Contact Information. Electronic Medical Records in Correctional Health. The Mission. Who Should Be On An EMR? Typical Correctional Scenario



Similar documents
HIPAA Security. 1 Security 101 for Covered Entities. Security Topics

ELECTRONIC HEALTH RECORDS

MYTHS AND FACTS ABOUT THE HIPAA PRIVACY RULE PART 1

HOW TO REALLY IMPLEMENT HIPAA. Presented by: Melissa Skaggs Provider Resources Group

Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc.

HIPAA PRIVACY AND SECURITY AWARENESS

HIPAA COMPLIANCE AND DATA PROTECTION Page 1

How To Understand And Understand The Benefits Of A Health Insurance Risk Assessment

OCR/HHS HIPAA/HITECH Audit Preparation

Understanding Health Insurance Portability Accountability Act AND HITECH. HIPAA s Privacy Rule

what your business needs to do about the new HIPAA rules

GENERAL OVERVIEW OF STANDARDS FOR PRIVACY OF INDIVIDUALLY IDENTIFIABLE HEALTH INFORMATION [45 CFR Part 160 and Subparts A and E of Part 164]

HIPAA COMPLIANCE AND

Ensuring HIPAA Compliance with eztechdirect Online Backup and Archiving Services

Dissecting New HIPAA Rules and What Compliance Means For You

Preparing for the HIPAA Security Rule

REFERENCE 5. White Paper Health Insurance Portability and Accountability Act: Security Standards; Implications for the Healthcare Industry

HIPAA Security Compliance Reviews

Accelerating HIPAA Compliance with EMC Healthcare Solutions

HIPAA Privacy Overview

Healthcare Applications and HIPAA. BA590-IT Governance Final Term Project Prof. Mike Shaw

RONALD V. MCGUCKIN AND ASSOCIATES Post Office Box 2126 Bristol, Pennsylvania (215) (215) (Fax) childproviderlaw.

General HIPAA Implementation FAQ

Ensuring HIPAA Compliance with Pros 4 Technology Online Backup and Archiving Services

Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions

Agenda. OCR Audits of HIPAA Privacy, Security and Breach Notification, Phase 2. Linda Sanches, MPH Senior Advisor, Health Information Privacy 4/1/2014

Practice management system criteria checklist

Ensuring HIPAA Compliance with Computer BYTES Online Backup and Archiving Services

HIPAA Privacy Overview

HIPAA. considerations with LogMeIn

Isaac Willett April 5, 2011

Orbograph HIPAA/HITECH Compliance, Resiliency and Security

Faster, Smarter, More Secure: IT Services Geared for the Health Care Industry A White Paper by CMIT Solutions

HIPAA The Law Explained. Click here to view the HIPAA information.

Am I a Business Associate? Do I want to be a Business Associate? What are my obligations?

HIPAA Compliance and the Protection of Patient Health Information

Electronic Medical Records: Legal and Ethical Implications for Patients

The Impact of HIPAA and HITECH

Why Lawyers? Why Now?

DECISIONS, DECISIONS

FIVE EASY STEPS FOR HANDLING NEW HIPAA REQUIREMENTS & MANAGING YOUR ELECTRONIC COMMUNICATIONS

Signed into law on February 17, 2009, the Stimulus Package known

How To Protect Your Health Care From Being Stolen From Your Computer Or Cell Phone

WHITE PAPER. HIPPA Compliance and Secure Online Data Backup and Disaster Recovery

Ensuring HIPAA Compliance with AcclaimVault Online Backup and Archiving Services

HIPAA and HITECH Compliance Simplification. Sol Cates

HIPAA and the HITECH Act Privacy and Security of Health Information in 2009

EHR Glossary of Terms

Double-Take in a HIPAA Regulated Health Care Industry

Welcome to the Privacy and Security PowerPoint presentation in the Data Analytics Toolkit. This presentation will provide introductory information

