Contact Information. Electronic Medical Records in Correctional Health. The Mission. Who Should Be On An EMR? Typical Correctional Scenario

Size: px
Start display at page:

Download "Contact Information. Electronic Medical Records in Correctional Health. The Mission. Who Should Be On An EMR? Typical Correctional Scenario"

Transcription

1 Electronic Medical Records in Correctional Health Report to the National Commission on Correctional Healthcare Contact Information Todd R. Wilcox, MD, MBA, CCHP Medical Director, Salt Lake County 256 South 1200 East Salt Lake City, UT Nina F. Dozoretz, MA, RHIA, CCHP 801 I Street, NW Suite 800 Washington, DC, The Mission Provide objective overview of the current state of EMR s in the marketplace Provide guidance on the interplay between HIPAA and EMR s Provide a workplan for the preparation, selection, and implementation of an EMR Provide an overview of HIPAA and resources to assist with compliance Who Should Be On An EMR? Generally ADP > 800 HIPAA Compliance! If you need to enforce formulary / practice guidelines If you need to defend budget / staffing More than one healthcare delivery site If you need relief from lawsuits Typical Correctional Scenario Charts unavailable at MD encounter Filing backed up for months Ran out of storage space for paper charts Paper charts a fire hazard Non-existent nursing documentation because they couldn t find charts Multiple charts created as path of least resistance Perceived Barriers--Study by Medical Record Institute Lack of resources Lack of support by clinicians Difficulty creating a migration plan Can t find an integrated software solution with just 1 vendor Difficulty evaluating / validating real capabilities of vendors 1

2 Cost-Benefit of an EMR Each MD will generate >300 filerelated tasks per day on paper Primary areas of savings Typically need only 1/3 of medical records staff to run EMR vs. paper MDs and nurses produce more work product SLC return on investment = 1.5 years Step 1 Hire An EMR Expert In-house staff almost never has adequate expertise or experience Comparative example: Would you ask your warden to design and build a new jail? Number 1 cause of failure is lack of expert help Your expert must understand both healthcare processes and EMR s to be successful Your expert should assist with all subsequent steps to keep you out of trouble Step 2 What Kind of EMR Do You Need? Tier 1: Automated Medical Records Tier 2: Computerized Medical Records Tier 3: Electronic Medical Record Tier 4: Electronic Integrated Health Record Step 3 Hardware and Infrastructure Determined by Step 2 Pick the right computers, servers, intranet, internet, pull transmission lines On average, takes a year to complete Coordinate with purchasing, governmental IS, 3 rd party vendors, governmental telephone services Step 4 Redefine Business Practices Every healthcare function must be redesigned for efficiency Many new processes must be contemplated (dictation vs. typing) MUST avoid reverse engineering your efficiency This is why your expert needs to know both healthcare and computers Business Process Examples Process Intake screen MR filing lag MD note 14-day assessment Nursing documentation Before EMR 6.91 min / 24 items 13 days 9.6 minutes / 14 lines text 43% on time / 23 data points 6% After EMR 6.71 min / 56 items < 24 hours 2.1 minutes / 29 lines text 99%+ on time / 70 data points 96% 2

3 Step 5 Selecting the Right System Writing a good RFP / Requirement Matrix is critical to success Your expert will earn his pay at this step Identify the right type of system Identify clearly the scope of the project What you need vs. what you want Communicate rational timelines Establish an effective selection process Selection Criteria and Process Functionality is more important than price Create a matrix of requirements and demand to see them demonstrated Vaporware is everywhere--don t believe anything said or shown by salesman Been in business > 5 years 3 rd Party add-ons (pharmacy, dental, etc) should be avoided. Software must be fully integrated Pay attention to timelines DO SITE VISITS to facilities using the software and talk to their staff System Design Features Infinitely-scalable system (i.e., Oracle relational database, not MS Access, etc) GUI interface (mouse, keyboard, touch) ASP (active server pages) database Chart-driven tracking of healthcare costs and productivity Fully integrated across all disciplines Customizable by end-user Patient record designed to be longitudinal Efficiency Issues Intelligent Scanning capability (bar coded) Clinical images scanning (Xray, EKG s) Off-site internet access system must be integrated into patient chart to avoid separate charting Software has fully-integrated clinical rules engine (chronic care clinics!) Efficiency Issues Lab values graphed Bar-coded entry of documents and data 1 and 2-way interface capability Lab, radiology, offender management Software-generated clinical summaries Order-generated to-do lists Vendor does own training, not 3 rd party Security Issues Absolute, unalterable data integrity Keystroke tracking Document security grades User security grades Multi-level backup / offsite secure storage Persistent server-side state Encryption 3

4 Step 6 Implementation Create a team, put your expert in charge of it All programming changes, additions, subtractions must be approved by one person Learn how to manage your own system TRAIN, TRAIN, TRAIN Step 7 Daily Operation and Maintenance Identify local system administrator Budget for maintenance Expect daily issues Create a mirror paper backup system Work out system support with vendor in the contract and lock it in for as long as they will allow Escrow the software Resources Conglomerate list of EMR vendors available on Slide Set Available at: HIPAA: What s All the Buzz? CAPT Nina Dozoretz 2002 NCCHC NASHVILLE CONFERENCE 22 HIPAA What Is It? What is HIPAA? Health Insurance Portability and Accountability Act (HIPAA, Public Law ), signed on August 21, Improve quality of health care Encourage development of information systems based on exchange of standard management and financial data using EDI. Require organizations to follow national implementation guidelines for EDI 4

