Gerry Hinkley Co-Chair, Health Care Industry Team Pillsbury Winthrop Shaw Pittman LLP
|
|
- Gwendoline Ferguson
- 8 years ago
- Views:
Transcription
1 How Regional Extension Centers (RECs), Beacon Programs, Community College Consortia and Health Insurance Exchanges Work and Why Privacy and Security are Important Gerry Hinkley Co-Chair, Health Care Industry Team Pillsbury Winthrop Shaw Pittman LLP HIPAA SUMMIT WEST - HIPAA FOR HIT AND EHRs October 3 6, 2010 San Francisco
2 How R-E-Cs (don t say Wreck ) Work The HITECH Act authorizes a Health Information Technology Extension Program The extension program consists of Health Information Technology Regional Extension Centers (RECs) pursuant to 60 cooperative agreement awards and a national Health Information Technology Research Center (HITRC) The HITRC will build a virtual community of shared learning to advance best practices that support providers adoption and meaningful use of EHRs RECs will be fully operational by December 2010 $643 million ARRA funds for , $42 million thereafter By December 2012, the RECs will be largely self-sustaining and their need for continued federal support in the remaining two years of the program will be minimal 2
3 REC Charters RECs will Provide training and support services to assist doctors and other providers in adopting EHRs Offer information and guidance to help with EHR implementation Give direct, individualized and on-site technical assistance in Selecting a certified EHR product that offers best value for the providers' needs Achieving effective implementation of a certified EHR product Enhancing clinical and administrative workflows to optimally leverage an EHR system's potential to improve quality and value of care, including patient experience as well as outcome of care Observing and complying with applicable legal, regulatory, professional and ethical requirements to protect the integrity, privacy and security of patients' health information 3
4 How Will the HITRC Support Privacy and Security Initiatives of RECs? Office of Provider Adoption Support (OPAS) interacts with each REC to understand unique program goals, opportunities and challenges HITRC s strategy is to harness power nationwide by building virtual communities of practice (CoPs) to share best practices A subset of the CoP is focused on privacy and security Contribute to a more complete understanding of privacy and security needs Reveal unexpected challenges and opportunities Feed strategy and message development Encourage / accelerate buy-in of privacy and security tactics by engaging REC influencers at early stage 4
5 The HITRC Privacy and Security COP Privacy and Security Advisory Council 10 members who meet twice monthly Collect/summarize data on needs related to privacy and security Data from REC operations plans Data from REC meetings Share information about ONC programs/general communications Engage RECs around their privacy and security needs Identify training materials 5
6 The HITRC Privacy and Security COP 2 Focus on priority areas Risk assessments Internal and practice guidance on policies and procedures Create repository of information on liability issues related to technology Office of Provider Adoption Support (OPAS) will Provide experts on various subject matters to work with the CoP on identified training needs Develop materials that RECs can use to support outreach efforts 6
7 Challenges the HITRC and RECs Face in Establishing Consistent National Practices My own private HIPAA The approach to privacy has been localized to the states Inconsistent state laws Local lore and culture The growing demand for information sharing among separate HIEs and across boundaries Increasing consumer awareness of privacy rights Contentiousness over ownership of data 7
8 Challenges the RECs Face Regarding Privacy and Security in Physician Offices Misunderstanding the HIPAA basics 2003 vs HITECH Cost of implementation Office culture HIPAA know-it-alls Managing business associates and subcontractors Complexity of technology the tools are imbedded, but support and implementation are lacking changing passwords establishing role based access Inability to establish physical security 8
9 What s a REC to do? EHR Implementer and Provider Education Emphasis on Security Brochures emphasize Understand your areas of risk by doing a risk assessment, as required by HIPAA Train your staff on proper security techniques Define staff roles and responsibilities Physically secure your portable computing and storage devices Select EHR vendors that provide certified EHR technologies Develop security policies that are simple, understandable and enforceable Know what you must do, under the law, to protect your patients information 9
10 What s a REC to Do? Toolkits Based on state level toolkits (e.g., New York) Guidance the seven circles of security Policies, procedures, training Physical security Passwords/access controls Auditing Network security Back up and recovery Encryption 10
11 How Beacon Communities Work $235 million to support the Beacon Community Program that will include $220 million to build and strengthen health IT infrastructure and HIE capabilities, including privacy and security measures for data exchange, within 17 communities for 36 months To qualify for the Beacon Community Program, applicants will Build off of existing health IT infrastructure and exchange to demonstrate care and cost savings Have rates of EHR adoption that are significantly higher than published national estimates Coordinate with recently announced ONC programs for Regional Extension Centers and State Health Information Exchanges The Beacon Community Cooperative Agreement Program will build infrastructure for health IT and will implement privacy and security measures for the health-care information that's exchanged 11
12 How Beacon Communities will Lead Beacon Communities of Practice will focus on privacy and security COPs will collect and publish best practices from Beacon Communities Why is this important? The Beacon Communities have demonstrated leadership in EHR/HIE deployment Because of the advanced state of development, they have encountered privacy and security issues that the next wave will have to encounter Under he grant program Beacon Communities have an opportunity to refine their work regarding privacy and security ONC will encourage this through the cooperative grant arrangement The collective experience of the Beacon Communities will be persuasive precedent 12