APPENDIX 1: Frequently Asked Questions

HIPAA COMPLIANCE CALIFORNIA STATE UNIVERSITY, EAST BAY. Audit Report October 25, 2010

Alert. Client PROSKAUER ROSE LLP. HIPAA Compliance Update: Employers, As Group Health Plan Sponsors, Will Be Affected By HIPAA Privacy Requirements

In order to adjudicate an appeal, OPM requires claimants or their authorized representatives to submit the following information:

Joe Dylewski President, ATMP Solutions

HIPAA WEBINAR HANDOUT

The HIPAA Audit Program

HIPAA & HITECH AND THE DISCOVERY PROCESS

HIPAA: In Plain English

to EMR transition Contents

HIPAA Employee Compliance Program TRAINING MANUAL

Electronic Health Records

OCR Reports on the Enforcement. Learning Objectives 4/1/2013. HIPAA Compliance/Enforcement (As of December 31, 2012) HCCA Compliance Institute

OCR Reports on the Enforcement. Learning Objectives

Preparing for the HIPAA Security Rule Again; now, with Teeth from the HITECH Act!

DIGITECH AND HIPAA COMPLIANCE

HIPAA: AN OVERVIEW September 2013

Data Integrity in an Era of EHRs, HIEs, and HIPAA: A Health Information Management Perspective

What Virginia s Free Clinics Need to Know About HIPAA and HITECH

LogMeIn HIPAA Considerations

White Paper #6. Privacy and Security

C.T. Hellmuth & Associates, Inc.

HIPAA Security Rule Compliance

HHS Issues New HITECH/HIPAA Rule: Implications for Hospice Providers

HIPAA: Healthcare Transformation to Electronic Communications. Open Text Fax and Document Distribution Group May 2009

HIPAA Violations Incur Multi-Million Dollar Penalties

HIPAA Administrative Simplification and Privacy (AS&P) Frequently Asked Questions

OCTOBER 2013 PART 1. Keeping Data in Motion: How HIPAA affects electronic transfer of protected health information

Selecting & Implementing an Electronic Medical Records System

Audit Report. University Medical Center HIPAA Compliance. June Angela M. Darragh, CPA, CISA, CFE Audit Director AUDIT DEPARTMENT

Dispelling the Myth that Regulatory Compliance is Inherently Addressed within Existing Controls June 27, 2012

Laying a Path to EMR Implementation (and avoiding stressing out over HITECH legislation)

Shipman & Goodwin LLP. HIPAA Alert STIMULUS PACKAGE SIGNIFICANTLY EXPANDS HIPAA REQUIREMENTS

HIPAA and Network Security Curriculum

SARASOTA COUNTY GOVERNMENT EMPLOYEE MEDICAL BENEFIT PLAN HIPAA PRIVACY POLICY

HIPAA Security Series

Legislative & Regulatory Information

HIPAA Compliance for Small Healthcare Providers

BEFORE THE BOARD OF COUNTY COMMISSIONERS FOR MULTNOMAH COUNTY, OREGON RESOLUTION NO

What Every Organization Needs to Know about Basic HIPAA Compliance and Technology. April 21, 2015

Presented by: Leslie Bender, CIPP General Counsel/CPO The ROI Companies

HIPAA Secure Now! How MSPs Can Profit From Selling HIPAA security services

HIPAA/HITECH: Conditional Access Management for Business Performance. Mark Seward, Director Security and Compliance Solutions Marketing

Sunday March 30, 2014, 9am noon HCCA Conference, San Diego

Department of Health and Human Services Policy ADMN 004, Attachment A

BUSINESS ASSOCIATE CONTRACTUAL ADDENDUM

HIPAA Compliance and PrintFleet Software Applications

Preparing for the HIPAA Security Rule Again; now, with Teeth from the HITECH Act!

The HIPAA Standard Transaction Requirements: How do Health Plans Comply?