5 Standards for Privacy - 1 PRIVACY RULE HHS, Office of Civil Rights (OCR) Enforcement civil monetary penalties, criminal prosecution Respond to Questions Secure Voluntary compliance Technical Assistance Respond to State requests for exception determinations Investigate complaints Conduct compliance reviews Effective April 14, 2001 Most Covered Entities must comply by April 2003 Gives patients more control over their information Sets limits on use and release of health records Establishes safeguards to protect privacy Holds violators accountable 27 Standards for Privacy - 2 No extension for compliance April 14, 2003 health care providers April 14, 2003 health plans, other than small April 14, 2004 small health plans April 14, 2004 clearinghouses Does HIPAA Apply to You? Covered entity Is a health plan, a health care clearinghouse, or a provider who transmits health information in electronic form (45 C.F.R. Part 162) Use the Covered Entity Decision Tools Health care provider (45 C.F.R ) 5

6 Administrative Simplification provisions - 1 Protect and enhance rights of consumers Improve quality of health care by restoring trust Improve efficiency and effectiveness of health care delivery by creating a national framework Administrative Simplification provisions - 2 Association for Electronic Health Care Transactions (AFEHCT) an industry action group, member companies include health claims clearinghouses, value added networks, software vendors, practice management companies, health care data processing EDS; IBM; McKesson HBOC; Per Se Technologies; National Data Corp; Siemens Medical Solutions; Perot Systems; Web MD; UNISYS; Ernst & Young, LLP; Aetna US Healthcare; and more 31 Administrative Simplification provisions - 3 October 15, 2002 Deadline for Extension Applies to entities that generate, process and/or receive electronic medical claims,including eligibility and referral authorizations, EOBs, payments Compliance Officer Monitoring/auditing Education/training Conduct effectiveness evaluations Develop and/or update P&P Employee awareness Compliance with government regs Compliance Officer Training Sources for Information November 12, 2002 HIPAA Privacy Rule Compliance: A Simplified Explanation by Michael Fleischman (Gates, Moore & Co) HCCA: 2002 Profile of Health Care Compliance Officers survey HCPro Healthcare Marketplace (www.hcmarketplace.com) 6

HIPAA Security. 1 Security 101 for Covered Entities. Security Topics

HIPAA Security. 1 Security 101 for Covered Entities. Security Topics HIPAA SERIES Topics 1. 101 for Covered Entities 2. Standards - Administrative Safeguards 3. Standards - Physical Safeguards 4. Standards - Technical Safeguards 5. Standards - Organizational, Policies &

More information

ELECTRONIC HEALTH RECORDS

ELECTRONIC HEALTH RECORDS ELECTRONIC HEALTH RECORDS Understanding and Using Computerized Medical Records CHAPTER TEN LESSON ONE Privacy and Security of Health Records Understanding HIPAA HIPAA: acronym for Health Insurance Portability

More information

HOW TO REALLY IMPLEMENT HIPAA. Presented by: Melissa Skaggs Provider Resources Group

HOW TO REALLY IMPLEMENT HIPAA. Presented by: Melissa Skaggs Provider Resources Group HOW TO REALLY IMPLEMENT HIPAA Presented by: Melissa Skaggs Provider Resources Group WHAT IS HIPAA The Health Insurance Portability and Accountability Act of 1996 (HIPAA; Pub.L. 104 191, 110 Stat. 1936,

More information

MYTHS AND FACTS ABOUT THE HIPAA PRIVACY RULE PART 1

MYTHS AND FACTS ABOUT THE HIPAA PRIVACY RULE PART 1 CIRCA 2004 MYTHS AND FACTS ABOUT THE HIPAA PRIVACY RULE PART 1 Since April 14, 2003, health care providers, health plans, and health care clearinghouses have been required to be in compliance with the

More information

Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com

Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com HIPAA Privacy Rule Sets standards for confidentiality and privacy of individually

More information

HIPAA COMPLIANCE AND DATA PROTECTION. sales@eaglenetworks.it +39 030 201.08.25 Page 1

HIPAA COMPLIANCE AND DATA PROTECTION. sales@eaglenetworks.it +39 030 201.08.25 Page 1 HIPAA COMPLIANCE AND DATA PROTECTION sales@eaglenetworks.it +39 030 201.08.25 Page 1 CONTENTS Introduction..... 3 The HIPAA Security Rule... 4 The HIPAA Omnibus Rule... 6 HIPAA Compliance and EagleHeaps

More information

HIPAA PRIVACY AND SECURITY AWARENESS

HIPAA PRIVACY AND SECURITY AWARENESS HIPAA PRIVACY AND SECURITY AWARENESS Introduction The Health Insurance Portability and Accountability Act (known as HIPAA) was enacted by Congress in 1996. HIPAA serves three main purposes: To protect

More information

Understanding Health Insurance Portability Accountability Act AND HITECH. HIPAA s Privacy Rule

Understanding Health Insurance Portability Accountability Act AND HITECH. HIPAA s Privacy Rule Understanding Health Insurance Portability Accountability Act AND HITECH HIPAA s Privacy Rule 1 What Is HIPAA s Privacy Rule The privacy rule is a component of the Health Insurance Portability and Accountability

More information

The Case For HIPAA Risk Assessment. Leader s Guide

The Case For HIPAA Risk Assessment. Leader s Guide 4547 The Case For HIPAA Risk Assessment Leader s Guide IMPORTANT INFORMATION FOR EDUCATION COORDINATORS & PROGRAM FACILITATORS PLEASE NOTE: In order for this program to meet Florida course requirements,

