HIPAA PRIVACY AND SECURITY TRAINING P I E D M O N T COMMUNITY H EA LT H P L A N

Similar documents
2014 Core Training 1

Reproductive Medicine Associates of New Jersey, LLC

Department of Health and Human Services Policy ADMN 004, Attachment A

PRIVACY NOTICE. In certain situations, we may also disclose patient information to another provider or health plan for their health care operations.

UNDERSTANDING THE HIPAA/HITECH BREACH NOTIFICATION RULE 2/25/14

HIPAA and Privacy Policy Training

HEALTH INSURANCE PORTABILITY & ACCOUNTABILITY ACT OF 1996 HIPAA

HIPAA Omnibus Notice of Privacy Practices Effective Date: March 03, 2012 Revised on: July 1, 2015

HFS DATA SECURITY TRAINING WITH TECHNOLOGY COMES RESPONSIBILITY

Privacy Notice Document (HIPAA)

Annual Compliance Training. HITECH/HIPAA Refresher

NOTICE OF THE NATHAN ADELSON HOSPICE PRIVACY PRACTICES

PHI- Protected Health Information

AVE MARIA UNIVERSITY HIPAA PRIVACY NOTICE

The Health and Benefit Trust Fund of the International Union of Operating Engineers Local Union No A-94B, AFL-CIO. Notice of Privacy Practices

HIPAA NOTICE TO PATIENTS

HIPAA TRAINING. A training course for Shiawassee County Community Mental Health Authority Employees

SELF-LEARNING MODULE (SLM) 2012 HIPAA Education Privacy Basics and Intermediate Modules

HIPAA Compliance Annual Mandatory Education

NOTICE OF PRIVACY PRACTICES TEMPLATE. Sections highlighted in yellow are optional sections, depending on if applicable

CREATIVE SOLUTIONS IN HEALTHCARE, INC. Privacy Policy

HIPAA Orientation. Health Insurance Portability and Accountability Act

SOUTHLAKE DERMATOLOGY 1170 N. Carroll Ave. Southlake, TX Main Fax

HIPAA Privacy & Security Training for Clinicians

Harris County - Texas HIPAA Notice of Privacy Practices

Health Insurance Portability and Accountability Act (HIPAA)

Cooper Dental Group Notice of Privacy Practices

NOTICE OF PRIVACY PRACTICES (NPP)

The Basics of HIPAA Privacy and Security and HITECH

Effective Date: March 23, 2016

Sarasota Personal Medicine 1250 S. Tamiami Trail, Suite 202 Sarasota, FL Phone Fax

POLICY AND PROCEDURE MANUAL

Notice of Privacy Practices

HIPAA: Privacy/Info Security

NOTICE OF PRIVACY PRACTICES

Notice of Health Information Privacy Practices Radiology Associates of Norwood, Inc.

ACCOUNTABLE HEALTHCARE IPA HIPAA PRIVACY AND SECURITY TRAINING. By: Jerry Jackson Compliance and Privacy Officer

HIPAA Privacy & Security Rules

HIPAA 101: Privacy and Security Basics

Guilford Medical Associates, P.A.

Population Health Management Program Notice of Privacy Practices

HIPAA Training Study Guide July 2015 June 2016

HIPAA Self-Study Module Patient Privacy at Unity Health Care, Inc HIPAA Hotline

Population Health Management Program Notice of Privacy Practices from Piedmont WellStar HealthPlans, Inc.

HIPAA HITECH PA Physician Practices

Notice of Privacy Practices

Compliance HIPAA Training. Steve M. McCarty, Esq. General Counsel Sound Physicians

UNITED CEREBRAL PALSY OF NORTHWEST MISSOURI NOTICE OF PRIVACY PRACTICES EFFECTIVE DATE: OCTOBER 22, 2014

JOINT NOTICE OF PRIVACY PRACTICES Cumberland County Hospital System d/b/a Cape Fear Valley Health System

Health Information Privacy Refresher Training. March 2013

ACKNOWLEDGMENT OF RECEIPT OF NOTICE OF PRIVACY PRACTICES

NOTICE OF PRIVACY PRACTICES Effective: September 20, 2013

HIPAA Compliance: Are you prepared for the new regulatory changes?

