Paul T. Smith Davis Wright Tremaine LLP

Slides:

Advertisements

Similar presentations

Davis Wright Tremaine LLP HIT Legal Issues: HIPAA Implications to a Regional Health Information Organization Becky Williams, R.N., J.D. Partner, Co-Chair,

Advertisements

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

Independent Contractor Orientation HIPAA What Is HIPAA? Health Insurance Portability and Accountability Act of 1996 The Health Insurance Portability.

HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.

Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.

HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.

Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.

National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.

Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

NAU HIPAA Awareness Training

HIPAA Security Regulations Jean C. Hemphill Ballard Spahr Andrews & Ingersoll, LLP November 30, 2004.

HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.

Overview of HIPAA Administrative Simplification and Privacy Regulations Darrel J. Grinstead, Partner Amy B. Kiesel, Associate Hogan & Hartson L.L.P.

August 10, 2001 NESNIP PRIVACY WORKGROUP HIPAA’s Minimum Necessary Standard Presented by: Mildred L. Johnson, J.D.

Version 6.0 Approved by HIPAA Implementation Team April 14, HIPAA Learning Module The following is an educational Powerpoint presentation on the.

HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.

HIPAA Basic Training for Privacy and Information Security Vanderbilt University Medical Center VUMC HIPAA Website: HIPAA Basic.

HIPAA PRIVACY AND SECURITY AWARENESS.

“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.

Privacy and Security Laws for Health Care Organizations Presented by Robert J. Scott Scott & Scott, LLP

Copyright ©2011 by Pearson Education, Inc. Upper Saddle River, New Jersey All rights reserved. Health Information Technology and Management Richard.

How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.

Working with Health IT Systems Protecting Privacy, Security, and Confidentiality in HIT Systems Lecture a This material (Comp7_Unit7a) was developed by.

HIPAA Policies, Procedures and Training Margret Amatayakul, RHIA, CHPS, FHIMSS President, Margret\A Consulting, LLC Steven S. Lazarus, PhD, FHIMSS Boundary.

April 14, A Watershed Date in HIPAA Privacy Compliance: Where Should You Be in HIPAA Security Compliance and How to Get There… John Parmigiani National.

HIPAA Michigan Cancer Registrars Association 2005 Annual Educational Conference Sandy Routhier.

Davis Wright Tremaine LLP Case Study: Small Group Health Plan HIPAA Privacy Compliance for Employers September 15, 2003 Speaker Jason Froggatt Becky Williams.

Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill Chapter 6 The Privacy and Security of Electronic Health Information.

Health Insurance Portability and Accountability Act of 1996 HIPAA Privacy Training for County Employees.

Understanding HIPAA (Health Insurandce Portability and Accountability Act)

Eliza de Guzman HTM 520 Health Information Exchange.

The Fifth National HIPAA Summit – October 30, 2002 What to Do Now: Operational Implementation of HIPAA Privacy and Security Training Presented by: Steven.

HIPAA PRACTICAL APPLICATION WORKSHOP Orientation Module 1B Anderson Health Information Systems, Inc.

The Culture of Healthcare Privacy, Confidentiality, and Security Lecture d This material (Comp2_Unit9d) was developed by Oregon Health and Science University,

OHCAs, ACEs and Hybrid Entities Paul Smith Davis Wright Tremaine LLP One Embarcadero Center Suite 600 San Francisco, CA (415)

Rhonda Anderson, RHIA, President  …is a PROCESS, not a PROJECT 2.

Working with HIT Systems

1 Privacy Plan of Action © HIPAA Pros 2002 All rights reserved.

HIPAA Security Final Rule Overview

Copyright © 2015 by Saunders, an imprint of Elsevier Inc. All rights reserved. Chapter 3 Privacy, Confidentiality, and Security.

March 19, 2003 Audioconference Approaches to Compliance with the HIPAA Privacy and Security Workforce Training Requirements Presented by: Steven S. Lazarus,

Working with HIT Systems Unit 7a Protecting Privacy, Security, and Confidentiality in HIT Systems This material was developed by Johns Hopkins University,

HIPAA HEALTH INSURANCE PORTABILITY ACOUNTABILITY ACT.

HIPAA Compliance Case Study: Establishing and Implementing a Program to Audit HIPAA Compliance Drew Hunt Network Security Analyst Valley Medical Center.

Functioning as a Business Associate Under HIPAA William F. Tulloch Director, PCBA March 9, 2004.

Taylor County Schools FERPA (Confidentiality) Training August 17, 2010.