More information

OCR/HHS HIPAA/HITECH Audit Preparation

OCR/HHS HIPAA/HITECH Audit Preparation OCR/HHS HIPAA/HITECH Audit Preparation 1 Who are we EHR 2.0 Mission: To assist healthcare organizations develop and implement practices to secure IT systems and comply with HIPAA/HITECH regulations. Education

More information

what your business needs to do about the new HIPAA rules

what your business needs to do about the new HIPAA rules what your business needs to do about the new HIPAA rules Whether you are an employer that provides health insurance for your employees, a business in the growing health care industry, or a hospital or

More information

Preparing for the HIPAA Security Rule

Preparing for the HIPAA Security Rule A White Paper for Health Care Professionals Preparing for the HIPAA Security Rule Introduction The Health Insurance Portability and Accountability Act (HIPAA) comprises three sets of standards transactions

More information

GENERAL OVERVIEW OF STANDARDS FOR PRIVACY OF INDIVIDUALLY IDENTIFIABLE HEALTH INFORMATION [45 CFR Part 160 and Subparts A and E of Part 164]

GENERAL OVERVIEW OF STANDARDS FOR PRIVACY OF INDIVIDUALLY IDENTIFIABLE HEALTH INFORMATION [45 CFR Part 160 and Subparts A and E of Part 164] GENERAL OVERVIEW OF STANDARDS FOR PRIVACY OF INDIVIDUALLY IDENTIFIABLE HEALTH INFORMATION [45 CFR Part 160 and Subparts A and E of Part 164] OCR HIPAA Privacy The following overview provides answers to

More information

ü Ensuring the privacy and security of personally identifiable health information (the Privacy and Security Rules); and

ü Ensuring the privacy and security of personally identifiable health information (the Privacy and Security Rules); and Provided by Benefits By Choice HIPAA Rules: Privacy, Security and Electronic Data Interchange The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a broad federal law regarding health

More information

Dissecting New HIPAA Rules and What Compliance Means For You

Dissecting New HIPAA Rules and What Compliance Means For You Dissecting New HIPAA Rules and What Compliance Means For You A White Paper by Cindy Phillips of CMIT Solutions and Kelly McClendon of CompliancePro Solutions TABLE OF CONTENTS Introduction 3 What Are the

More information

Ensuring HIPAA Compliance with eztechdirect Online Backup and Archiving Services

Ensuring HIPAA Compliance with eztechdirect Online Backup and Archiving Services Ensuring HIPAA Compliance with eztechdirect Online Backup and Archiving Services Introduction Patient privacy continues to be a chief topic of concern as technology continues to evolve. Now that the majority

More information

REFERENCE 5. White Paper Health Insurance Portability and Accountability Act: Security Standards; Implications for the Healthcare Industry

REFERENCE 5. White Paper Health Insurance Portability and Accountability Act: Security Standards; Implications for the Healthcare Industry REFERENCE 5 White Paper Health Insurance Portability and Accountability Act: Security Standards; Implications for the Healthcare Industry Shannah Koss, Program Manager, IBM Government and Healthcare This

More information

Practice management system criteria checklist

Practice management system criteria checklist Practice management system criteria checklist The American Medical Association (AMA) and Medical Group Management Association (MGMA) have created the following checklist as a starting point for assessing

More information

HIPAA Security Compliance Reviews

HIPAA Security Compliance Reviews HIPAA Security Compliance Reviews Elizabeth S. Holland, MPA Office of E-Health Standards and Services Centers for Medicare & Medicaid Services U.S. Department of Health and Human Services 1 2 What is HIPAA?

More information

HIPAA Privacy Overview

HIPAA Privacy Overview May 21, 2003 HIPAA Privacy Overview Presented to the California State University Agenda Introduction HIPAA privacy regulations HIPAA privacy impact on CSU Next steps/action items Mercer Human Resource

More information

Orbograph HIPAA/HITECH Compliance, Resiliency and Security

Orbograph HIPAA/HITECH Compliance, Resiliency and Security Orbograph HIPAA/HITECH Compliance, Resiliency and Security Version 1.0 August 2013 Legal Notice This document is delivered subject to the following conditions and restrictions: The document contains proprietary

More information

Accelerating HIPAA Compliance with EMC Healthcare Solutions

Accelerating HIPAA Compliance with EMC Healthcare Solutions Accelerating HIPAA Compliance with EMC Healthcare Solutions A HealthCIO White Paper Sponsored by the EMC Corporation by Jonathan Bogen 2003 E-mail: Info@HealthCIO.com www.healthcio.com Accelerating HIPAA

More information

Electronic Medical Records: Legal and Ethical Implications for Patients

Electronic Medical Records: Legal and Ethical Implications for Patients Electronic Medical Records: Legal and Ethical Implications for Patients Linda A. Simunek, RN, PhD, JD Executive Director, Doctoral Success Grant and Adjunct Professor in Law in Healthcare Education, Fischler

More information

Healthcare Applications and HIPAA. BA590-IT Governance Final Term Project Prof. Mike Shaw

Healthcare Applications and HIPAA. BA590-IT Governance Final Term Project Prof. Mike Shaw Healthcare Applications and HIPAA BA590-IT Governance Final Term Project Prof. Mike Shaw Michael McIntosh 5/4/2007 Table of Contents 1. Abstract 3 2. Introduction 3 3. Section 1: HIPAA definition and history