REPRODUCTIVE ASSOCIATES OF DELAWARE (RAD) NOTICE OF PRIVACY PRACTICES PLEASE REVIEW IT CAREFULLY.

HIPAA Policy, Protection, and Pitfalls ARTHUR J. GALLAGHER & CO. BUSINESS WITHOUT BARRIERS

HIPAA PRIVACY POLICIES & PROCEDURES. Department of Behavioral Health and Developmental Services DBHHDS GENERAL AWARENESS TRAINING

Notice of Privacy Practices. Human Resources Division Employees Benefits Section

NOTICE OF HEALTH INFORMATION PRIVACY PRACTICES (HIPAA)

Welcome to the University of Utah Health Sciences HIPAA Privacy and Security Training Program

DALLAS ALLERGY & ASTHMA CENTER

SDC-League Health Fund

HIPAA Privacy and Security. Rochelle Steimel, HIPAA Privacy Official Judy Smith, Staff Development January 2012

Notice of Privacy Practices Walter L Cohen High School School-based Health Center. Effective as of August 6, 2004

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.

Dr. Adam Apfelblat 5140 Highland Road Waterford Phone: (248) Fax: (248)

NOTICE OF PRIVACY POLICY. Effective:, 2013

HIPAA PRIVACY POLICIES AND PROCEDURES

PROTECTING PATIENT PRIVACY and INFORMATION SECURITY

Authorized. User Agreement

Notice of Privacy Practices

Visa Inc. HIPAA Privacy and Security Policies and Procedures

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.

Policies and Procedures Audit Checklist for HIPAA Privacy, Security, and Breach Notification

VALPARAISO UNIVERSITY NOTICE OF PRIVACY PRACTICES. Health, Dental and Vision Benefits Health Care Reimbursement Account

Transcription:

HIPAA PRIVACY AND SECURITY TRAINING P I E D M O N T COMMUNITY H EA LT H P L A N 1

COURSE OVERVIEW This course is broken down into 4 modules: Module 1: HIPAA Omnibus Rule - What you need to know to remain compliant with NEW regulations! Module 2: HIPAA Privacy Rule Basics Summary of the Privacy Rule and how to identify and safeguard confidential information. Module 3: Uses, Disclosures & Individual Rights Learn to who, for what, and how much PHI can be disclosed, & what members can request of their PHI. Module 4: Other Requirements Administrative responsibilities including sanctions, mitigation, breach notifications, accounting for disclosures and more. 2

HIPAA THE OMNIBUS RULE Module 1 W H A T Y O U N E E D T O K N O W T O R E M A I N C O M P L I A N T W I T H T H E N E W R E G U L A T I O N S!

Privacy Rule: PRIVACY VS. SECURITY VS. BREACH VS. HITECH VS. OMNIBUS HIPAA is the federal Health Insurance Portability and Accountability Act of 1996 (aka the HIPAA Privacy Rule) which went into effect April 14, 2003. It gives you rights over your health information and sets rules and limits on who can look at and receive your health information. It protects all PHI in any form or media whether electronic, paper or oral. Security Rule: The HIPAA Security Rule applies only to electronic PHI (ephi). This rule requires covered entities to adopt additional safeguards of ephi insuring the confidentiality of data that is created, received, used, maintained or transmitted. (April 20, 2005) 4

PRIVACY VS. SECURITY VS. BREACH VS. HITECH VS. OMNIBUS Breach Notification Rule The Breach Notification Rule requires entities to notify affected individuals, the Secretary of the Department of Health & Human Services and, in some cases, the media when they discover a breach of an individual s unsecured PHI (8/2009). HITECH Act: The Health Information Technology for Economic and Clinical Health (HITECH) Act expands certain HIPAA Privacy and Security requirements to cover Business Associates and to provide individuals with additional rights to access and control the use of their PHI, among other things (2009). 5

PRIVACY VS. SECURITY VS. BREACH VS. HITECH VS. OMNIBUS The Omnibus Rule (aka Final Rule): Omnibus, defined, is a collection of several works on a similar topic, reprinted in one volume. The Omnibus Rule (Final Rule) is a final set of regulations modifying the HIPAA Privacy, Security and Enforcements Rules to implement various provisions of the HITECH Act. The Omnibus Rule was introduced on January 25, 2013 to: Greatly enhance a patient s privacy protections, Provide individuals new rights to their health information, and Strengthen the government s ability to enforce the law. Plan s had until September 23, 2013 to comply with the Final Rule. 6

