User Name: [insert facility name]grids (for example, lomitagrids or villagrids)



Similar documents
HIPAA Information Security Overview

MUSC Information Security Policy Compliance Checklist for System Owners Instructions

HIPAA Security. 4 Security Standards: Technical Safeguards. Security Topics

An Oracle White Paper December Leveraging Oracle Enterprise Single Sign-On Suite Plus to Achieve HIPAA Compliance

How To Write A Health Care Security Rule For A University

PRIVACY POLICIES AND FORMS FOR BUSINESS ASSOCIATES

HIPAA Security COMPLIANCE Checklist For Employers

HIPAA Compliance Guide

Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH)

Information Systems Access Policy

InfinityQS SPC Quality System & FDA s 21 CFR Part 11 Requirements

itrust Medical Records System: Requirements for Technical Safeguards

SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

DeltaV Capabilities for Electronic Records Management

PINAL COUNTY POLICY AND PROCEDURE 2.50 ELECTRONIC MAIL AND SCHEDULING SYSTEM

HIPAA Security Rule Compliance

WHITE PAPER. Support for the HIPAA Security Rule RadWhere 3.0

HIPAA Security Checklist

DeltaV Capabilities for Electronic Records Management

HIPAA Security Alert

White Paper. Support for the HIPAA Security Rule PowerScribe 360

Policy Title: HIPAA Security Awareness and Training

University of Wisconsin-Madison Policy and Procedure

HIPAA Security. 2 Security Standards: Administrative Safeguards. Security Topics

Minnesota Health Care Programs (MHCP) MN ITS Interactive User Guide Using MN ITS Interactive. Entering an Online Claim

DEPARTMENTAL POLICY. Northwestern Memorial Hospital

Datto Compliance 101 1

HIPAA Security Matrix

Technical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and

Electronic Signature, Attestation, and Authorship

HIPAA: MANAGING ACCESS TO SYSTEMS STORING ephi WITH SECRET SERVER

Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc.

HIPAA Audit Processes HIPAA Audit Processes. Erik Hafkey Rainer Waedlich

User Guide. Digital Signature

Rehab Notes Management System

InfoCenter Suite and the FDA s 21 CFR part 11 Electronic Records; Electronic Signatures

Pennsylvania Department of Public Welfare. Bureau of Information Systems OBSOLETE. Secure User Guide. Version 1.0.

Nationwide Review of CMS s HIPAA Oversight. Brian C. Johnson, CPA, CISA. Wednesday, January 19, 2011

Horizon Physician Portal Training Guide (November 2013)

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.

DHHS Information Technology (IT) Access Control Standard

VMware vcloud Air HIPAA Matrix

LRFP AND PROJECT APPLICATION TRACKING SYSTEM District Administrator Instructions. Accessing the Administrator Section of the Website

HIPAA Security. 1 Security 101 for Covered Entities. Security Topics

Appendix F, Section 2 Web-Enabled Data Repository: Test Phase

Sponsor Site Questionnaire FAQs Regarding Maestro Care

Certificate Renewal. Teachers need a total of 150 professional learning hours to renew their teaching certificate.

Union County. Electronic Records and Document Imaging Policy

Full Compliance Contents

Empower TM 2 Software

IBM Internet Security Systems. The IBM Internet Security Systems approach for Health Insurance Portability and Accountability Act compliance overview

Sunrise Clinical Manager (SCM) View-Only Training

AZ RMTS Participant s Guide

21 CFR PART 11 ELECTRONIC RECORDS, ELECTRONIC SIGNATURES CFR Part 11 Compliance PLA 2.1

The Second National HIPAA Summit

UNIVERSITY OF CALIFORNIA, SANTA CRUZ 2015 HIPAA Security Rule Compliance Workbook

REGULATIONS COMPLIANCE ASSESSMENT

Information Security Policy

HIPAA Security. Jeanne Smythe, UNC-CH Jack McCoy, ECU Chad Bebout, UNC-CH Doug Brown, UNC-CH

Security Standard: Servers, Server-based Applications and Databases

Rackspace Archiving Compliance Overview

Self-Assessment of eresearch Compliance with 21 CFR Part 11, Electronic Record; Electronic Signatures