13 How the Community College Consortia Works The Community College Consortia is part of the Health IT Workforce Development Program, administered by ONC The consortia comprises five regional groups of more than 70 member community colleges in all 50 states Received $36 million in grants to develop or improve nondegree health IT training programs that students can complete in six months or less Programs established through this grant will help train more than 10,500 new health IT professionals annually by
14 Programs that Support the Community College Consortia Curriculum Development Centers Program provided $10 million in grants to five domestic institutions of higher education to support health information technology curriculum development Competency Examination Program will provide $6 million to Northern Virginia Community College to develop and administer health IT competency examinations an objective measure to assess basic competency of Individuals trained in non-degree short term programs Members of the work force with on the job training 14
15 How the Community College Consortia Will Lead A significant problem with HIPAA compliance has been the failure of documentation of consistent policies training and re-training of the work force assessment and auditing of compliance at the grass roots The CCC, utilizing a standardized curriculum, will turn out 10,500+ trained HIT professionals annually The potential is there for this newly trained work force to address the failures of HIPAA implementation 15
16 How Insurance Exchanges Work Starting in 2014, states will implement and consumer-centered health insurance marketplaces Designed to provide consumers and businesses with one-stopshopping where they can compare and purchase health insurance coverage The Office of Health Insurance Exchanges (OHIE) of the Office of Consumer Information and Insurance Oversight (OCIIO) is created to guide and oversee the state-based insurance exchanges This office will establish policies and rules governing exchanges, establish and implement planning grants to states, and provide oversight for the exchanges 16
17 How Insurance Exchanges Will Address Security and Privacy Recommendations of the HIT Policy & Standards Committee Enrollment Workgroup New and existing state eligibility and enrollment systems should follow the full complement of fair information practices (FIPs) when handling personally identifiable health information Collection and Use Limitation: state systems should be designed to collect and use the minimum data necessary for an eligibility and enrollment determination balanced with the desire to reuse information for multiple eligibility decisions Data Integrity & Quality: states should establish a minimum threshold level for data matches, adopting a glide path toward achieving advanced probabilistic matching Openness & Transparency: clear, transparent policies about authorizing access and use of data should be provided to the consumer in the Privacy Notice 17
18 How Insurance Exchanges Will Address Security and Privacy Consumers should have timely, electronic access to their eligibility and enrollment data in a format they can use and reuse knowledge of how their eligibility and enrollment information will be used, including sharing across programs to facilitate additional enrollments, and to the extent practicable, control over such uses the ability to request corrections and/or updates of such data Builds upon the HITECH Act provisions giving consumers the right to obtain an electronic copy of their protected health information from HIPAA covered entities, including health plans and clearinghouses 18
19 How Insurance Exchanges Will Address Security and Privacy Consumer Mediated Approach Provide consumer information to consumers in a humanreadable form that allows them to view, print or save data in a format they can use and reuse Enable data to be exported into commonly-used software formats such as spreadsheets, text files Develop separate pathways (the Blue Button ) for download requests from the consumer and download requests via automated processes acting on the consumer s behalf 19
20 How Insurance Exchanges Will Address Security and Privacy Consumer Mediated Approach 2 Limit data use to that specified in the Privacy Notice unless the consumer authorizes additional uses Notice provided to the consumer during the application process will govern the consumer s rights to confidentiality and privacy provided prior to or at the time of collection of personally identified information in a method the consumer can understand notice should clearly indicate all entities that will be permitted to use a consumer s eligibility data, as well as the permissible uses of such data 20
21 How Insurance Exchanges Can Lead Through OHIE guidance opportunities for Application of Fair Information Practices to regulate use, disclosure, auditing and enforcement Putting HIPAA in context for health insurance Uniformity, clarity with respect to notices of privacy practices Consistent application of authorizations by consumers Implementation of minimum necessary in the context of health insurance procurement Restoring consumer confidence regarding use of health information in connection with insurance purchasing 21
22 Take Aways The interplay of the REC, Beacon Communities, Community College Consortia and Health Insurance Exchanges coupled with the State HIE Cooperative Agreement Program can encourage consistency of grass roots Policies, procedures, training Physical security Access controls Auditing Network security Back up and recovery Encryption 22
23 Take Aways 2 Recognition of Best Practices Broadcasting a consistent message regarding privacy and security through training Uniformity and clarity regarding notices of privacy practices Recognition of and understanding of consumer rights Access Use and disclosure Download Implementation of minimum necessary for payment and health care operations 23
24 24 The purpose of this presentation is to inform and comment upon recent developments in health law. It is not intended, nor should it be used, as a substitute for specific legal advice legal counsel may only be given in response to inquiries regarding particular situations.