SO WHAT HAS CHANGED? Some of the biggest changes that you should know are: Some privacy issues that we could address internally under the old rules will now have to be reported to the Department of Health and Human Services (HHS). If HHS determines Piedmont (or it s delegated entity) was negligent, we could face significantly higher penalties. 7

SO WHAT HAS CHANGED? HIPAA Rules now directly apply to our Business Associates, but we can still be held responsible for their actions. A Business Associate is any person or business who performs certain functions on Piedmont s behalf that involves the use of PHI. Piedmont must have valid Business Associate Agreements (BAAs) with them that assure they will appropriately safeguard any PHI they create or receive on Piedmont s behalf. All Business Associate Agreements have to be updated to comply with the new Final Rule. 8

SO WHAT HAS CHANGED? There are now stronger limitations on the use of PHI for marketing and fundraising purposes, and we can no longer sell PHI without individual authorization. Members now have more rights as to how they may receive copies of their PHI. They may also restrict a physician from disclosing information to Piedmont concerning a treatment for which the individual paid for the treatment out-of-pocket in full. 9

SO WHAT HAS CHANGED? Piedmont s Notice of Privacy Practices (NPP) had to be modified to incorporate these changes. Our updated notices now include: Describing uses and disclosure of PHI for which an authorization is required from the member; Stating that any uses or disclosures not described in the NPP require the member s authorization; Informing members of their right to be notified in the event of a breach of unsecured PHI. 10

OUR RESPONSIBILITIES Piedmont is committed to acting honestly, diligently, and quickly to prevent and address incidents related to PHI. We rely on you to be diligent in your protection of PHI and to immediately report if you ever feel PHI has been compromised in any way. 11

HIPAA BASICS Module 2 S U M M A R Y O F T H E P R I V A C Y R U L E A N D H O W T O I D E N T I F Y A N D S A F E G U A R D C O N F I D E N T I A L I N F O R M A T I O N.

WHAT IS PHI? Protected Health Information (PHI) is any information, including demographic information, created, maintained, received or transmitted by a covered entity that relates to health status, provision of health care or payment for health care, and can be used to identify the individual. Common Examples of PHI include: Name Medical Record No. Clinical Notes SSN Names of Relatives Claims Data HICN Dates of Service Enrollment Data Date of Birth Benefit Information Eligibility Data PHI can be information, combined or alone, that can lead to the identification of a member. 13

PHI CAN BE STORED OR SHARED BY: Verbal Communication Paper Documents Electronic Data 14

VERBAL COMMUNICATION When talking about PHI, make sure you are: Sharing only with someone who needs to know the information to perform their job. Speaking where others (including family members and friends) cannot hear, if possible. Giving only the minimum amount of information necessary. Be aware of your surroundings! Avoid discussing PHI in public areas such as restrooms, elevators, and reception desk area. When conversations in open areas cannot be avoided, remember to keep your voice low. 15

PAPER DOCUMENTS Store PHI appropriately to reduce the potential for incidental use or disclosure. File or cover PHI on your desk when you leave each day. Lock drawers and offices when possible. When discarding printed PHI, place in the locked shredding bins until the time it is destroyed. 16

ELECTRONIC DATA Use strong passwords and change them every 90 days. Store all PHI on the network drive unless absolutely necessary to perform your job. All laptops and portable devices used to store PHI data must be encrypted. Lock your workstation when leaving the work area. Position computer monitors so that unauthorized persons cannot easily view information on the screen. Printers, copiers and fax machines should be located in areas not easily accessible to unauthorized persons. 17

PASSWORD PROTECTION A strong password for your network account and other applications is a basic protection mechanism. While it is tempting to create a generic password that is easy to remember, it is not very secure. Two rules for stronger passwords: Create a password of eight characters in length. Passwords should contain at least one each: Capital letter Lowercase letter Number 18

PASSWORD PROTECTION TIPS Change passwords often. Contact your IT Help Desk if you suspect your password has been compromised. Create a different password for each system or application, if applicable. Do not reuse passwords until 6 other passwords have been used. Do not use generic information that can be easily obtained like family member names, pets names, birth dates, phone numbers, vehicle information, etc. NEVER share your password with anyone. 19