HIPAA Compliance Issues and Mobile App Design

Transcription:

Electronic Medical Records in Correctional Health Report to the National Commission on Correctional Healthcare Contact Information Todd R. Wilcox, MD, MBA, CCHP Medical Director, Salt Lake County 256 South 1200 East Salt Lake City, UT 84102 801-582-2376 trwilcox@wellcon.net www.wellcon.net Nina F. Dozoretz, MA, RHIA, CCHP 801 I Street, NW Suite 800 Washington, DC, 20536 202-353-9823 ndozoretz@hrsa.gov The Mission Provide objective overview of the current state of EMR s in the marketplace Provide guidance on the interplay between HIPAA and EMR s Provide a workplan for the preparation, selection, and implementation of an EMR Provide an overview of HIPAA and resources to assist with compliance Who Should Be On An EMR? Generally ADP > 800 HIPAA Compliance! If you need to enforce formulary / practice guidelines If you need to defend budget / staffing More than one healthcare delivery site If you need relief from lawsuits Typical Correctional Scenario Charts unavailable at MD encounter Filing backed up for months Ran out of storage space for paper charts Paper charts a fire hazard Non-existent nursing documentation because they couldn t find charts Multiple charts created as path of least resistance Perceived Barriers--Study by Medical Record Institute Lack of resources Lack of support by clinicians Difficulty creating a migration plan Can t find an integrated software solution with just 1 vendor Difficulty evaluating / validating real capabilities of vendors 1

Cost-Benefit of an EMR Each MD will generate >300 filerelated tasks per day on paper Primary areas of savings Typically need only 1/3 of medical records staff to run EMR vs. paper MDs and nurses produce more work product SLC return on investment = 1.5 years Step 1 Hire An EMR Expert In-house staff almost never has adequate expertise or experience Comparative example: Would you ask your warden to design and build a new jail? Number 1 cause of failure is lack of expert help Your expert must understand both healthcare processes and EMR s to be successful Your expert should assist with all subsequent steps to keep you out of trouble Step 2 What Kind of EMR Do You Need? Tier 1: Automated Medical Records Tier 2: Computerized Medical Records Tier 3: Electronic Medical Record Tier 4: Electronic Integrated Health Record Step 3 Hardware and Infrastructure Determined by Step 2 Pick the right computers, servers, intranet, internet, pull transmission lines On average, takes a year to complete Coordinate with purchasing, governmental IS, 3 rd party vendors, governmental telephone services Step 4 Redefine Business Practices Every healthcare function must be redesigned for efficiency Many new processes must be contemplated (dictation vs. typing) MUST avoid reverse engineering your efficiency This is why your expert needs to know both healthcare and computers Business Process Examples Process Intake screen MR filing lag MD note 14-day assessment Nursing documentation Before EMR 6.91 min / 24 items 13 days 9.6 minutes / 14 lines text 43% on time / 23 data points 6% After EMR 6.71 min / 56 items < 24 hours 2.1 minutes / 29 lines text 99%+ on time / 70 data points 96% 2

Step 5 Selecting the Right System Writing a good RFP / Requirement Matrix is critical to success Your expert will earn his pay at this step Identify the right type of system Identify clearly the scope of the project What you need vs. what you want Communicate rational timelines Establish an effective selection process Selection Criteria and Process Functionality is more important than price Create a matrix of requirements and demand to see them demonstrated Vaporware is everywhere--don t believe anything said or shown by salesman Been in business > 5 years 3 rd Party add-ons (pharmacy, dental, etc) should be avoided. Software must be fully integrated Pay attention to timelines DO SITE VISITS to facilities using the software and talk to their staff System Design Features Infinitely-scalable system (i.e., Oracle relational database, not MS Access, etc) GUI interface (mouse, keyboard, touch) ASP (active server pages) database Chart-driven tracking of healthcare costs and productivity Fully integrated across all disciplines Customizable by end-user Patient record designed to be longitudinal Efficiency Issues Intelligent Scanning capability (bar coded) Clinical images scanning (Xray, EKG s) Off-site internet access Email system must be integrated into patient chart to avoid separate charting Software has fully-integrated clinical rules engine (chronic care clinics!) Efficiency Issues Lab values graphed Bar-coded entry of documents and data 1 and 2-way interface capability Lab, radiology, offender management Software-generated clinical summaries Order-generated to-do lists Vendor does own training, not 3 rd party Security Issues Absolute, unalterable data integrity Keystroke tracking Document security grades User security grades Multi-level backup / offsite secure storage Persistent server-side state Encryption 3