More information

HIPAA COMPLIANCE AND

HIPAA COMPLIANCE AND INTRONIS CLOUD BACKUP & RECOVERY HIPAA COMPLIANCE AND DATA PROTECTION CONTENTS Introduction 3 The HIPAA Security Rule 4 The HIPAA Omnibus Rule 6 HIPAA Compliance and Intronis Cloud Backup and Recovery

More information

General HIPAA Implementation FAQ

General HIPAA Implementation FAQ General HIPAA Implementation FAQ What is HIPAA? Signed into law in August 1996, the Health Insurance Portability and Accountability Act ( HIPAA ) was created to provide better access to health insurance,

More information

DECISIONS, DECISIONS

DECISIONS, DECISIONS DECISIONS, DECISIONS PRODUCT ASSESSMENT WORKSHEET Source: Adapted from Regional Women s Health Group, LLC PRODUCT 1 PRODUCT 2 PRODUCT 3 EMRs OR OTHER OFFICE MANAGEMENT SOFTWARE: Desktop features (focal

More information

Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions

Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions Table of Contents Understanding HIPAA Privacy and Security... 1 What

More information

Ensuring HIPAA Compliance with Pros 4 Technology Online Backup and Archiving Services

Ensuring HIPAA Compliance with Pros 4 Technology Online Backup and Archiving Services Ensuring HIPAA Compliance with Pros 4 Technology Online Backup and Archiving Services Introduction Patient privacy has become a major topic of concern over the past several years. With the majority of

More information

RONALD V. MCGUCKIN AND ASSOCIATES Post Office Box 2126 Bristol, Pennsylvania 19007 (215) 785-3400 (215) 785-3401 (Fax) childproviderlaw.

RONALD V. MCGUCKIN AND ASSOCIATES Post Office Box 2126 Bristol, Pennsylvania 19007 (215) 785-3400 (215) 785-3401 (Fax) childproviderlaw. RONALD V. MCGUCKIN AND ASSOCIATES Post Office Box 2126 Bristol, Pennsylvania 19007 (215) 785-3400 (215) 785-3401 (Fax) childproviderlaw.com HIPAA The Health Insurance Portability and Accountability Act

More information

Agenda. OCR Audits of HIPAA Privacy, Security and Breach Notification, Phase 2. Linda Sanches, MPH Senior Advisor, Health Information Privacy 4/1/2014

Agenda. OCR Audits of HIPAA Privacy, Security and Breach Notification, Phase 2. Linda Sanches, MPH Senior Advisor, Health Information Privacy 4/1/2014 OCR Audits of HIPAA Privacy, Security and Breach Notification, Phase 2 Linda Sanches, MPH Senior Advisor, Health Information Privacy HCCA Compliance Institute March 31, 2014 Agenda Background Audit Phase

More information

Industry leading Education Todays Webinar

Industry leading Education Todays Webinar Compliance Simplified Achieve, Illustrate, Maintain Industry leading Education Todays Webinar Please ask questions Todays slides are available http://compliancy- group.com/slides023/ Certified Partner

More information

Isaac Willett April 5, 2011

Isaac Willett April 5, 2011 Current Options for EHR Implementation: Cloud or No Cloud? Regina Sharrow Isaac Willett April 5, 2011 Introduction Health Information Technology for Economic and Clinical Health Act ( HITECH (HITECH Act

More information

EHR Glossary of Terms

EHR Glossary of Terms EHR Glossary of Terms American Recovery and Reinvestment Act of 2009 (ARRA): budget bill enacted by Congress and signed by President Obama on February 17, 2009 that was designed to provide an economic

More information

HIPAA. considerations with LogMeIn

HIPAA. considerations with LogMeIn HIPAA considerations with LogMeIn Introduction The Health Insurance Portability and Accountability Act (HIPAA), passed by Congress in 1996, requires all organizations that maintain or transmit electronic

More information

Am I a Business Associate? Do I want to be a Business Associate? What are my obligations?

Am I a Business Associate? Do I want to be a Business Associate? What are my obligations? Am I a Business Associate? Do I want to be a Business Associate? What are my obligations? Brought to you by Winston & Strawn s Health Care Practice Group 2013 Winston & Strawn LLP Today s elunch Presenters

More information

HIPAA Privacy Overview

HIPAA Privacy Overview HIPAA Privacy Overview General HIPAA stands for a federal law called the Health Insurance Portability and Accountability Act. This law, among other purposes, was created to protect the privacy and security

More information

Faster, Smarter, More Secure: IT Services Geared for the Health Care Industry A White Paper by CMIT Solutions

Faster, Smarter, More Secure: IT Services Geared for the Health Care Industry A White Paper by CMIT Solutions Faster, Smarter, More Secure: IT Services Geared for the Health Care Industry A White Paper by CMIT Solutions Table of Contents Introduction... 3 1. Data Backup: The Most Critical Part of any IT Strategy...

More information

The Impact of HIPAA and HITECH

The Impact of HIPAA and HITECH The Health Insurance Portability & Accountability Act (HIPAA), enacted 8/21/96, was created to protect the use, storage and transmission of patients healthcare information. This protects all forms of patients

More information

HIPAA The Law Explained. Click here to view the HIPAA information.