EMAILING PHI Only email the minimum necessary to meet the requestor s needs. Verify the accuracy of the email address before sending any PHI. When emailing PHI outside of the Piedmont internal network, always send it securely by encrypting PHI. Check with your Privacy Officer or IT Department as to what systems or procedures you should follow to encrypt emails. All email containing PHI should contain an email confidentiality notice. Immediately report any violation of these guidelines to your Supervisor or the Privacy Officer. 20

INTERNET THREATS Phishing is unwanted email ( spam ) that tries to trick you into revealing confidential information, like passwords or credit card information. Usually an email (or text) alerts you to a problem with your account and asks you to click on a link and provide information to correct the situation. These emails look real and often contain the organizations logo and trademark. The URL in the email resembles the legitimate web address. Combat Internet Threats NEVER provide your password to anyone via email. 21

INTERNET THREATS CONT. Be suspicious of any email that; Requests personal information. Contains spelling and grammatical errors. Asks you to click on a link. Is unexpected or from a company or organization with whom you do not have a relationship. If you are suspicious of an email: DO NOT click on the link provided in the email. DO NOT open any attachments. DO NOT provide personal or financial information. DO forward the email to your IT Help Desk and follow their instructions. 22

APPROPRIATE USE OF COMPUTERS AND EMAILS Piedmont computers and email accounts are for official business. Employees are permitted limited personal use of them. Personal use should not: Disrupt employee productivity; Disrupt service or cause congestion on the network; Engage in inappropriate activities. Do not use personal email accounts to conduct Piedmont business or to send confidential information. Your personal email account is often less secure than your work issued account, so limit access from Piedmont computer systems. 23

MOBILE DEVISES & STORAGE MEDIA Employees who use mobile devices such as smart phones/tablets or laptops, or storage media such as CDs or USB drives, have additional responsibilities for protection of PHI that is housed on those devices. Do not store PHI on mobile devises or external storage media unless it is absolutely necessary. If it is necessary, then the device MUST be inspected and cleared through your IT department to ensure all the necessary protections are in place. If any mobile devise or external storage media is lost or stolen, you must immediately REPORT it to the Privacy Officer or Compliance Department. 24

FAXING PHI Limit faxed information to the minimum necessary to meet the requestor s needs. Always use a cover page that includes destination contact information, sender contact information, and a confidentiality statement. When sending faxes, always double check the recipient s fax number before pressing the send key. Promptly remove any received documents and follow the instructions on the cover page for delivery. If you receive a fax not intended for Piedmont or you receive notification of a fax from Piedmont going to the wrong location, notify your department manager and the Privacy Officer. The sender needs to be notified or the material needs to be returned to Piedmont or destroyed, and in some circumstances, we must log the disclosure error. 25

USES, DISCLOSURES & INDIVIDUAL RIGHTS Module 3 L E A R N T O W H O, F O R W H A T A N D H O W M U C H P H I C A N B E U S E D A N D D I S C L O S E D, A N D W H A T M E M B E R S C A N R E Q U E S T O F T H E I R P H I.

KNOW YOUR MEMBER S RIGHTS The HIPAA Rules give members the right to: Inspect and copy PHI. Amend PHI. Request restrictions on certain disclosures including that a health plan not be informed of treatment for which the patent paid entirely out of pocket. Receive confidential communication by alternative means or location. Prohibit the sale of their PHI, or its use for marketing or research. Receive an accounting of disclosures of PHI to third parties. File a complaint about a HIPAA privacy violation. 27

USES AND DISCLOSURES OF PHI PHI CAN be disclosed to others without the individual s written authorization for the purposes of: Treatment (providing care), Payment (claim payment), CAN Health plan operations (i.e. audits), If requested by member or legal representative, To help with public safety issues (i.e., preventing disease), Some health research (some does require authorization), To comply with the law, To respond to organ and tissue donation requests, To work with a medical examiner or funeral director, Workers compensation, law enforcement, government request, To respond to lawsuits and legal actions. 28