COMMUNITY-WIDE HEALTH INFORMATION EXCHANGE: HIPAA PRIVACY AND SECURITY ISSUES Ninth National HIPAA Summit September 14, 2004 Prepared by: Robert Belfort,

What is HIPAA? Health Insurance Portability and Accountability Act of HIPAA is a major law primarily concentrating on the prolongation of health.

The Health Insurance Portability and Accountability Act (HIPAA) requires Plumas County to train all employees in covered departments about the County’s.

BlueCross BlueShield of Tennessee, Inc., an Independent Licensee of the BlueCross BlueShield Association. This document has been classified as public Information.

April 14, 2003 – HIPAA Privacy Audioconference The Importance of April 14, 2003: Where you should be regarding HIPAA privacy policies and procedures and.

Acknowledgement The presenters acknowledge the contributions and suggestions of Margret Amatayakul, RHIA, CHPS, FHIMSS, President, Margret\A Consulting,

HIPAA Administrative Simplification

Health Insurance Portability and Accountability Act

HIPAA PRIVACY AWARENESS, COMPLIANCE and ENFORCEMENT

Disability Services Agencies Briefing On HIPAA

Final HIPAA Security Rule

Health Insurance Portability and Accountability Act

HIPAA Privacy and Security Summit 2018 HIPAA Privacy Rule: Compliance Plans, Training, Internal Audits and Patient Rights Widener University Delaware.

HIPAA Security Standards Final Rule

Paul T. Smith, Esq. Partner, Davis Wright Tremaine LLP

Drew Hunt Network Security Analyst Valley Medical Center

Making Your IRBs and Clinical Investigators HIPAA-Ready

THE 13TH NATIONAL HIPAA SUMMIT HEALTH INFORMATION PRIVACY & SECURITY IN SHARED HEALTH RECORD SYSTEMS SEPTEMBER 26, 2006 Paul T. Smith, Esq. Partner,

HIPAA Compliance Services CTG HealthCare Solutions, Inc.

HIPAA Compliance Services CTG HealthCare Solutions, Inc.

Strategies to Comply with the HPAA Privacy Rule Before the HIPAA Security and Enforcement Rules are Final Presented by: Steven S. Lazarus, PhD, FHIMSS.

Introduction to the PACS Security

Presentation transcript:

Paul T. Smith Davis Wright Tremaine LLP HIPAA Training HIPAA Workforce Training Paul T. Smith Davis Wright Tremaine LLP

Privacy Training The Regulation “A covered entity must train all members of its workforce on the policies and procedures with respect to PHI required by this subpart, as necessary and appropriate for the members of the workforce to carry out their function.” (45 CFR 164.530(b))

Deadlines Training must be provided: Retraining must be provided No later than April 14, 2003 (2004 for small health plans) To new hires within a reasonable period Retraining must be provided After change in job functions After change in policies and procedures

Documentation Training must be documented-- What is not required Maintained in written or electronic form for 6 years. What is not required Employee acknowledgment or certification Refresher training

What The Regulation Requires The security requires security awareness and training for all personnel, including management, with the following “addressable” implementation specifications: Periodic security reminders Education on virus (“malicious software”) protection Log-in monitoring Password management (45 CFR 142.308(a)(5))

Who Must be Trained? Privacy Workforce must be trained Employees Volunteers Students Independent contractors with assigned workstations (if CE chooses) What about others? Medical staff Business associates

Who Must be Trained? Security Was employees, agents and contractors, now just workforce (including management). Role-based training optional. Contractors must be aware of security policies, but do not need training.

Policy and Procedure Training Responsibility of Privacy Official is “development and implementation of the policies and procedures of the entity.” Cover— Privacy administration Physical protection Technical safeguards Use and disclosure Sanctions and mitigation Individual rights

Policy and Procedure Development Business Rules More stringent state law Organizational Ethics Policies and Procedures Workforce Training HIPAA

Policy and Procedure Development A HIPAA-Based Policy: “We restrict the use and disclosure of all individually identifiable health information. Individually identifiable health information is information that identifies or could be used to identify an individual, and that contains information about the individual’s health condition or health care, including payment for health care.” An Alternative: “We treat all health care related information as confidential, whether or not it identifies an individual, or could be used to identify an individual.”

Policy and Procedure Training HIPAA Education Privacy Awareness Training Role-Based Policy and Procedure Training

Requirements Flexible and scalable You decide content and delivery Classroom instruction Videos On-line training Handbooks One hour per employee, on average