Step 6 Implementation Create a team, put your expert in charge of it All programming changes, additions, subtractions must be approved by one person Learn how to manage your own system TRAIN, TRAIN, TRAIN Step 7 Daily Operation and Maintenance Identify local system administrator Budget for maintenance Expect daily issues Create a mirror paper backup system Work out system support with vendor in the contract and lock it in for as long as they will allow Escrow the software Resources Conglomerate list of EMR vendors available on www.ncchc.org Slide Set Available at: www.wellcon.net HIPAA: What s All the Buzz? CAPT Nina Dozoretz 2002 NCCHC NASHVILLE CONFERENCE 22 HIPAA What Is It? What is HIPAA? Health Insurance Portability and Accountability Act (HIPAA, Public Law 104-191), signed on August 21, 1996. Improve quality of health care Encourage development of information systems based on exchange of standard management and financial data using EDI. Require organizations to follow national implementation guidelines for EDI 4

Standards for Privacy - 1 PRIVACY RULE HHS, Office of Civil Rights (OCR) Enforcement civil monetary penalties, criminal prosecution Respond to Questions Secure Voluntary compliance Technical Assistance Respond to State requests for exception determinations Investigate complaints Conduct compliance reviews Effective April 14, 2001 Most Covered Entities must comply by April 2003 Gives patients more control over their information Sets limits on use and release of health records Establishes safeguards to protect privacy Holds violators accountable 27 Standards for Privacy - 2 No extension for compliance April 14, 2003 health care providers April 14, 2003 health plans, other than small April 14, 2004 small health plans April 14, 2004 clearinghouses Does HIPAA Apply to You? Covered entity Is a health plan, a health care clearinghouse, or a provider who transmits health information in electronic form (45 C.F.R. Part 162) Use the Covered Entity Decision Tools Health care provider (45 C.F.R. 160.103) 5

Administrative Simplification provisions - 1 Protect and enhance rights of consumers Improve quality of health care by restoring trust Improve efficiency and effectiveness of health care delivery by creating a national framework Administrative Simplification provisions - 2 Association for Electronic Health Care Transactions (AFEHCT) an industry action group, member companies include health claims clearinghouses, value added networks, software vendors, practice management companies, health care data processing EDS; IBM; McKesson HBOC; Per Se Technologies; National Data Corp; Siemens Medical Solutions; Perot Systems; Web MD; UNISYS; Ernst & Young, LLP; Aetna US Healthcare; and more 31 Administrative Simplification provisions - 3 October 15, 2002 Deadline for Extension Applies to entities that generate, process and/or receive electronic medical claims,including eligibility and referral authorizations, EOBs, payments Compliance Officer Monitoring/auditing Education/training Conduct effectiveness evaluations Develop and/or update P&P Employee awareness Compliance with government regs Compliance Officer Training Sources for Information November 12, 2002 HIPAA Privacy Rule Compliance: A Simplified Explanation by Michael Fleischman (Gates, Moore & Co) www.coding/institute.com/offer/752 HCCA: 2002 Profile of Health Care Compliance Officers survey www.hcca-info.org/documents/hccasurvey9_02.pdf www.cms.gov/hipaa www.hhs.gov/ocr/hipaa www.ahima.org HCPro Healthcare Marketplace (www.hcmarketplace.com) 6

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information