USES AND DISCLOSURES OF PHI CONT. PHI CAN NOT be disclosed to others without the individual s written authorization for the purposes of: Marketing Sale Research and Fundraising Disclosures to attorneys or other third parties that are not otherwise permitted or required by law Sensitive PHI including: Mental health information Confidential HIV-related information Alcohol or substance abuse information Genetic information 29

VERIFYING IDENTITY The member has the right to choose someone to act for them. Regardless of whether a member or their representative is requesting the PHI, we must verify the identity and the authority of them. Identity can be verified by: Obtaining a validly issued Photo ID. If by phone, ask the caller for the member s name and date of birth. For personal representatives, Proof of power of attorney, Health care proxy, Signed letter from member authorizing the person to act on their behalf, Letter of administration or other authority to act on behalf of a decedent. 30

VERIFYING IDENTITY CONT. For public officials, Presentation of agency ID badge, official credentials or other proof of government status, Appropriate government agency letterhead, Written statement of legal authority, Pursuant to a warrant, subpoena, or other legal process issued by a grand jury or other legal authority. Verification in an Emergency: In the event of an emergency clinical situation, we may disclose PHI without authorization where the member is unable to agree or object to disclosure due to incapacity if, in the exercise of professional judgment, disclosure is in the best interest of the member. When Verification is NOT Required: PHI may be lawfully disclosed to prevent or lessen a serious and imminent threat to the health or safety of a person or the public if disclosure is made to a person reasonably able to prevent or lessen the threat. If these conditions are met, no further investigation is required. 31

OBTAINING VALID AUTHORIZATION If the use or disclosure requires a written authorization, the PHI can not be used or disclosed unless it is accompanied by a valid authorization. A valid authorization must contain: A description of the info to be used or disclosed. An expiration date or an expiration event that relates to the individual or the purpose of the use or disclosure. Name or other specific identification of the person(s) authorized to make the request. A description of each purpose of the requested use or disclosure. Name or other specific identification of the person(s) to whom we may make the requested use or disclosure. Signature of the individual and date (and for personal representatives, proof of authorized status). If the request for disclosure is not accompanied by a written authorization, Piedmont may provide the requestor with a General Authorization for Release of Confidential Information Form. 32

MINIMUM NECESSITY You should always make reasonable efforts to only use or disclose (or request from another health care provider) the minimum amount of PHI required to achieve the particular use or disclosure. Standard criteria to take into consideration includes: The purpose and importance; Who is requesting the information; The extent of additional persons with access to the PHI; Other factors and information specific to each request. Exceptions to minimum necessary requirements include: Disclosures to or requests by health care provider for treatment. Disclosures made to the individual who is subject to the PHI. Disclosures made pursuant to an authorization signed by member. Disclosure made to the secretary of HHS. Disclosures required by law. 33

OTHER REQUIREMENTS Module 4 A D M I N I S T R A T I V E I N C L U D I N G S A N C T I O N S, M I T I G A T I O N, B R E A C H N O T I F I C A T I O N S, A C C O U N T I N G O F D I S C L O S U R E S A N D M O R E.

TRAINING REQUIREMENTS This training is intended for all Piedmont Community HealthCare and Piedmont Community Health Plan workforce members. All employees, volunteers or other individuals that use or have access to Piedmont member information must complete this training within 90 days of hire and annually thereafter. Additional training will be provided as needed for changes in federal or state rules or regulations. 35

ACCOUNTING OF DISCLOSURES OF PHI Member s have the right to receive an accounting of disclosures which requires us to maintain a database of the following disclosures: To Health and Human Services, If require by law, For certain public health activities (births/deaths, etc.), For health oversight activities such as FDA, For certain research purposes, To avert a serious threat to health or safety, For specialized government functions, For worker s compensation, For certain marketing or fundraising, About decedents for cadaveric organ donation, Disclosures not permitted by law. 36

ACCOUNTING OF DISCLOSURES CONT. Disclosures that DO NOT need to be included in the database are disclosures: To carry out treatment, payment and health care operations (TPO), Pursuant to an authorization, To the individuals about their own PHI, To persons involved in the individual s care or other notification purposes, For national security or intelligence purposes, To correctional institutions or law enforcement custodial situations, Incidental to a use or disclosure otherwise permitted or required, That occurred prior to the compliance date of April 14, 2003, When the right has been temporarily suspended by a health oversight agency or law enforcement official, As part of a limited data set. 37

