Presentation on theme: "JCAHO –A HIPAA Business Associate National HIPAA Summit"— Presentation transcript:
1 JCAHO –A HIPAA Business Associate National HIPAA Summit Anthony J. Tirone, JD,MBADirector, Federal RelationsJoint Commission on Accreditation of Healthcare Organizations November 1, 2002
2 Joint Commission on Accreditation of Healthcare Organizations Private, not for profit corporationOldest and largest accreditation organizationFounded in 1951
3 Mission of the Joint Commission To continuously improve the safety and quality of care provided to the public through the provisions of health care accreditation and related services that support performance improvement in health care organizations
4 Joint CommissionAccredits over 17,000 health care organizations in 8 program areas:HospitalsHealth care networksHome care, including hospice and DMENursing homes
5 Joint Commission Behavioral health care Ambulatory care Assisted livingClinical laboratoriesAnd:Disease Management ProgramOffice Based Surgery
6 Public/ Private Partnership Congress established the basis for the public private partnership in the original Medicare legislationHospitals accredited by the Joint Commission are “deemed” to meet health and safety requirementsSecretary could approve other organizations if standards and process equivalent to Medicare
7 Federal Recognition of Joint Commission Accreditation Medicare program:HospitalsHome careHospiceAmbulatory surgical centersClinical laboratoriesMedicare+ ChoiceCritical Access Hospitals
8 State Recognition of Joint Commission Accreditation Hospitals statesBehavioral care 45 states and D.CHome care 20 statesLaboratories 28 statesAmbulatory care 18 statesAssisted living 1 stateNet works states
9 Accreditors Are Business Associates of The Covered Entities They Accredit A Business Associate Agreement Is Required Between the Accreditor and the Organizations They Accredit
10 Implementation of HIPAA Joint Commission is:Publishing internal policies on the confidentiality of personally identified health care informationReviewing standards for consistency with HIPAA requirementsDeveloping a model Business Associate Agreement
11 JCAHO Internal Policies Explicit policies for employees regarding access and protection of individually identifiable health informationAccess only when necessarySafe guard at all timesDisclose only in accordance with the purpose for which it was obtained
12 JCAHO Standards Review of standards completed Finding: Standards are consistent with HIPAAStandards lack some of the detailed requirements of the regulation:
13 JCAHO StandardsSystems designed to allow timely & easy use of data w/o compromising security / confidentialityInfo protected against loss, destruction, tampering, & unauthorized useOrganization demonstrates respect for patient privacy & confidentialityOrganization complies w/state & federal law & regulation
14 HIPAA Specifics not covered Accounting of disclosureRight of accessRight to request amendmentRight to request restrictionsSpecifics for de-identificationSpecifics for content of consent/authorizationSome specifics under administrative section
15 JCAHO Standards Planned changes: Will add requirements for : Patient access to recordsAbility of the patient to request changes or correction of the recordChanges will be effective January 2004
16 JCAHO Accreditation Survey The survey will measure compliance with our standards,Compliance with our standards is indicator that the organization is in compliance with HIPAAWe will not be certifying compliance with HIPAA
17 Business Associate Agreement Developing a model agreement to be used for all accredited organizationThe agreement is currently being finalized after review of comments from various provider representativesWill be available December 2002Seeking clarification that all parts of the Organized Health Care Arrangement. That all parts of the OHCA can disclose information to the accreditor of the OHCA, based on the one agreement between the accreditor and the OHCA. Separate agreements are not necessary.
18 Business Associate Agreement Agreement will be an addendum to the application for surveyCompleted electronically, if possibleThe addendum will include:The obligations of the Joint CommissionObligations of the surveyed organizationMeet all the requirements of HIPAAWe will have to start securing agreements from the approximately 1/3rd of our accredited organizations that will not be up for renewal between the final regulation and the effective date of April 2004.
19 SummaryJoint Commission standards are consistent with HIPAA requirementsChanges will be made to the standards to address a persons right to access or request a change in their recordsChanges will be effective 2004
20 SummaryImplementation of the Business Associate agreement requirement will commence with applications filed in Jan. 2003Agreements executed with all accredited organizations by April 14, 2004, as requiredA model agreement will be used to minimize the cost and complexity of implementation
Your consent to our cookies if you continue to use this website.