25 Contact Information Gerry Hinkley Pillsbury Winthrop Shaw Pittman LLP 50 Fremont Street San Francisco, CA Direct: (415)
Negotiating Standard Terms and Conditions/Best Price Arrangements with EHR Vendors
Negotiating Standard Terms and Conditions/Best Price Arrangements with EHR Vendors Gerry Hinkley Co-Chair, Health Care Industry Team Pillsbury Winthrop Shaw Pittman LLP National REC and HIE Summit West
More informationLegal Issues in the EHR Acquisition RFP Process
Legal Issues in the EHR Acquisition RFP Process Gerry Hinkley Co-Chair, Health Care Industry Team Pillsbury Winthrop Shaw Pittman LLP National EHR Acquisition, Implementation and Operations Summit October
More informationCMS AND ONC FINAL REGULATIONS DEFINE MEANINGFUL USE AND SET STANDARDS FOR ELECTRONIC HEALTH RECORD INCENTIVE PROGRAM
CMS AND ONC FINAL REGULATIONS DEFINE MEANINGFUL USE AND SET STANDARDS FOR ELECTRONIC HEALTH RECORD INCENTIVE PROGRAM The Centers for Medicare & Medicaid Services (CMS) and the Office of the National Coordinator
More informationSHARP: An ONC Perspective 2010 Face-to-Face Meeting
SHARP: An ONC Perspective 2010 Face-to-Face Meeting Wil Yu, Special Assistant, Innovations and Research Wil.Yu@HHS.gov Office of the National Coordinator for Health Information Technology (ONC) President
More informationHow to Use the NYeC Privacy and Security Toolkit V 1.1
How to Use the NYeC Privacy and Security Toolkit V 1.1 Scope of the Privacy and Security Toolkit The tools included in the Privacy and Security Toolkit serve as guidance for educating stakeholders about
More informationRegulatory Update with a Touch of HIPAA
Regulatory Update with a Touch of HIPAA Cloud Communications Alliance Quarterly Meeting Miami, January 2015 Glenn S. Richards, Partner Pillsbury Winthrop Shaw Pittman LLP Phone: 202.663.8215 glenn.richards@pillsburylaw.com
More informationBuilding a Culture of Health Care Privacy Compliance
Building a Culture of Health Care Privacy Compliance September 10, 2014 Presented by: Gerry Hinkley, Partner, Pillsbury Greg Radinsky, VP & Chief Corporate Compliance, North Shore - LIJ Wendy Maneval,
More informationCURRENT AND FUTURE MEDICAL HOME LEGAL ISSUES
CURRENT AND FUTURE MEDICAL HOME LEGAL ISSUES Presented by: Gerry Hinkley Co-Chair, Health Care Industry Team Pillsbury Winthrop Shaw Pittman gerry.hinkley@pillsburylaw.com Pillsbury Winthrop Shaw Pittman
More informationHealth Information Technology (IT) Simplified
Health Information Technology (IT) Simplified A glossary of all things Health IT Accountable Care Organizations (ACO) - A group of health care providers who give coordinated care, chronic disease management,
More informationCybersecurity in the Health Care Sector: HIPAA Responsibilities from a Legal and Compliance Perspective
Cybersecurity in the Health Care Sector: HIPAA Responsibilities from a Legal and Compliance Perspective July 23, 2013 Gerry Hinkley, Pillsbury Allen Briskin, Pillsbury Pillsbury Winthrop Shaw Pittman LLP
More informationUPDATE ON THE ADOPTION OF HEALTH INFORMATION TECHNOLOGY AND RELATED EFFORTS TO FACILITATE THE ELECTRONIC USE AND EXCHANGE OF HEALTH INFORMATION
www.ilhitrec.org UPDATE ON THE ADOPTION OF HEALTH INFORMATION TECHNOLOGY AND RELATED EFFORTS TO FACILITATE THE ELECTRONIC USE AND EXCHANGE OF HEALTH INFORMATION JULY 2013 Information is widely recognized
More informationSunday March 30, 2014, 9am noon HCCA Conference, San Diego
Meaningful Use as it Relates to HIPAA Compliance Sunday March 30, 2014, 9am noon HCCA Conference, San Diego CLAconnect.com Objectives and Agenda Understand the statutory and regulatory background and purpose
More informationMonitoring Health IT and EHR Goal Achievement
Monitoring Health IT and EHR Goal Achievement Assessment Provided By: The National Learning Consortium (NLC) Developed By: Health Information Technology Research Center (HITRC) Stratis Health The material
More informationThe Patient Portal Ecosystem: Engaging Patients while Protecting Privacy and Security
The Patient Portal Ecosystem: Engaging Patients while Protecting Privacy and Security NCHICA 11th Academic Medical Center Security & Privacy Conference, June 22-24, 2015 Panel Leader: Panelists: Amy Leopard,
More informationTexas HITECH Community College Consortia to Educate Health Information Technology Professionals
Texas HITECH Community College Consortia to Educate Health Information Technology Professionals *Overview of the ONC *Role of Regional Extension Centers (RECs) *Role of Community Colleges *Applying for
More informationARKANSAS OFFICE OF HEALTH INFORMATION TECHNOLOGY (OHIT) PRIVACY POLICIES
ARKANSAS OFFICE OF HEALTH INFORMATION TECHNOLOGY (OHIT) PRIVACY POLICIES OHIT wishes to express its gratitude to Connecting for Health and the Markel Foundation for their work in developing the Common
More informationProject Management for Critical Access Hospitals
Project Management for Critical Access Hospitals Provided By: The National Learning Consortium (NLC) Developed By: Health Information Technology Research Center (HITRC) Carolyn P. Hartley, MLA, CHP National
More informationDecrypting the Security Risk Assessment (SRA) Requirement for Meaningful Use
Click to edit Master title style Decrypting the Security Risk Assessment (SRA) Requirement for Meaningful Use Andy Petrovich, MHSA, MPH M-CEITA / Altarum Institute April 8, 2015 4/8/2015 1 1 Who is M-CEITA?