HIPAA The Law Explained. Click here to view the HIPAA information. HIPAA The Law Explained Click here to view the HIPAA information. HIPAA - Provisions 5 Major Provisions/Titles Title 1 Title 2 Title 3 Title 4 Title 5 More Information on Administrative Simplification

More information

HIPAA Compliance and the Protection of Patient Health Information

HIPAA Compliance and the Protection of Patient Health Information HIPAA Compliance and the Protection of Patient Health Information WHITE PAPER By Swift Systems Inc. April 2015 Swift Systems Inc. 7340 Executive Way, Ste M Frederick MD 21704 1 Contents HIPAA Compliance

More information

DIGITECH AND HIPAA COMPLIANCE

DIGITECH AND HIPAA COMPLIANCE White Paper DIGITECH AND HIPAA COMPLIANCE April 2004 As HIPAA compliance becomes mandatory, Digitech Systems continues to proactively address the unique needs of the Health Care market. PaperVision Enterprise

More information

Why Lawyers? Why Now?

Why Lawyers? Why Now? TODAY S PRESENTERS Why Lawyers? Why Now? New HIPAA regulations go into effect September 23, 2013 Expands HIPAA safeguarding and breach liabilities for business associates (BAs) Lawyer is considered a business

More information

FIVE EASY STEPS FOR HANDLING NEW HIPAA REQUIREMENTS & MANAGING YOUR ELECTRONIC COMMUNICATIONS

FIVE EASY STEPS FOR HANDLING NEW HIPAA REQUIREMENTS & MANAGING YOUR ELECTRONIC COMMUNICATIONS FIVE EASY STEPS FOR HANDLING NEW HIPAA REQUIREMENTS & MANAGING YOUR ELECTRONIC COMMUNICATIONS James J. Eischen, Jr., Esq. October 2013 Chicago, Illinois JAMES J. EISCHEN, JR., ESQ. Partner at Higgs, Fletcher

More information

Signed into law on February 17, 2009, the Stimulus Package known

Signed into law on February 17, 2009, the Stimulus Package known Stimulus Package Expands HIPAA Privacy and Security and Adds Federal Data Breach Notification Law Marcy Wilder, Donna A. Boswell, and BarBara Bennett The authors discuss provisions of the Stimulus Package

More information

WHITE PAPER. HIPPA Compliance and Secure Online Data Backup and Disaster Recovery

WHITE PAPER. HIPPA Compliance and Secure Online Data Backup and Disaster Recovery WHITE PAPER HIPPA Compliance and Secure Online Data Backup and Disaster Recovery January 2006 HIPAA Compliance and the IT Portfolio Online Backup Service Introduction October 2004 In 1996, Congress passed

More information

HIPAA and the HITECH Act Privacy and Security of Health Information in 2009

HIPAA and the HITECH Act Privacy and Security of Health Information in 2009 HIPAA and the HITECH Act Privacy and Security of Health Information in 2009 What is HIPAA? Health Insurance Portability & Accountability Act of 1996 Effective April 13, 2003 Federal Law HIPAA Purpose:

More information

HIPAA and HITECH Compliance Simplification. Sol Cates CSO @solcates scates@vormetric.com

HIPAA and HITECH Compliance Simplification. Sol Cates CSO @solcates scates@vormetric.com HIPAA and HITECH Compliance Simplification Sol Cates CSO @solcates scates@vormetric.com Quick Agenda Why comply? What does Compliance look like? New Cares vs Rental Cars vs Custom Cars Vormetric Q&A Slide

More information

Welcome to the Privacy and Security PowerPoint presentation in the Data Analytics Toolkit. This presentation will provide introductory information

Welcome to the Privacy and Security PowerPoint presentation in the Data Analytics Toolkit. This presentation will provide introductory information Welcome to the Privacy and Security PowerPoint presentation in the Data Analytics Toolkit. This presentation will provide introductory information about HIPAA, the HITECH-HIPAA Omnibus Privacy Act, how

More information

Double-Take in a HIPAA Regulated Health Care Industry

Double-Take in a HIPAA Regulated Health Care Industry Double-Take in a HIPAA Regulated Health Care Industry Abstract: This document addresses the contingency plan and physical access control requirements of the Administrative Simplification security provision

More information

Ensuring HIPAA Compliance with Computer BYTES Online Backup and Archiving Services

Ensuring HIPAA Compliance with Computer BYTES Online Backup and Archiving Services Ensuring HIPAA Compliance with Computer BYTES Online Backup and Archiving Services Page 2 of 8 Introduction Patient privacy has become a major topic of concern over the past several years. With the majority

More information

APPENDIX 1: Frequently Asked Questions

APPENDIX 1: Frequently Asked Questions APPENDIX 1: Frequently Asked Questions Practice Name Q: What is the HIPAA Privacy Rule? A: The HIPAA Privacy Rule controls the use and disclosure of what is known as Protected Health Information (PHI).