HealthInfoNet HELP DESK REFERENCE GUIDE. Revised on Page 1 of 26

Timesheet Instructions

21 CFR Part 11 Implementation Spectrum ES

Authorized. User Agreement

How To Use A Court Record Electronically In Idaho

An Introduction to HIPAA and how it relates to docstar

Protecting Patient Information in an Electronic Environment- New HIPAA Requirements

Agile Applicant Tracking System. Hiring Manager

On your desktop double-click the Qqest Time and Attendance Systems icon:

Securing the FOSS VistA Stack HIPAA Baseline Discussion. Jack L. Shaffer, Jr. Chief Operations Officer

Research and the HIPAA Security Rule Prepared for the Association of American Medical Colleges by Daniel Masys, M.D. Professor and Chairman,

MINNESOTA. Downloaded January 2011

NETWORK SECURITY GUIDELINES

Data Compliance. And. Your Obligations

ClicktoFax Service Usage Manual

Security Tool Kit System Checklist Departmental Servers and Enterprise Systems

Implementation of 21CFR11 Features in Micromeritics Software Software ID

HIPAA Compliance: Are you prepared for the new regulatory changes?

Appendix 4-2: Sample HIPAA Security Risk Assessment For a Small Physician Practice

TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL

C.T. Hellmuth & Associates, Inc.

HIPAA/HITECH PRIVACY & SECURITY CHECKLIST SELF ASSESSMENT INSTRUCTIONS

Hamilton College Administrative Information Systems Security Policy and Procedures. Approved by the IT Committee (December 2004)

Server Security Checklist (2009 Standard)

HIPAA Compliance Guide

HIPAA 203: Security. An Introduction to the Draft HIPAA Security Regulations

Denver Public Schools - East High School

Appendix to Resolution No. 646/2011 of the Warsaw Stock Exchange Management Board dated 20 May 2011 (as amended)

Implementing Title 21 CFR Part 11 (Electronic Records ; Electronic Signatures) in Manufacturing Presented by: Steve Malyszko, P.E.

Unified Security Anywhere HIPAA COMPLIANCE ACHIEVING HIPAA COMPLIANCE WITH MASERGY PROFESSIONAL SERVICES

FILEHOLD DOCUMENT MANAGEMENT SYSTEM 21 CFR PART 11 COMPLIANCE WHITE PAPER

Transcription:

Appendix A010 Page 1 User Name: [insert facility name]grids (for example, lomitagrids or villagrids) Password: If access is authorized and currently have no password, contact Director of Nurses or Rehab Department. Blue OT Purple ST Green PT 1. Reports 2. Service Matrix Log 3. View FYI THE COLORS ABOVE VARIES PER FACILITY =============================================================== 1.0 POLICY: GENERAL GUIDELINES The system is an all inclusive scheduling, billing, documentation, and business management software program that will be used in all North American Health Care, Inc. facilities. 2.0 PROCEDURE 1. Logins Every rehabilitation employee has a unique login. Every therapist and assistant providing treatment must enter their treatments and charges under their own unique login. This login provides your electronic signature to the treatment provided. Login and passwords should never be shared. Violation of this will result in disciplinary action. 2. Log Out Click on the red X in the upper right corner, or click on Suspend Session and choose Log Out 3. System auto logout the system will auto close after fifteen (15) minutes of inactivity. 3.0 POLICY: ELECTRONIC SIGNATURE 4.0 DEFINITION Electronic signature: any method of establishing authorship to a statement or document by the use of electricity.

Appendix A010 Page 2 5.0 POLICIES 1. The facility shall authorize the use of electronic signatures by responsible health care personnel to authenticate his/her own entries in the electronic health record of specific applications by using a unique signature/assess code that shall verify the identity of the signer. 2. A signed confidentiality statement and agreement not to share the signature/access code with anyone shall be on file attesting the authorized user is the only individual using the code. This shall be filed in his/her employee/business associate file. 3. The following documents are acceptable for electronic signatures: Daily Activity Logs Labor Logs Initial Evaluations Re-Evaluations Daily Notes Weekly Summaries Discharge Summaries Therapy Treatment Addendums 4. A list of login and access codes shall be readily available and maintained under appropriate safeguards by the System Administrator. 5. Employees using the Electronic Records System shall receive training in the operation, data protection/confidentiality, storage, and system security. 6. Sanctions shall be imposed for improper or unauthorized use of electronic signatures. 6.0 PROCEDURES 1. Signature/access code: a. Assign a unique identifying number to the authorized user (should contain at least six (6) alphanumeric characters, with at least one