More informationRSA SECURE WEB ACCESS FOR HEALTHCARE ENVIRONMENTS
RSA SECURE WEB ACCESS FOR HEALTHCARE ENVIRONMENTS Security solutions for patient and provider access AT A GLANCE Healthcare organizations of all sizes are responding to the demands of patients, physicians,
More informationDecreasing Complexity and Cost of EHR Adoption John Weir President CAPG Policy Committee Meeting February 23, 2010
Decreasing Complexity and Cost of EHR Adoption John Weir President CAPG Policy Committee Meeting February 23, 2010 Presentation Outline About Lumetra Healthcare Solutions (LHS) Current opportunity with
More informationAgenda. OCR Audits of HIPAA Privacy, Security and Breach Notification, Phase 2. Linda Sanches, MPH Senior Advisor, Health Information Privacy 4/1/2014
OCR Audits of HIPAA Privacy, Security and Breach Notification, Phase 2 Linda Sanches, MPH Senior Advisor, Health Information Privacy HCCA Compliance Institute March 31, 2014 Agenda Background Audit Phase
More informationHIPAA and HITECH Compliance for Cloud Applications
What Is HIPAA? The healthcare industry is rapidly moving towards increasing use of electronic information systems - including public and private cloud services - to provide electronic protected health
More informationHIPAA for HIT and EHRs. Latest on Meaningful Use and EHR Certification: For Privacy and Security Professionals
HIPAA for HIT and EHRs Latest on Meaningful Use and EHR Certification: For Privacy and Security Professionals Donald Bechtel, CHP Siemens Health Services Patient Privacy Officer Fair Information Practices
More informationVendor Management for Critical Access Hospitals
Vendor Management for Critical Access Hospitals Provided By: The National Learning Consortium (NLC) Developed By: Health Information Technology Research Center (HITRC) Carolyn P. Hartley, MLA, CHP National
More informationOpportunities for Medicaid to Invest in HIT. Shannah Koss, Principal Koss on Care LLC
Opportunities for Medicaid to Invest in HIT Shannah Koss, Principal Koss on Care LLC Topics Key HIT components in the ARRA What is happening in state Medicaid programs today? Challenges and opportunities
More informationRegional Extension Centers: Support for EMR Adoption and Meaningful Use Achievement. Raymond Dawson, MBA, MS QSource Director of Operational Services
Regional Extension Centers: Support for EMR Adoption and Meaningful Use Achievement Raymond Dawson, MBA, MS QSource Director of Operational Services The State of Healthcare Today The United States ranks:
More informationPreparing for and Responding to an OCR HIPAA Audit
Preparing for and Responding to Carole Klove Carole.Klove@ucsfmedctr.or g Gerry Hinkley gerry.hinkley@pillsburylaw.com SIXTH NATIONAL HIPAA SUMMIT WEST October 10-12, 2012 Overview Background What to expect
More informationHIPAA Omnibus Compliance How A Data Loss Prevention Solution Can Help
HIPAA Omnibus Compliance How A Data Loss Prevention Solution Can Help The Health Information Portability and Accountability Act (HIPAA) Omnibus Rule which will begin to be enforced September 23, 2013,
More informationMeaningful Use and Security Risk Analysis
Meaningful Use and Security Risk Analysis Meeting the Measure Security in Transition Executive Summary Is your organization adopting Meaningful Use, either to gain incentive payouts or to avoid penalties?
More informationHEALTH INFORMATION TECHNOLOGY TRAINING
HEALTH INFORMATION TECHNOLOGY TRAINING GENERAL INFORMATION: Normandale Community College is now accepting applications for health information technology training. Normandale is among a group of 17 community
More informationHITRUST CSF Assurance Program You Need a HITRUST CSF Assessment Now What?