TRACKING DISCLOSURES Any Piedmont workforce member who discloses PHI for any reason (by request or in error) other than listed on the previous slide must complete a Disclosure Report including: Date the disclosure was requested or identified and date of the disclosure; Name of the person or entity who received the PHI and address, if known; Brief description of the PHI disclosed (e.g. a particular diagnosis or injury, particular test results, birth date, etc.); Brief statement of the purpose of the disclosure, whether by request or in error, and describe the purpose or how the error occurred; If the disclosure was made in error, also include follow-up action taken regarding retrieval or destruction of the PHI, cause of the error, and any corrective action steps taken. The Disclosure Report must be given to the Privacy Officer who will complete any additional steps required including adding it to Piedmont s Accounting of Disclosures Log. 38

BREACHES According to the Final Rule, most unauthorized uses or disclosure of PHI will likely be considered breaches. It is now more important than ever that each workforce member remember: What is expected of them each day to protect member information and minimize unauthorized uses and disclosures of PHI, and How to report their concerns if they suspect PHI has been disclosed, exposed, or misused in any way. 39

WHAT ARE THE PENALTIES FOR PRIVACY & SECURITY BREACHES? There are disciplinary, civil and criminal penalties for failure to comply with HIPAA regulations. Fines can range from $100 - $50,000 per violation. One incident could result in numerous violations and therefore multimillion dollar fines. Criminal penalties could result in jail time of 1 10 years. Piedmont will impose appropriate disciplinary action against workforce members who violate HIPAA or Piedmont Privacy Policies and Procedures up to and including termination. Failure to report a violation is a violation! 40

MITIGATION REDUCE Mitigate, defined, is to reduce, minimize or lessen the force, intensity or impact of a suffered loss. THE If Piedmont learns of a harmful effect resulting from the use or disclosure of PHI, all necessary steps, to the extent practicable, will be taken to mitigate such harmful effects. HARM Employees should notify their supervisor, the Privacy Officer or Compliance Department immediately so that any additional steps to mitigate the harm can be taken. 41

BREACH NOTIFICATIONS Piedmont must investigate all breach incidents and provide timely notification as necessary and appropriate to: Affected Individuals HHS Credit Reporting Agencies Other Federal Agencies Media Outlets 42

REPORT If you believe or suspect that PHI may have been put at risk, you have a responsibility to REPORT those concerns to the Privacy Officer or Compliance Department immediately. The new Final rule shortens the timeframe in which we must investigate and report any findings to HHS. The minute you believe there is a problem, let us know. The sooner we know, the better chances we have to limit the damage to the individuals involved. 43

ISSUES THAT SHOULD BE REPORTED Loss of confidential information or equipment containing confidential information Stolen laptop Lost smart phone Misplaced member records Misuse of information, system access or sharing of passwords Accidental or unauthorized disclosures of PHI Misdirected faxes and mail Human error Overheard conversations Inappropriate social media posts When in doubt, trust yourself. Report any issues of concern. Let the Compliance Department investigate. 44

WHO TO REPORT TO Immediately report suspected breaches of PHI to any of the following: The Compliance Department Your Department Manager or Supervisor Anonymously Email PCHPCares@ getintouch.com The Compliance Officer Brenda Grant Immediately report suspected computer security threats to the Help Desk (HelpDesk@pchp.net). 45

SAFEGUARD REMINDERS Never share your passwords with anyone. Lock your computers when you leave your work area. File or cover PHI on your desk when you leave for the day. Do not discuss PHI in public areas. When discarding PHI, place documents in locked shredding bins. When emailing PHI outside of Piedmonts internal network, always send it securely and include an Email Confidentiality Notice. When faxing PHI, double check the recipients fax number and number dialed before sending and include a Fax Confidentiality Trailer. Always, always report misuse of PHI. 46

HIPAA POLICIES AND PROCEDURES We are providing a link to Piedmont s HIPAA Policies and Procedures as an additional resource. Please refer to the Policies and Procedures for complete guidance on HIPAA rules and regulations that are applicable to all employees. 47

CONGRATULATIONS! You have successfully completed Piedmont s HIPAA Privacy and Security Training. 48

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information