More information

In order to adjudicate an appeal, OPM requires claimants or their authorized representatives to submit the following information:

In order to adjudicate an appeal, OPM requires claimants or their authorized representatives to submit the following information: SYSTEM NAME: Health Claims Disputes External Review Services. SYSTEM LOCATION: Office of Personnel Management, 1900 E Street NW., Washington, DC 20415. CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

More information

Joe Dylewski President, ATMP Solutions

Joe Dylewski President, ATMP Solutions Joe Dylewski President, ATMP Solutions Joe Dylewski President, ATMP Solutions Assistant Professor, Madonna University 20 Years, Technology and Application Implementation Experience Served as Michigan Healthcare

More information

HIPAA COMPLIANCE CALIFORNIA STATE UNIVERSITY, EAST BAY. Audit Report 10-53 October 25, 2010

HIPAA COMPLIANCE CALIFORNIA STATE UNIVERSITY, EAST BAY. Audit Report 10-53 October 25, 2010 HIPAA COMPLIANCE CALIFORNIA STATE UNIVERSITY, EAST BAY Audit Report 10-53 October 25, 2010 Members, Committee on Audit Henry Mendoza, Chair Raymond W. Holdsworth, Vice Chair Nicole M. Anderson Margaret

More information

HIPAA Compliance and PrintFleet Software Applications

HIPAA Compliance and PrintFleet Software Applications HIPAA Compliance and PrintFleet Software Applications PrintFleet Software Applications Do Not Impact HIPAA Compliance The use of PrintFleet software applications will not have an impact on compliance with

More information

Data Integrity in an Era of EHRs, HIEs, and HIPAA: A Health Information Management Perspective

Data Integrity in an Era of EHRs, HIEs, and HIPAA: A Health Information Management Perspective Office for Civil Rights, HHS National Institute for Standards and Technology Conference Safeguarding Health Information: Building Assurance through HIPAA Security Data Integrity in an Era of EHRs, HIEs,

More information

HIPAA Employee Compliance Program TRAINING MANUAL

HIPAA Employee Compliance Program TRAINING MANUAL HIPAA Employee Compliance Program TRAINING MANUAL Training Manual to Assist Employees in HIPAA Compliance January 2013 Program For HIPAA Compliance Plan Goal The purpose of this manual is to instruct our

More information

Alert. Client PROSKAUER ROSE LLP. HIPAA Compliance Update: Employers, As Group Health Plan Sponsors, Will Be Affected By HIPAA Privacy Requirements

Alert. Client PROSKAUER ROSE LLP. HIPAA Compliance Update: Employers, As Group Health Plan Sponsors, Will Be Affected By HIPAA Privacy Requirements PROSKAUER ROSE LLP Client Alert HIPAA Compliance Update: Employers, As Group Health Plan Sponsors, Will Be Affected By HIPAA Privacy Requirements The U.S. Department of Health and Human Services published

More information

HIPAA & HITECH AND THE DISCOVERY PROCESS

HIPAA & HITECH AND THE DISCOVERY PROCESS HIPAA & HITECH AND THE DISCOVERY PROCESS HEATHER L. HUGHES, J.D. U.S. Legal Support, Inc. 363 North Sam Houston Parkway East, Suite 900 Houston, Texas 77060 (713) 653-7100 State Bar of Texas 8 th ANNUAL

More information

to EMR transition Contents

to EMR transition Contents Best Practices Guide HIPAA Primer series HEALTHCARE Iron Mountain Document Conversion Services The HIPAA-compliant approach to EMR transition Contents 3 EMR Transition: The Growing Importance of Document

More information

The HIPAA Audit Program

The HIPAA Audit Program The HIPAA Audit Program Anna C. Watterson Davis Wright Tremaine LLP The U.S. Department of Health and Human Services (HHS) was given authority, and a mandate, to conduct periodic audits of HIPAA 1 compliance

More information

OCR Reports on the Enforcement. Learning Objectives 4/1/2013. HIPAA Compliance/Enforcement (As of December 31, 2012) HCCA Compliance Institute

OCR Reports on the Enforcement. Learning Objectives 4/1/2013. HIPAA Compliance/Enforcement (As of December 31, 2012) HCCA Compliance Institute OCR Reports on the Enforcement of the HIPAA Rules HCCA Compliance Institute April 22, 2013 David Holtzman Sr. Health IT & Privacy Specialist U.S. Department of Health and Human Services Office for Civil

More information

OCR Reports on the Enforcement. Learning Objectives

OCR Reports on the Enforcement. Learning Objectives OCR Reports on the Enforcement of the HIPAA Rules HCCA Compliance Institute April 22, 2013 David Holtzman Sr. Health IT & Privacy Specialist U.S. Department of Health and Human Services Office for Civil

More information

C.T. Hellmuth & Associates, Inc.

C.T. Hellmuth & Associates, Inc. Technical Monograph C.T. Hellmuth & Associates, Inc. Technical Monographs usually are limited to only one subject which is treated in considerably more depth than is possible in our Executive Newsletter.

More information

HIPAA: AN OVERVIEW September 2013

HIPAA: AN OVERVIEW September 2013 HIPAA: AN OVERVIEW September 2013 Introduction The Health Insurance Portability and Accountability Act of 1996, known as HIPAA, was enacted on August 21, 1996. The overall goal was to simplify and streamline

More information

HIPAA: In Plain English

HIPAA: In Plain English HIPAA: In Plain English Material derived from a presentation by Kris K. Hughes, Esq. Posted with permission from the author. The Health Insurance Portability and Accountability Act of 1996 (HIPAA), Pub.

More information

Electronic Health Records

Electronic Health Records What Do Electronic Health Records Mean for Our Practice? What Are Electronic Health Records? Electronic Health Records (EHRs) are computer systems that health & medical practices (including mental health

More information

HIPAA WEBINAR HANDOUT

HIPAA WEBINAR HANDOUT HIPAA WEBINAR HANDOUT OCR Enforcement Tools Voluntary corrective action Resolution Agreement and Payment CMPs Referral to DOJ for criminal investigation Resolution Agreements Contract signed by HHS and

More information

What Virginia s Free Clinics Need to Know About HIPAA and HITECH

What Virginia s Free Clinics Need to Know About HIPAA and HITECH What Virginia s Free Clinics Need to Know About HIPAA and HITECH This document is one in a series of tools and white papers produced by the Virginia Health Care Foundation to help Virginia s free clinics

More information

Preparing for the HIPAA Security Rule Again; now, with Teeth from the HITECH Act!