HITRUST CSF Assurance Program You Need a HITRUST CSF Assessment Now What? Introduction This material is designed to answer some of the commonly asked questions by business associates and other organizations
More informationThe benefits you need... from the name you know and trust
The benefits you need... Privacy and Security Best at Practices the price you can afford... Guide from the name you know and trust The Independence Blue Cross (IBC) Privacy and Security Best Practices
More informationInformation Protection Framework: Data Security Compliance and Today s Healthcare Industry
Information Protection Framework: Data Security Compliance and Today s Healthcare Industry Executive Summary Today s Healthcare industry is facing complex privacy and data security requirements. The movement
More informationWireless and Mobile Technologies for Healthcare: Ensuring Privacy, Security, and Availability
Wireless and Mobile Technologies for Healthcare: Ensuring Privacy, Security, and Availability T. Jepsen, N. Buckley, D. Witters, K. Stine INTRODUCTION The IEEE-USA Medical Technology Policy Committee sponsored
More informationTHE STATE OF HEALTHCARE COMPLIANCE: Keeping up with HIPAA, Advancements in EHR & Additional Regulations
THE STATE OF HEALTHCARE COMPLIANCE: Keeping up with HIPAA, Advancements in EHR & Additional Regulations [ The State of Healthcare Compliance: Keeping up with HIPAA, Advancements in EHR & Additional Regulations
More informationHealth Information Technology
Background Brief on September 2012 Inside this Brief Federal Level State Level Privacy and Security Laws Finance Staff and Agency Contacts Legislative Committee Services State Capitol Building Salem, Oregon
More informationELECTRONIC HEALTH RECORDS
ELECTRONIC HEALTH RECORDS Understanding and Using Computerized Medical Records CHAPTER TEN LESSON ONE Privacy and Security of Health Records Understanding HIPAA HIPAA: acronym for Health Insurance Portability
More informationMark Anderson, FHIMSS, CPHIMSS Healthcare IT Futurist
Mark R. Anderson, FHIMSS, CPHIMS CEO of AC Group, Inc. Mark Anderson, FHIMSS, CPHIMSS Healthcare IT Futurist CEO of AC Group National Speaker on EHR > 800 sessions since 2001 Semi annual report on Vendor
More informationRegional Extension Centers: Support for EMR Adoption and Workforce Development
Regional Extension Centers: Support for EMR Adoption and Workforce Development Ms. Dawn FitzGerald CEO, QSource Dr. David Rosenthal, Associate Professor School of Public Health, University of Memphis My
More informationEthics, Privilege, and Practical Issues in Cloud Computing, Privacy, and Data Protection: HIPAA February 13, 2015
Ethics, Privilege, and Practical Issues in Cloud Computing, Privacy, and Data Protection: HIPAA February 13, 2015 Katherine M. Layman Cozen O Connor 1900 Market Street Philadelphia, PA 19103 (215) 665-2746
More informationIHE, A Taxonomy for Electronic Medical Mdi lrecords
IHE, A Taxonomy for Electronic Medical Mdi lrecords Taxonomy is defined as the science of classification; laws and principles covering the classification of objects. In our application for classifying
More informationData Breach, Electronic Health Records and Healthcare Reform
Data Breach, Electronic Health Records and Healthcare Reform (This presentation is for informational purposes only and it is not intended, and should not be relied upon, as legal advice.) Overview of HIPAA
More informationData Security and Integrity of e-phi. MLCHC Annual Clinical Conference Worcester, MA Wednesday, November 12, 2014 2:15pm 3:30pm
Electronic Health Records: Data Security and Integrity of e-phi Worcester, MA Wednesday, 2:15pm 3:30pm Agenda Introduction Learning Objectives Overview of HIPAA HIPAA: Privacy and Security HIPAA: The Security
More informationBridging the HIPAA/HITECH Compliance Gap
CyberSheath Healthcare Compliance Paper www.cybersheath.com -65 Bridging the HIPAA/HITECH Compliance Gap Security insights that help covered entities and business associates achieve compliance According
More informationThe HIPAA Audit Program
The HIPAA Audit Program Anna C. Watterson Davis Wright Tremaine LLP The U.S. Department of Health and Human Services (HHS) was given authority, and a mandate, to conduct periodic audits of HIPAA 1 compliance
More informationThe basics of Health Information Technology
The basics of Health Information Technology 2012 1 What is Health Information Technology? Health IT, or e-health, is increasingly viewed as the most promising tool for improving the overall quality, safety
More information2/9/2012. 2012 HIPAA Privacy and Security Audit Readiness. Table of contents
2012 HIPAA Privacy and Security Audit Readiness Mark M. Johnson National HIPAA Services Director Table of contents Page Background 2 Regulatory Background and HITECH Impacts 3 Office of Civil Rights (OCR)
More informationOFFICE OF THE NATIONAL COORDINATOR FOR HEALTH INFORMATION TECHNOLOGY TABLE OF CONTENTS FY 2012 CONGRESSIONAL BUDGET JUSTIFICATION
OFFICE OF THE NATIONAL COORDINATOR FOR HEALTH INFORMATION TECHNOLOGY TABLE OF CONTENTS FY 2012 CONGRESSIONAL BUDGET JUSTIFICATION PAGE PERFORMANCE BUDGET OVERVIEW Organizational Chart...3 Discretionary
More informationHealthcare Compliance and Hybrid Entity Designation
[New OP initial posting 8/28/14] Operating Policy and Procedure : Healthcare Compliance and Hybrid Entity Designation DATE: August 28, 2014 PURPOSE: The purpose of this Texas Tech Operating Policy and
More informationHealth Homes Implementation Series: NYeC Privacy and Security Toolkit. 16 February 2012
Health Homes Implementation Series: NYeC Privacy and Security Toolkit 16 February 2012 1 Agenda What are the New York ehealth Collaborative (NYeC) and the Regional Extension Center? What are Health Homes?
