Presentation is loading. Please wait.

Presentation is loading. Please wait.

Compliance Strategies for Records Management

Published byGarry Thompson Modified over 9 years ago

Similar presentations

Presentation on theme: "Compliance Strategies for Records Management"— Presentation transcript:

1 Compliance Strategies for Records Management
Michelle Ryder

2 Agenda Introduction Higher Education Records Management Scenario
Healthcare Records Management Q&A

3 Introduction BS in Business Administration; UMW
MBA and MS in Healthcare Management; Marymount Marymount Advancement since 2010 Constituent Management Gift Processing Receipts / Tax Compliance Acknowledgements Data Maintenance (Ellucian) Prospect Research Prospect Reports Prospect Management Campaign Research

4 Higher Education Confidentiality Agreements
Employees Usually held by HR and IT departments Protect the institution andconstituents of the institution Students Usually held by Manager of the student worker Certain access granted; protects the institution and constituents and the student! Example for Student Agreement

5 Higher Education Maintenance vs. Inquiry
Marymount = Ellucian All Databases have some form of Inquiry vs. Maintenance Inquiry Access Access to view specific information through the system Maintenance Actual maintenance of data; access to change information and run reports Why does this matter? You should not give maintenance access to more than one or two individuals in a department Procedures as to who updates what are needed

6 Higher Education In-Office Information Privacy
Credit Card Numbers PCI Compliance DO NOT keep cc numbers in office (black out) DO NOT send cc through unless secure Prospect Files Under lock and key No medical or health information Available to prospects at any time

7 Higher Education Pledge Agreements
Verbal vs. Written Verbal cannot be entered as a technical pledge and cannot be enforced Written pledge agreements should be kept as you keep your gift files Should specify exactly what the donor and institution have agreed on (time, contingencies, programs, etc.) Example of our Gift/Pledge Agreement

8 Higher Education Campaign Planning and Campaigns
Campaign Consultants Interviews with Potential Donors Accounting for Pledges vs. Gifts They effect the bottom line differently Record keeping outside of the official gift numbers Excel Spreadsheets Naming Opportunities Presentation to Donor Pledge Releases Anonymous Donors

9 Higher Education FERPA
Rights of Parents Prior Consent for disclosure of information Donor Information FAFSA Information Rights of Students Directory Information Education Records

10 Higher Education Scenario 1
An alumnus calls in looking for contact information for his college girlfriend. He knows her name and grad year. He would like for you to give him her phone number. What should you do?

11 Higher Education Scenario 2
A donor has generously worked out an agreement to donate $1 million to your Catholic University. It turns out, the donor is also a heavy supporter of Planned Parenthood. Should you continue with the agreement or turn down the gift?

12 Healthcare Physical Records
Universal switch to digital records Kept under lock and key Need for more privacy in healthcare; break-ins, stealing, etc.

13 Healthcare Digital Records
Requirements Now required to switch Must be on compatible devices that are password protected Confidentiality All confidentiality laws still apply to digital record keeping Patient Access Patient’s can still request to see their information at any time Websites are being created for Patient’s to login to their own accounts and access their information and request appointments Must be encrypted and password protected

14 Healthcare Confidentiality Agreements and Training (Optima Health)
Each employee is required to sign an updated confidentiality agreement annually Each employee is required to read and sign off on compliance agreements annually Each employee is required to participate in annual webinars based on confidentiality, compliance and workplace ethics

15 Healthcare Computer Restrictions
Insurance companies should restrict access to all organization computers Each employee should have a password and be required to logout of their system anytime they are away from their computer Passwords should be changed regularly Each employee should have independent access based on their needs Employees should only have access to individual patient files if needed

16 Healthcare Digital Copies / Scanning
Password Protected Documents Shared Drives with access granted to individual departments Network Secure System Outside s are secured by typing {SECURE} in subject line

17 Healthcare Confidential Shredding
Most companies are switching to electronic record keeping systems All physical records should be shredded by an organization that specializes in confidential shredding Ex: IronMountain Records should never be placed in trashcans

18 Healthcare Governing body is HIPAA
Healthcare HIPAA Healthcare Governing body is HIPAA “The HIPAA Privacy Rule provides federal protections for individually identifiable health information held by covered entities and their business associates and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of health information needed for patient care and other important purposes.” Covers rights of physicians, insurance agencies, patients, patient’s family, etc. HHS.gov

19 Healthcare Scenario 1 A young woman named Erin is about to attend college. Her stepmother calls your physician’s office to get copies of all needed forms to send to the school. After checking Erin’s record you see that her next of kin are only listed as her mother and father. Her stepmother is persistent. What should you do?

20 Healthcare Scenario 2 You work for a Health Insurance Company. In a staff meeting, someone brings up the need to streamline the process of sending payment information to patients. They want to institute an automated calling system that will notify patients of their upcoming payments. Do you see anything wrong with this? For example, what if you have an incorrect telephone number?

21 QUESTIONS

Download ppt "Compliance Strategies for Records Management"

Similar presentations

Protect Our Students Protect Ourselves

Protect Our Students Protect Ourselves
FERPA: Family Educational Rights and Privacy Act

FERPA: Family Educational Rights and Privacy Act
HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website: www.mc.vanderbilt.edu/HIPAA.

HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website:
Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.

Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.
HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.

HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.
National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.

National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.

The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.

HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.
Are you ready for HIPPO??? Welcome to HIPAA

Are you ready for HIPPO??? Welcome to HIPAA
Rebecca Boughamer Ethics and Accountability in Advancement Services.

Rebecca Boughamer Ethics and Accountability in Advancement Services.
FERPA: Family Educational Rights and Privacy Act.

FERPA: Family Educational Rights and Privacy Act.
1 GRAND VALLEY STATE UNIVERSITY FAMILY EDUCATIONAL RIGHTS & PRIVACY ACT (FERPA) TRAINING OFFICES OF THE REGISTRAR AND UNIVERSITY COUNSEL JANUARY 20, 2009.

1 GRAND VALLEY STATE UNIVERSITY FAMILY EDUCATIONAL RIGHTS & PRIVACY ACT (FERPA) TRAINING OFFICES OF THE REGISTRAR AND UNIVERSITY COUNSEL JANUARY 20, 2009.
What is FERPA? Family Educational Rights and Privacy Act.

What is FERPA? Family Educational Rights and Privacy Act.
Family Educational Rights & Privacy Act (FERPA) An Overview for University Faculty and Staff.

Family Educational Rights & Privacy Act (FERPA) An Overview for University Faculty and Staff.
FERPA The Family Educational Rights and Privacy Act.

FERPA The Family Educational Rights and Privacy Act.
DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,

DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,
1 FERPA and Student Privacy in Records of University Research ECURE March 1, 2005 Richard Rainsberger, Ph.D. Consultant, Education Records Law and Privacy.

1 FERPA and Student Privacy in Records of University Research ECURE March 1, 2005 Richard Rainsberger, Ph.D. Consultant, Education Records Law and Privacy.

Similar presentations

Ads by Google