Preparing for the HIPAA Security Rule Again; now, with Teeth from the HITECH Act! A White Paper for HIPAA Business Associates (And Agents & Subcontractors!) Preparing for the HIPAA Security Rule Again; now, with Teeth from the HITECH Act! Introduction Two years ago we first published

More information

White Paper #6. Privacy and Security

White Paper #6. Privacy and Security The Complexity of America s Health Care Industry White Paper #6 Privacy and Security www.nextwavehealthadvisors.com 2015 Next Wave Health Advisors and Lynn Harold Vogel, Ph.D. The Complexity of America

More information

LogMeIn HIPAA Considerations

LogMeIn HIPAA Considerations LogMeIn HIPAA Considerations Contents Introduction LogMeIn HIPAA Considerations...3 General HIPAA Information...4 Section A Background information on HIPAA Rules...4 Technical Safeguards Overview...5 Section

More information

OCTOBER 2013 PART 1. Keeping Data in Motion: How HIPAA affects electronic transfer of protected health information

OCTOBER 2013 PART 1. Keeping Data in Motion: How HIPAA affects electronic transfer of protected health information OCTOBER 2013 PART 1 Keeping Data in Motion: How HIPAA affects electronic transfer of protected health information Part 1: How HIPAA affects electronic transfer of protected health information It is difficult

More information

HIPAA Security Rule Compliance

HIPAA Security Rule Compliance HIPAA Security Rule Compliance Caryn Reiker MAXIS360 HIPAA Security Rule Compliance what is it and why you should be concerned about it Table of Contents About HIPAA... 2 Who Must Comply... 2 The HIPAA

More information

Implementing Your EHR

Implementing Your EHR Implementing Your EHR Webinar Schedule Optimizing your EHR for Quality Improvement March 23 and 26 Session Objectives Apply best practices for system implementation Evaluate staffing needs for the EHR

More information

Selecting & Implementing an Electronic Medical Records System

Selecting & Implementing an Electronic Medical Records System Selecting & Implementing an Electronic Medical Records System Webinar Summary EMR statistics Benefits of an EMR system Critical success factors Pre-implementation considerations Vendor contracting EMR

More information

HIPAA Violations Incur Multi-Million Dollar Penalties

HIPAA Violations Incur Multi-Million Dollar Penalties HIPAA Violations Incur Multi-Million Dollar Penalties Whitepaper HIPAA Violations Incur Multi-Million Dollar Penalties Have you noticed how many expensive Health Insurance Portability and Accountability

More information

HHS Issues New HITECH/HIPAA Rule: Implications for Hospice Providers

HHS Issues New HITECH/HIPAA Rule: Implications for Hospice Providers Compliance Tip Sheet National Hospice and Palliative Care Organization www.nhpco.org/regulatory HHS Issues New HITECH/HIPAA Rule: Implications for Hospice Providers Hospice Provider Compliance To Do List

More information

American College of Physicians Internal Medicine 2008 Washington, DC May 15-17, 2008

American College of Physicians Internal Medicine 2008 Washington, DC May 15-17, 2008 American College of Physicians Internal Medicine 2008 Washington, DC May 15-17, 2008 Innovation in Practice: Exploring the Impact of Practice Redesign, Quality Improvement, and Information Technology on

More information

HIPAA: Healthcare Transformation to Electronic Communications. Open Text Fax and Document Distribution Group May 2009

HIPAA: Healthcare Transformation to Electronic Communications. Open Text Fax and Document Distribution Group May 2009 HIPAA: Healthcare Transformation to Electronic Communications Open Text Fax and Document Distribution Group May 2009 2 White Paper Contents Executive Summary... 3 PART ONE: An Introduction to HIPAA Regulations...

More information

HIPAA and Network Security Curriculum

HIPAA and Network Security Curriculum HIPAA and Network Security Curriculum This curriculum consists of an overview/syllabus and 11 lesson plans Week 1 Developed by NORTH SEATTLE COMMUNITY COLLEGE for the IT for Healthcare Short Certificate

More information

What s New with HIPAA? Policy and Enforcement Update

What s New with HIPAA? Policy and Enforcement Update What s New with HIPAA? Policy and Enforcement Update HHS Office for Civil Rights New Initiatives Precision Medicine Initiative (PMI), including Access Guidance Cybersecurity Developer portal NICS Final

More information

HIPAA Administrative Simplification and Privacy (AS&P) Frequently Asked Questions

HIPAA Administrative Simplification and Privacy (AS&P) Frequently Asked Questions HIPAA Administrative Simplification and Privacy (AS&P) Frequently Asked Questions ELECTRONIC TRANSACTIONS AND CODE SETS The following frequently asked questions and answers were developed to communicate

More information

Dispelling the Myth that Regulatory Compliance is Inherently Addressed within Existing Controls June 27, 2012

Dispelling the Myth that Regulatory Compliance is Inherently Addressed within Existing Controls June 27, 2012 Dispelling the Myth that Regulatory Compliance is Inherently Addressed within Existing Controls June 27, 2012 Lee Barrett, Executive Director, EHNAC Panelists: John Casillas, SVP, HIMSS Medical Banking