More informationRequested From: Ambulatory EHR Vendors Interested in Achieving REACH Preferred Vendor Designation Requested By: REACH
Request for Information Requested From: Ambulatory EHR Vendors Interested in Achieving REACH Preferred Vendor Designation Requested By: REACH Table of Contents 1. Introduction... 3 2. Standardized RFP
More informationRemote Access to a Healthcare Facility and the IT professional s obligations under HIPAA and the HITECH Act
Remote Access to a Healthcare Facility and the IT professional s obligations under HIPAA and the HITECH Act Are your authentication, access, and audit paradigms up to date? Table of Contents Synopsis...1
More informationWelcome to the Privacy and Security PowerPoint presentation in the Data Analytics Toolkit. This presentation will provide introductory information
Welcome to the Privacy and Security PowerPoint presentation in the Data Analytics Toolkit. This presentation will provide introductory information about HIPAA, the HITECH-HIPAA Omnibus Privacy Act, how
More informationBuilding an HIT Workforce: Western States Region B Health IT Workforce Training
Building an HIT Workforce: Western States Region B Health IT Workforce Training Tessa Miley Program Coordinator Butte College Caryn Rizell Associate Director, Workforce Development California Primary Care
More informationHealth Information Technology (HIT) Guide for the Delta Rural Hospital Performance Improvement (RHPI) Program
Health Information Technology (HIT) Guide for the Delta Rural Hospital Performance Improvement (RHPI) Program Health Information Technology Workforce: Current Issues and Recommended Solutions Prepared
More informationSummary of Health Information Technology Incentives and Resources
Summary of Health Information Technology Incentives and Resources February 2011 This is a publication of the Technical Assistance and Services Center (TASC), a program of the National Rural Health Resource
More information340B Omnibus Guidance Would Significantly Narrow the Pool of Eligible Patients
White Paper August 31, 2015 340B Omnibus Guidance Would Significantly Narrow the Pool of Eligible Patients By Kristi V. Kung This client alert also was published as a bylined article on Law360 on September
More informationWHITE PAPER. HIPPA Compliance and Secure Online Data Backup and Disaster Recovery
WHITE PAPER HIPPA Compliance and Secure Online Data Backup and Disaster Recovery January 2006 HIPAA Compliance and the IT Portfolio Online Backup Service Introduction October 2004 In 1996, Congress passed
More informationAddressing Employee Health and Wellness:
2015 CLE Marathons Addressing Employee Health and Wellness: Employer Options for On-Site Care January 13, 2015 Pillsbury Winthrop Shaw Pittman LLP Overview What do workplace clinics look like in 2015?
More informationElectronic Health Record Adoption
Electronic Health Record Adoption 1 Electronic Health Records (EHR) & Government Regulation Why EHR s are a Hot Topic HITECH Act and American Recovery and Reinvestment Act driving EHR adoption & HIPAA
More informationREMOTE ACCESS TO A HEALTHCARE FACILITY AND THE IT PROFESSIONAL S OBLIGATIONS UNDER HIPAA AND THE HITECH ACT
REMOTE ACCESS TO A HEALTHCARE FACILITY AND THE IT PROFESSIONAL S OBLIGATIONS UNDER HIPAA AND THE HITECH ACT ARE YOUR AUTHENTICATION, ACCESS, AND AUDIT PARADIGMS UP TO DATE? BY KERRY ARMSTRONG, PRIVACY,
More informationHIPAA Overview. Darren Skyles, Partner McGinnis Lochridge. Darren S. Skyles dskyles@mcginnislaw.com
HIPAA Overview Darren Skyles, Partner McGinnis Lochridge HIPAA Health Insurance Portability and Accountability Act of 1996 Electronic transaction and code sets: Adopted standards for electronic transactions
More informationElectronic Health Records. Going Beyond Data Collection to Making the Data Usable
Electronic Health Records Going Beyond Data Collection to Making the Data Usable Overview Compliance to the Meaningful Use guidelines in the Health Information Technology Economic and Clinical Health (HITECH)
More informationHITECH and Meaningful Use - An Overview - To Enrich Lives Through Effective And Caring Service
Health Information Technology for Economic and Clinical Health Act HITECH and Meaningful Use - An Overview - HITECH and Meaningful Use - An Overview - Background What is Meaningful Use (MU) MU Criteria
More informationBusiness Associate Considerations for the HIE Under the Omnibus Final Rule
Business Associate Considerations for the HIE Under the Omnibus Final Rule Joseph R. McClure, Esq. Counsel Siemens Medical Solutions USA, Inc. WEDI Privacy & Security Work Group Co-Chair Agenda Who is
More informationREGULATORY CHANGES DEMAND AN ENTERPRISE-WIDE APPROACH TO DISCLOSURE MANAGEMENT OF PHI
REGULATORY CHANGES DEMAND AN ENTERPRISE-WIDE APPROACH TO DISCLOSURE MANAGEMENT OF PHI Healthcare Organizations Can Adopt Enterprise-Wide Disclosure Management Systems To Standardize Disclosure Processes,
