compliance Security Officer.

Topics Rule Changes Skagit County, WA HIPAA Magic Bullet HIPAA Culture of Compliance Foundation to HIPAA Privacy and Security Compliance Security Officer.
HIPAA Regulations What do you need to know?.

HIPAA Regulations What do you need to know?.
HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.

HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.

Similar presentations

Ads by Google