Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Chapter 3: A Blueprint for Compliance with the Privacy Rule.

Published byWilliam Simon Modified over 9 years ago

Similar presentations

Presentation on theme: "Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Chapter 3: A Blueprint for Compliance with the Privacy Rule."— Presentation transcript:

1 Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Chapter 3: A Blueprint for Compliance with the Privacy Rule

2 Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Where Do You Start? Gap Analysis –Identify where you need to be, where you are now, analyze the gap, and ZAP the gaps! Vendor Compliance Checklist –List all vendors and their access to PHI to determine what you need to do Training Checklist –Keep a list of all staff trained and the topics covered

3 Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Policies to Create Privacy Officer Policy –Be sure you have a privacy officer named and list their duties and responsibilities Policy for the Use of PHI –How will PHI be used in the organization Policy for the use of PHI in QA and Education –It is okay to use PHI here, just protect it. Training Policy –Must be done initially and when policies change

4 Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Policies (cont’d) Computer Security Policy –How will your computers be secure to protect PHI? Confidentiality Agreements –Everyone must sign a confidentiality agreement Work Area Arrangements –Work area policies for offices –Work area policies for home workers Access Policy for Digital Dictation Systems –Who can access this and how will you protect the information during access?

5 Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Policies (cont’d) Policy for the Use of Hard Copy PHI –Be sure that hard copy PHI is shredded when you are done using it Policy for Use of the Fax Machine –Be sure you have a privacy notice on all fax cover sheets E-Mail Policy –When used, e-mail should be encrypted for ultimate protection

6 Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Policies (cont’d) Disaster Recovery Policy –How will you continue to provide both access and protection during a disaster and how will the data be recovered? Policy for Offsite Workers –What special considerations need to be covered if you have offsite workers? Termination Policy –Be sure access is removed when someone is terminated.

7 Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Policies (cont’d) Breaches and Sanctions Policies –How will breaches be reported? –What sanctions will be used when someone breaches PHI? Complaint Policy –If someone has a complaint, who do they contact and what is the procedure for addressing it? Vendor Policy –What will you require of your vendors to protect the PHI they access in providing services?

8 Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Policies for Business Associates Business Associate Contract –Agreement to protect the PHI –A statement that says they comply with the laws as if they were a covered entity –Outlines how breaches will be handled –Assures that their subcontractors will also protect the PHI

9 Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins What about Using Offshore Labor? Offshore labor is not prohibited by the rule Obtain assurances that the offshore worker is capable of protecting the information Require full disclosure about where the work is done Offshore labor is a decision entities needs to make for themselves; just make it a well informed decision!

10 Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Indemnification Protection in case of a breach of information Will you require it of your business associates? Will your business associates require it of you?

11 Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Always Remember the Goal: It is about protecting the patient’s information in all circumstances.

Download ppt "Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Chapter 3: A Blueprint for Compliance with the Privacy Rule."

Similar presentations

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.
Shelby County Health Department

Shelby County Health Department
The Department has declared itself to be a single covered entity. Thus, each and every one of our divisions is a covered entity and must comply with.

The Department has declared itself to be a single covered entity. Thus, each and every one of our divisions is a covered entity and must comply with.
HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.

HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.
K eep I t C onfidential Prepared by: Security Architecture Collaboration Team.

K eep I t C onfidential Prepared by: Security Architecture Collaboration Team.
Privacy and Information Security Training (2006-07) VUMC Privacy Website www.mc.vanderbilt.edu/privacy.

Privacy and Information Security Training ( ) VUMC Privacy Website
1. As a Florida KidCare community partner families entrust you to not only help them navigate the Florida KidCare system but to keep the information they.

1. As a Florida KidCare community partner families entrust you to not only help them navigate the Florida KidCare system but to keep the information they.
HIPAA and Privacy An Overview of the New Federal Requirements of the Health Insurance Portability and Accountability Act (HIPAA) Reid Cushman, UM Ethics.

HIPAA and Privacy An Overview of the New Federal Requirements of the Health Insurance Portability and Accountability Act (HIPAA) Reid Cushman, UM Ethics.
HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.

HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.
HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.

HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.
HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website: www.mc.vanderbilt.edu/HIPAA.

HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website:
Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.

Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.
HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.

HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.
National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.

National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.

The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
The HIPAA Privacy Training Video for EMS Field Providers

The HIPAA Privacy Training Video for EMS Field Providers
HIPAA What’s New? 2010. What Is HIPAA Health Insurance Portability and Accountability Act of 1996 Health Insurance Portability and Accountability Act.

HIPAA What’s New? What Is HIPAA Health Insurance Portability and Accountability Act of 1996 Health Insurance Portability and Accountability Act.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

Similar presentations

Ads by Google