Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Chapter 3: A Blueprint for Compliance with the Privacy Rule.

Similar presentations


Presentation on theme: "Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Chapter 3: A Blueprint for Compliance with the Privacy Rule."— Presentation transcript:

1 Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Chapter 3: A Blueprint for Compliance with the Privacy Rule

2 Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Where Do You Start? Gap Analysis –Identify where you need to be, where you are now, analyze the gap, and ZAP the gaps! Vendor Compliance Checklist –List all vendors and their access to PHI to determine what you need to do Training Checklist –Keep a list of all staff trained and the topics covered

3 Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Policies to Create Privacy Officer Policy –Be sure you have a privacy officer named and list their duties and responsibilities Policy for the Use of PHI –How will PHI be used in the organization Policy for the use of PHI in QA and Education –It is okay to use PHI here, just protect it. Training Policy –Must be done initially and when policies change

4 Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Policies (cont’d) Computer Security Policy –How will your computers be secure to protect PHI? Confidentiality Agreements –Everyone must sign a confidentiality agreement Work Area Arrangements –Work area policies for offices –Work area policies for home workers Access Policy for Digital Dictation Systems –Who can access this and how will you protect the information during access?

5 Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Policies (cont’d) Policy for the Use of Hard Copy PHI –Be sure that hard copy PHI is shredded when you are done using it Policy for Use of the Fax Machine –Be sure you have a privacy notice on all fax cover sheets E-Mail Policy –When used, e-mail should be encrypted for ultimate protection

6 Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Policies (cont’d) Disaster Recovery Policy –How will you continue to provide both access and protection during a disaster and how will the data be recovered? Policy for Offsite Workers –What special considerations need to be covered if you have offsite workers? Termination Policy –Be sure access is removed when someone is terminated.

7 Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Policies (cont’d) Breaches and Sanctions Policies –How will breaches be reported? –What sanctions will be used when someone breaches PHI? Complaint Policy –If someone has a complaint, who do they contact and what is the procedure for addressing it? Vendor Policy –What will you require of your vendors to protect the PHI they access in providing services?

8 Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Policies for Business Associates Business Associate Contract –Agreement to protect the PHI –A statement that says they comply with the laws as if they were a covered entity –Outlines how breaches will be handled –Assures that their subcontractors will also protect the PHI

9 Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins What about Using Offshore Labor? Offshore labor is not prohibited by the rule Obtain assurances that the offshore worker is capable of protecting the information Require full disclosure about where the work is done Offshore labor is a decision entities needs to make for themselves; just make it a well informed decision!

10 Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Indemnification Protection in case of a breach of information Will you require it of your business associates? Will your business associates require it of you?

11 Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Always Remember the Goal: It is about protecting the patient’s information in all circumstances.


Download ppt "Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Chapter 3: A Blueprint for Compliance with the Privacy Rule."

Similar presentations


Ads by Google