More informationThe American Recovery and Reinvestment Act of 2009 Summary of Key Health Information Technology Provisions July 1, 2009
The American Recovery and Reinvestment Act of 2009 Summary of Key Health Information Technology Provisions July 1, 2009 This document is a summary of the ARRA and offered for information only. As the term
More informationHIPAA Security. 1 Security 101 for Covered Entities. Security Topics
HIPAA SERIES Topics 1. 101 for Covered Entities 2. Standards - Administrative Safeguards 3. Standards - Physical Safeguards 4. Standards - Technical Safeguards 5. Standards - Organizational, Policies &
More informationHIPAA COMPLIANCE AND DATA PROTECTION. sales@eaglenetworks.it +39 030 201.08.25 Page 1
HIPAA COMPLIANCE AND DATA PROTECTION sales@eaglenetworks.it +39 030 201.08.25 Page 1 CONTENTS Introduction..... 3 The HIPAA Security Rule... 4 The HIPAA Omnibus Rule... 6 HIPAA Compliance and EagleHeaps
More informationJoe Dylewski President, ATMP Solutions
Joe Dylewski President, ATMP Solutions Joe Dylewski President, ATMP Solutions Assistant Professor, Madonna University 20 Years, Technology and Application Implementation Experience Served as Michigan Healthcare
More informationHIPAA Considerations for Small Non-Profits. Jill M. Girardeau July 20, 2011
HIPAA Considerations for Small Non-Profits Jill M. Girardeau July 20, 2011 Mission of Pro Bono Partnership of Atlanta: To provide free legal assistance to community-based nonprofits that serve low-income
More informationElectronic Medical Records Programs
Electronic Medical Records Programs Idaho Provider Outreach and Health IT Advisory Council Presentation January 20, 2011 The Office of the National Coordinator for Health Information Technology (ONC) established
More informationNEWS ALERT WINSTEAD POTENTIAL OPPORTUNITIES FOR HEALTHCARE INDUSTRY UNDER THE AMERICAN RECOVERY AND REINVESTMENT ACT OF 2009. May 2009 Winstead PC
May 2009 Winstead PC POTENTIAL OPPORTUNITIES FOR HEALTHCARE INDUSTRY UNDER THE AMERICAN RECOVERY AND REINVESTMENT ACT OF 2009 Contact: The American Recovery and Reinvestment Act of 2009 (the "Act") was
More informationBill Moran and Betta Sherman
Compliance TODAY July 2013 a publication of the health care compliance association www.hcca-info.org How an eye doctor s son sees compliance an interview with Stephen Kiess Assistant General Counsel for
More informationHow To Understand And Understand The Benefits Of A Health Insurance Risk Assessment
4547 The Case For HIPAA Risk Assessment Leader s Guide IMPORTANT INFORMATION FOR EDUCATION COORDINATORS & PROGRAM FACILITATORS PLEASE NOTE: In order for this program to meet Florida course requirements,
More informationHIMSS EHR Association Definitional Model and Application Process. July 2012
HIMSS EHR Association Definitional Model and Application Process July 2012 Prepared by the HIMSS EHR Association Membership Committee with supporting documentation provided by the HIMSS Electronic Health
More informationWill the Feds Really Buy Me an EHR?
Steven Waldren, MD, David C. Kibbe, MD, MBA, and Jason Mitchell, MD Will the Feds Really Buy Me an EHR? and Other Commonly Asked Questions About the HITECH Act The economic stimulus package offers $19
More informationToward Meaningful Use of HIT
Toward Meaningful Use of HIT Fred D Rachman, MD Health and Medicine Policy Research Group HIE Forum March 24, 2010 Why are we talking about technology? To improve the quality of the care we provide and
More informationCase Study. Developing a Universal Consent Form: Lessons Learned from Florida Medicaid
Case Study Developing a Universal Consent Form: Lessons Learned from Florida Medicaid Prepared for: Agency for Healthcare Research and Quality U.S. Department of Health and Human Services 540 Gaither Road
More informationUNH Policy on Compliance with the Health Insurance Portability and Accountability Act (HIPAA)
UNH Policy on Compliance with the Health Insurance Portability and Accountability Act (HIPAA) 1 Preamble Approved August 5, 2014 1.1 The Health Insurance Portability and Accountability Act of 1996 (Public
More informationHow To Write A Health Care Security Rule For A University
INTRODUCTION HIPAA Security Rule Safeguards Recommended Standards Developed by: USF HIPAA Security Team May 12, 2005 The Health Insurance Portability and Accountability Act (HIPAA) Security Rule, as a
More informationCourtesy of Columbia University and the ONC Health IT Workforce Curriculum program
Special Topics in Vendor-Specific Systems: Quality Certification of Commercial EHRs Lecture 5 Audio Transcript Slide 1: Quality Certification of Electronic Health Records This lecture is about quality
More informationPrivacy Officer Job Description 4/28/2014. HIPAA Privacy Officer Orientation. Cathy Montgomery, RN. Presented by:
HIPAA Privacy Officer Orientation Presented by: Cathy Montgomery, RN Privacy Officer Job Description Serve as leader Develop Policies and Procedures Train staff Monitor activities Manage Business Associates