Appendix A010 Page 3 capital letter, and at least one number) to be his/her signature/access code (password). b. Maintain a confidential log with these signature/access codes. This log shall be maintained within the system and shall be accessed by the System Administrator. c. Provide the individual who accepts responsibility for the signature/access code with the Confidentiality Statement for signature. This signed document and agreement not to share the code with anyone shall be on file attesting the authorized user is the only individual using the signature/access code. This is done at the time of training. File this in his/her employee/business associate files. d. Change the password randomly to offset predictability and reduce the likelihood of detection. e. Initiate immediate cancellation/inactivation procedures when the individual is terminated, takes a leave of absence, is transferred, or is no longer a valid user. 2. Authenticating entries: a. Data Requirements Electronic signatures are to include: Printed name of the signer Date/time stamp when signed Any action taken to create, modify, of inactivate b. Review the document online for completeness and accuracy and correct or modify them as needed before signing it electronically. These entries shall be date/time stamped by the computer at the time the entry is electronically signed. NOTE: Once an entry has been signed electronically, the computer system must track any deletions or alterations. c. Multiple signatures or Co-signatures: Application allows multiple or co-signatures when appropriate as in the case of shared treatment or supervision or therapy assistants.

Appendix A010 Page 4 3. Correction to signed documents: is allowed when the edits needed are substantive or minor issues, by the original author, or Director of Rehabilitation, or Area Rehab Service Manager, only in order to ensure a complete and accurate document and to preserve the integrity of the legal record. a. Make an addendum to the signed document. This shall be date/time stamped by the computer at the time the entry is electronically signed. b. Retain all signed versions of documents. 4. Document Printing a. Service Log Matrix grids from shall be printed only on an as-needed basis. Nursing station staff shall have the ability to access the Service Log Matrix on using a facility-specific username and password. b. Initial evaluations, Weekly Progress Notes, Discharge Summaries, and Therapy Treatment Addendums shall be printed and filed in the appropriate section of the patient s medical record. 5. Document Access a. Service Log Matrix Nursing station staff shall have access to the Service Log Matrix therapy billing grids on utilizing a facility-specific username and password. The username and password shall be generic and specific to the facility, and shall grant the user read-only access to the Service Log Matrix. b. Initial Evaluations, Weekly Progress Notes, Discharge Summaries Documents shall only be accessed on the system by the Rehabilitation staff. These documents shall be printed and filed in the appropriate section of the patient s medical record 6. Contingency Plan (computer downtime) See Disaster Recovery: Electronic Records 7.0 POLICY: DAILY CHARGES

Appendix A010 Page 5 On a daily basis, prior to leaving the facility for the day, all rehabilitation department staff members are required to enter the daily therapy charges into the system via the Daily Activity Log. If a therapist does not enter the daily charges on the day the services were delivered, charges should be input first thing the following day by the treating therapist. In addition, each therapist is required to input their labor time in the facility into the system via the Labor Log. 8.0 PROCEDURES 1. Daily Charges On a daily basis, prior to leaving the facility for the day, all therapists and assistants are required to enter the daily therapy charges into the system via the Daily Activity Log. If a therapist does not enter the daily charges on the day the services were delivered, charges should be input first thing the following day by the treating therapist or assistant. 2. Daily Labor Hours On a daily basis, prior to leaving the facility for the day, all therapists and assistants are required to enter their daily labor hours into the system via the Labor Log. If a therapist does not enter their labor hours on a specific day, labor hours should be entered first thing the following day by the therapist or assistant. 9.0 POLICY: DIASTER RECOVERY - ELECTRONIC RECORDS 1. The System Administrators shall be responsible for the creation, evaluation, and transportation of back-up media. 2. Critical documents, those required to maintain the residents current level of care, shall be distributed to the appropriate personnel, in the event of an emergency serious enough to render the electronic system inoperable. Staff shall use the printed documents to resume manual, paper-based operations. This shall be monitored by the Director of Rehabilitation. 3. The electronic system shall be back on-line no later than 48-72 hours after the incident, in all but the most severe emergencies, in accordance to the Rehab Optima guidelines. Staff shall continue to operate under this manual method until the system is returned to use. 4. Orientation shall be provided to the therapist as part of the disaster plan and electronic record system training.