More information

HIPAA Security Series

HIPAA Security Series 7 Security Standards: Implementation for the Small Provider What is the Security Series? The security series of papers provides guidance from the Centers for Medicare & Medicaid Services (CMS) on the rule

More information

BEFORE THE BOARD OF COUNTY COMMISSIONERS FOR MULTNOMAH COUNTY, OREGON RESOLUTION NO. 05-050

BEFORE THE BOARD OF COUNTY COMMISSIONERS FOR MULTNOMAH COUNTY, OREGON RESOLUTION NO. 05-050 BEFORE THE BOARD OF COUNTY COMMISSIONERS FOR MULTNOMAH COUNTY, OREGON RESOLUTION NO. 05-050 Adopting Multnomah County HIPAA Security Policies and Directing the Appointment of Information System Security

More information

Shipman & Goodwin LLP. HIPAA Alert STIMULUS PACKAGE SIGNIFICANTLY EXPANDS HIPAA REQUIREMENTS

Shipman & Goodwin LLP. HIPAA Alert STIMULUS PACKAGE SIGNIFICANTLY EXPANDS HIPAA REQUIREMENTS Shipman & Goodwin LLP HIPAA Alert March 2009 STIMULUS PACKAGE SIGNIFICANTLY EXPANDS HIPAA REQUIREMENTS The economic stimulus package, officially named the American Recovery and Reinvestment Act of 2009

More information

Audit Report. University Medical Center HIPAA Compliance. June 2013. Angela M. Darragh, CPA, CISA, CFE Audit Director AUDIT DEPARTMENT

Audit Report. University Medical Center HIPAA Compliance. June 2013. Angela M. Darragh, CPA, CISA, CFE Audit Director AUDIT DEPARTMENT Audit Report AUDIT DEPARTMENT University Medical Center HIPAA Compliance June 2013 Angela M. Darragh, CPA, CISA, CFE Audit Director AUDIT COMMITTEE: Commissioner Steve Sisolak Commissioner Chris Giunchigliani

More information

Legislative & Regulatory Information

Legislative & Regulatory Information Americas - U.S. Legislative, Privacy & Projects Jurisdiction Effective Date Author Release Date File No. UFS Topic Citation: Reference: Federal Various Louis Enahoro 2/20/14 LI-485 HIPAA, Electronic Commerce

More information

HIPAA Training: Ensuring Privacy for our Patients

HIPAA Training: Ensuring Privacy for our Patients HIPAA Training: Ensuring Privacy for our Patients The purpose of the HIPAA Privacy Rule is to prevent inappropriate use and disclosure of individual health information, most commonly referred to as protected

More information

Ensuring HIPAA Compliance with AcclaimVault Online Backup and Archiving Services

Ensuring HIPAA Compliance with AcclaimVault Online Backup and Archiving Services Ensuring HIPAA Compliance with AcclaimVault Online Backup and Archiving Services 1 Contents 3 Introduction 5 The HIPAA Security Rule 7 HIPAA Compliance & AcclaimVault Backup 8 AcclaimVault Security and

More information

Laying a Path to EMR Implementation (and avoiding stressing out over HITECH legislation)

Laying a Path to EMR Implementation (and avoiding stressing out over HITECH legislation) Laying a Path to EMR Implementation (and avoiding stressing out over HITECH legislation) Wayne Kaniewski, MD The HITECH Act of 2009 (part of the American Recovery and Reinvestment Act) allocated about

More information

SARASOTA COUNTY GOVERNMENT EMPLOYEE MEDICAL BENEFIT PLAN HIPAA PRIVACY POLICY

SARASOTA COUNTY GOVERNMENT EMPLOYEE MEDICAL BENEFIT PLAN HIPAA PRIVACY POLICY SARASOTA COUNTY GOVERNMENT EMPLOYEE MEDICAL BENEFIT PLAN HIPAA PRIVACY POLICY Purpose: The following privacy policy is adopted to ensure that the Sarasota County Government Employee Medical Benefit Plan

More information

HIPAA Security. 6 Basics of Risk Analysis and Risk Management. Security Topics

HIPAA Security. 6 Basics of Risk Analysis and Risk Management. Security Topics HIPAA Security SERIES Security Topics 1. Security 101 for Covered Entities 2. Security Standards - Administrative Safeguards 3. Security Standards - Physical Safeguards 4. Security Standards - Technical

More information

What Every Organization Needs to Know about Basic HIPAA Compliance and Technology. April 21, 2015

What Every Organization Needs to Know about Basic HIPAA Compliance and Technology. April 21, 2015 What Every Organization Needs to Know about Basic HIPAA Compliance and Technology April 21, 2015 Who are these handsome fellas? Jamie Wolbeck (VP Of Operations) jamiew@sccnet.com Ron Shelby (Sr. Account

More information

HIPAA: Compliance Essentials

HIPAA: Compliance Essentials HIPAA: Compliance Essentials Presented by: Health Security Solutions August 15, 2014 What is HIPAA?? HIPAA is Law that governs a person s ability to qualify immediately for health coverage when they change

More information

Presented by: Leslie Bender, CIPP General Counsel/CPO The ROI Companies www.theroi.com

Presented by: Leslie Bender, CIPP General Counsel/CPO The ROI Companies www.theroi.com Healthcare Compliance: How HiTECH May Affect Relationships with Business Associates Presented by: Leslie Bender, CIPP General Counsel/CPO The ROI Companies www.theroi.com Legal Disclaimer This information

More information