More informationHow To Prepare For A Patient Care System
Preparing for Online Communication with Your Patients A Guide for Providers This easy-to-use, time-saving guide is designed to help medical practices and community clinics prepare for communicating with
More informationHealth Information Technology The Texas Landscape Presentation to TASSCC 2010. Nora Belcher Texas e-health Alliance August 3, 2010
Health Information Technology The Texas Landscape Presentation to TASSCC 2010 Nora Belcher Texas e-health Alliance August 3, 2010 Health Information Technology Overview Background Vision for HIE Texas
More informationElectronic Health Records (EHR): Adop6on and Meaningful Use. Policy Briefing. November 16, 2011 Reprised via Webinar July 26, 2012
Electronic Health Records (EHR): Adop6on and Meaningful Use Policy Briefing November 16, 2011 Reprised via Webinar July 26, 2012 CCC Mission The Council of Community Clinics and its subsidiaries represent
More informationARRA-HITECH Stimulus Money for Health HIM & IT Jobs
Women in Government: Jobs Evolution: States Response to Emerging Economic Challenges ARRA-HITECH Stimulus Money for Health HIM & IT Jobs Dan Rode, MBA, CHPS, FHFMA Vice President, Policy and Government
More informationNationwide Review of CMS s HIPAA Oversight. Brian C. Johnson, CPA, CISA. Wednesday, January 19, 2011
Nationwide Review of CMS s HIPAA Oversight Brian C. Johnson, CPA, CISA Wednesday, January 19, 2011 1 WHAT I DO Manage Region IV IT Audit and Advance Audit Technique Staff (AATS) IT Audit consists of 8
More informationHeather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com
Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com HIPAA Privacy Rule Sets standards for confidentiality and privacy of individually
More informationBusiness Associate Management Methodology
Methodology auxilioinc.com 844.874.0684 Table of Contents Methodology Overview 3 Use Case 1: Upstream of s I manage business associates 4 System 5 Use Case 2: Eco System of s I manage business associates
More informationAGREEMENT FOR ACCESS TO PROTECTED HEALTH INFORMATION BETWEEN WAKE FOREST UNIVERSITY BAPTIST MEDICAL CENTER AND
AGREEMENT FOR ACCESS TO PROTECTED HEALTH INFORMATION BETWEEN WAKE FOREST UNIVERSITY BAPTIST MEDICAL CENTER AND THIS AGREEMENT for Access to Protected Health Information ( PHI ) ( Agreement ) is entered
More informationHIPAA: AN OVERVIEW September 2013
HIPAA: AN OVERVIEW September 2013 Introduction The Health Insurance Portability and Accountability Act of 1996, known as HIPAA, was enacted on August 21, 1996. The overall goal was to simplify and streamline
More informationSecuring Electronic Health Records (EHRs) to Achieve Meaningful Use Compliance, Prevent Data Theft and Fraud
Securing Electronic Health Records (EHRs) to Achieve Meaningful Use Compliance, Prevent Data Theft and Fraud Featuring the results of the Privacy and Security Survey, March 2011 Since the passage of the
More informationIPA and HITECH Act Sajid Ahmed MPD/ PDM 1
IPA and HITECH Act Sajid Ahmed MPD/ PDM 1 "Our recovery plan will invest in electronic health records and new technology that will reduce errors, bring down costs, ensure privacy, and save lives." President
More informationU.S. Department of Health and Human Services Office of Consumer Information and Insurance Oversight
U.S. Department of Health and Human Services Office of Consumer Information and Insurance Oversight Cooperative Agreement to Support Establishment of State-Operated Health Insurance Exchanges New Announcement
More informationUniversity Healthcare Physicians Compliance and Privacy Policy
Page 1 of 11 POLICY University Healthcare Physicians (UHP) will enter into business associate agreements in compliance with the provisions of the Health Insurance Portability and Accountability Act of
More informationHIPAA Changes 2013. Mike Jennings & Jonathan Krasner BEI For MCMS 07/23/13
HIPAA Changes 2013 Mike Jennings & Jonathan Krasner BEI For MCMS 07/23/13 BEI Who We Are DC Metro IT Service Provider since 1987 Network Design/Upgrade Installation/Managed IT Services for small to medium-sized
More informationPhysician Perspective : The New HIT Landscape
Physician Perspective : The New HIT Landscape Michael J Mirro MD, FACC, FACP, CCDS Fort Wayne Cardiology/Parkview Physician Group Medical Director: Parkview Research Center Chair: ACC Informatics Committee
More informationNew York ehealth Collaborative. Health Information Exchange and Interoperability April 2012
New York ehealth Collaborative Health Information Exchange and Interoperability April 2012 1 Introductions Information exchange patient, information, care team How is Health information exchanged Value
More informationHow To Communicate In Healthcare With Direct Secure Messaging
Direct Secure Messaging Communicating in the Healthcare World Andy Nieto, Health IT Strategist, DataMotion Agenda Email and Direct in healthcare, a little history So what is Direct, really Certificates
More information