Appendix A010 Page 6 10.0 ROUTINE PROCEDURE 1. System Administrators: a. Back-up electronic data daily and store on external server, in accordance to the guidelines. 11.0 DATA RECOVERY: In the event of an emergency that renders the electronic system inoperable: 1. Director of Rehabilitation: a. Produce and disseminate the paper-based records to the appropriate therapists and organize these basic critical documents in 3-ring binders. b. Supervise the manual paper-based documentation by the interdisciplinary staff involved. c. Interdisciplinary Team Members: 12.0 POLICY: IMPERSONATION Continue the required documentation under this manual method until the system is returned to use.\ When the electronic system returns to use, each responsible interdisciplinary team member who created entries in the paper-based documents shall: o Transfer the information from the paper-based document to the electronic system as soon as practical an in accordance with the policies in authenticating entries. o File the original paper-based records in the resident s permanent health record. Under specific circumstances the Director of Rehabilitation may Impersonate, or enter daily charges for another therapist, in the system. The Impersonate function will be audited to ensure the accuracy and integrity of the data in the medical record. 13.0 DEFINITIONS/KEY WORDS

Appendix A010 Page 7 Impersonate Practice of the Director of Rehabilitation entering daily therapy charges into the system for another staff member due to certain specified circumstances 14.0 PROCEDURE 1. Directors of Rehabilitation are the only facility staff allowed to use the Impersonate function in the system. 2. If the Director of Rehabilitation must use the Impersonate function, the Daily Activity Log will be utilized to enter the missing daily charges. When the impersonated therapist has returned to the facility, the Director of Rehabilitation will review the Daily Activity Log with the therapist for accuracy. 3. When impersonating, the Director of Rehabilitation must be specific for the reason they are impersonating the charges and include their initials. 4. A regular audit of impersonated charges will be performed by the Area Rehab Services Manager. 5. The following are circumstances when use of the Impersonate function may be warranted for entering daily therapy charges: a. Staff medical or personal emergency b. PRN or agency staff not scheduled to return to the facility within the billing period c. Disciplinary issues d. Login access issues e. End of month billing is due f. Minutes are needed to complete the MDS 6. The Impersonate function may not be used for the following: a. Staff not properly trained in the system b. Therapist forgot to enter charges

Appendix A010 Page 8 15.0 POLICY: THERAPY SCHEDULING All therapy provided will be scheduled using the Assignment Board 16.0 PROCEDURES 1. All patient care will be planned in Projections 2. The Projections transfers planned minutes to the Assignment Board a. Scheduled minutes can be changed in the Assignment Board on the day of treatment if needed (i.e., therapist calls in sick) 3. The Director of Rehabilitation, or designee, will assign the therapist or assistant who will be providing the treatment on the Assignment Board 4. Therapy schedules for each therapist and therapy assistant are printed from the Assignment Board each day 5. Throughout the day, the therapist or assistant will make notes on their schedule to indicate the amount of time spent on each CPT code or other important information that may need to be entered into 6. By the end of the day, the therapist or assistant will enter all treatment charges into the system using their schedule as a reference 7. All schedules will be filed by following the Storage of Therapy Schedules Policy 17.0 POLICY: STORAGE OF THERAPY SCHEDULES Therapy schedules will be stored as substantiation of care provided. They will be readily available in the case of billing questions or compliance investigations 18.0 PROCEDURES

Appendix A010 Page 9 1. Therapy schedules for each therapist and therapy assistant are printed from daily 2. At the end of the day, the therapist or assistant will enter all treatment charges into the system using their schedule as reference a. The therapist or assistant will sign their schedule and note hours worked b. All schedules will be filed in a binder in the therapy office by date of care chronologically 3. All schedules will be stored for two (2) months 4. After two (2) months, schedules may be disposed of in compliance with HIPAA guidelines (i.e., shredding the schedules)

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information