Presentation is loading. Please wait.

Presentation is loading. Please wait.

U.S. Benefits Group Fifth National HIPAA Summit A Case Study in Employer HIPAA Privacy Compliance Approaches Fred J. Thiele, JD, MBA Legal Compliance Manager.

Published byJasmin Johnston Modified over 8 years ago

Similar presentations

Presentation on theme: "U.S. Benefits Group Fifth National HIPAA Summit A Case Study in Employer HIPAA Privacy Compliance Approaches Fred J. Thiele, JD, MBA Legal Compliance Manager."— Presentation transcript:

1 U.S. Benefits Group Fifth National HIPAA Summit A Case Study in Employer HIPAA Privacy Compliance Approaches Fred J. Thiele, JD, MBA Legal Compliance Manager U.S. Benefits Group Intel Corporation Chandler, AZ November 1, 2002

2 U.S. Benefits Group Page 2 11/1/02 Employer Case Study – Intel ® Intel is “covered entity” under HIPAA regs by virtue of fact that it maintains a self- funded group health plan Cross-functional HIPAA privacy compliance team assembled in January 2002 –Representatives from Benefits Design/Ops, Call Center, HRD, Occ Health, Gen. Acctg., HR Legal –Coordination with other corporate privacy initiatives (e.g., SSN) –Trained in basic “ins and outs” of HIPAA privacy

3 U.S. Benefits Group Page 3 11/1/02 Employer Case Study – Intel ® First task: Root out all uses or disclosures of “individually identifiable health information” in company –Accomplished via comprehensive information inventory conducted by team Aggregate inventory subjected to two tests for classification purposes: –“Protected Health Info.” vs. Non-PHI LOA, STD/LTD, and “de-identified” or “summary health” items fell out as non-PHI –“Treatment, Payment, H/C Ops” vs. Non-TPO All PHI items at Intel were TPO, which is favored over non-TPO and thus has fewer restrictions

4 U.S. Benefits Group Page 4 11/1/02 Employer Case Study – Intel ® Inventory turned up 10 unique uses and disclosures of PHI –Drafted compliant internal guidelines/procedures tailored to these uses and disclosures Applying “minimum necessary” and proper safeguards Good news is that business disruption will be minimal since company already does fine job honoring privacy Group health plan documents and supplier contracts revised as required –Amended plan documents to allow plan sponsor access to PHI (Sec. 164.504(f)) –Implemented “business associate” (BA) agreements with outside suppliers Corp. Purchasing negotiated model HHS language into new/existing supplier contracts

5 U.S. Benefits Group Page 5 11/1/02 Employer Case Study – Intel ® Key tasks remaining on roadway to compliance... –Designation of privacy official –Execution of training and communication plans Training for Benefits Ops, Call Center Privacy notice distribution; revision of employee handbook (SPD), Call Center scripting –Quality Assurance Final review of all relevant HHS regs/guidance against compliance processes leading up to 4/14/03

6 U.S. Benefits Group Page 6 11/1/02 Employer Case Study – Intel ® Biggest challenges throughout project: –Seizing upon ERISA preemption to shield company from any stronger state privacy regs –Possible independent CE status of Occ Health under “health care provider” definition in regs –Differentiating “consents” from “authorizations” Final regs render former almost irrelevant –Understanding shifting concept of “marketing” so as not to get tangled in its grasp Company wanted to ensure that popular disease management and wellness initiatives didn’t cross line

7 U.S. Benefits Group Page 7 11/1/02 HIPAA Privacy Compliance Project High Level Project Timeline Ongoing Review of HHS Regs and Guidance Jan Feb Mar Apr May Jun Jul Aug Sept Oct Nov Dec Jan Feb Mar Apr 2002 2003 Team Org. Analysis Compliance Plan Design Guideline Preparation Plan Docs Amendment Implementation Training Communications QA Compliance Date (4/14/03) We are here

Download ppt "U.S. Benefits Group Fifth National HIPAA Summit A Case Study in Employer HIPAA Privacy Compliance Approaches Fred J. Thiele, JD, MBA Legal Compliance Manager."

Similar presentations

H OGAN & H ARTSON, L.L.P.

H OGAN & H ARTSON, L.L.P.
“Reaching across Arizona to provide comprehensive quality health care for those in need” Our first care is your health care Arizona Health Care Cost Containment.

“Reaching across Arizona to provide comprehensive quality health care for those in need” Our first care is your health care Arizona Health Care Cost Containment.
Presented by Elena Chan, UCSF Pharm.D. Candidate Tiffany Jew, USC Pharm.D. Candidate March 14, 2007 P HARMACEUTICAL C ONSULTANTS, I NC. P RO P HARMA HIPAA.

Presented by Elena Chan, UCSF Pharm.D. Candidate Tiffany Jew, USC Pharm.D. Candidate March 14, 2007 P HARMACEUTICAL C ONSULTANTS, I NC. P RO P HARMA HIPAA.
HIPAA Basics Brian Fleetham Dickinson Wright PLLC.

HIPAA Basics Brian Fleetham Dickinson Wright PLLC.
HIPAA and Public Health 2007 Epi Rapid Response Team Conference.

HIPAA and Public Health 2007 Epi Rapid Response Team Conference.
NATIONAL FORUM ON YOUTH VIOLENCE PREVENTION: HIPAA PRIVACY RULE CONSIDERATIONS November 1, 2011 Iliana L. Peters, JD, LLM HHS Office for Civil Rights.

NATIONAL FORUM ON YOUTH VIOLENCE PREVENTION: HIPAA PRIVACY RULE CONSIDERATIONS November 1, 2011 Iliana L. Peters, JD, LLM HHS Office for Civil Rights.
HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.

HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.
HIPAA Privacy Rule Training

HIPAA Privacy Rule Training
Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.

Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.
HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.

HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
Presented by the Office of the General Counsel An Overview of HIPAA.

Presented by the Office of the General Counsel An Overview of HIPAA.
TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.

TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.
HIPAA Health Insurance Portability and Accountability Act.

HIPAA Health Insurance Portability and Accountability Act.
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.

HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.
COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.

COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.
Jill Moore April 2013 HIPAA Update: New Rules, New Challenges.

Jill Moore April 2013 HIPAA Update: New Rules, New Challenges.
Are you ready for HIPPO??? Welcome to HIPAA

Are you ready for HIPPO??? Welcome to HIPAA
Health IT Privacy and Security Policy Jodi Daniel, J.D., M.P.H. Director, Office of Policy and Research, Office of the National Coordinator for Health.

Health IT Privacy and Security Policy Jodi Daniel, J.D., M.P.H. Director, Office of Policy and Research, Office of the National Coordinator for Health.

Similar presentations

Ads by Google