Who is looking at your electronic health record?
|
|
- Trevor Lawrence
- 8 years ago
- Views:
Transcription
1 Who is looking at your electronic health record? A practical guide to building an audit plan. April 22, 2013 Sandy Gilmore Audit Plan April
2 Audit Plan April Who is looking at your EHR Objectives Understand the importance of a complete inventory of systems and system users Complete a risk assessment based on systems and system users Develop / write an audit plan based on risks and organization resources Audit Plan April
3 Legacy Health Portland Vancouver 6 medical centers > 2 urban > 3 suburban > 1 children s hospital > Regional burn center > Trauma center > Inpatient rehabilitation facility > 2 inpatient behavioral health facilities Audit Plan April Legacy Health Legacy Medical Group > 25 Primary care clinics > 14 Specialty care clinics Hospice > Inpatient facility > Home hospice care Hospital outpatient clinics 9000 employees 1578 licensed beds Audit Plan April
4 Legacy Health Implemented electronic health record Epic November 2011 Inpatient Outpatient ambulatory Legacy Epic Ancillary Provider (LEAP) Epic LINK Epic Care Everywhere Audit Plan April Before Epic Access audits were for cause > Patient complaint > Manager concerns Quarterly VIP or in the news access audit Approximately 75 audits per year Limited audit ability with electronic systems Audits analyzed by small HIPAA compliance office (1.5 FTE) Audit Plan April
5 Inventory of electronic systems with PHI Inventory or review inventory of all systems that contain Protected Health Information (PHI). Type of PHI kept on the system Frequency of access log timing Maintenance of access logs Users of systems Audit Plan April Inventory of electronic systems with PHI Cerner Millennium lab system PACS imaging system AS400 retired with Epic MedManager retired with Epic Muse ECG tracings Chart Plus Echart retired with Epic CPACS cardiac images Etc, etc, etc Audit Plan April
6 Inventory of users of EHR Legacy employees (including physicians) Medical Staff 5 different medical staffs Legacy contractors Legacy vendors Medical staff office personnel Community physicians and staff Students LEAP customers Audit Plan April Inventory of users of EHR Outside auditors Outside utilization review Outside billing offices Epic care LINK users Epic Care Everywhere users Ambulance providers DME providers Future user groups? Audit Plan April
7 Risk Assessment of electronic systems Type of PHI Number of users User groups with access Control of access Generates access logs Reports on access Audit Plan April Risk Assessment of electronic systems Epic (all modules) highest risk > Large number of users (18,000) > Large number of outside users > Contains protected health information > Both financial and clinical information Audit Plan April
8 Risk Assessment users of electronic systems Number of users User groups with access Control of access Detail information about user HIPAA Training Privacy culture Sanctions for inappropriate access Audit Plan April Risk Assessment users of electronic systems Legacy employees, students, contractors > Largest number > Confidential patients > Confidential departments Medical staff office personnel > Detail information about user > HIPAA Training > Privacy culture > Sanctions for inappropriate access Audit Plan April
9 Determine what to audit Access to Epic (all modules) Access by Legacy employees (workforce) > LEAP users > LINK users Access by medical office personnel Audit Plan April Inventory of Epic access reports Same last name / same guarantor Same employer Same address Break the Glass confidential departments / patients Largest number of records accessed First access LINK Access queries Care Everywhere Audit Plan April
10 Run reports / analyze Run available reports > Work to produce reports > Work to analyze reports > Quality of data from reports > Follow up needed on results > Enough data to sanction user? Determine which reports to run regularly Audit Plan April Determine response to inappropriate access Legacy has HR response plan in place > Based on history of For Cause audits > Follow same process for ProActive audits Non- employees > Needed to develop and communicate Physicians on medical staff > Based on history of For Cause audits > Pursue more stringent sanctions with Medical Staff process Audit Plan April
11 Choose ProActive reports Quality of data Actionable Analysis of available reports Time and resources available Bang for the buck Audit Plan April Choose ProActive reports Legacy chose 3 ProActive reports for first year audit plan. Break the Glass reports Same last name / same guarantor Clinic access report > Utilizing a for cause audit report Audit Plan April
12 What is Break the Glass Epic solution to provide extra privacy for certain patients or records. Extra level of protection for > Confidential encounters > Confidential departments > Confidential patients Audit Plan April Audit Plan April
13 Audit Plan April Audit Plan April
14 Break the glass report Audit Plan April Communication plan for internal users New employee orientation Annual HIPAA training Specialized training for departments Training combined with Epic training Specialized communication to employed physicians Audit Plan April
15 Communication plan for external users Specialized training for LEAP users Specialized communication plan for medical staff physicians and office personnel (in process) As part of the access authorization process for any outside EPIC user Updated Business Associates Agreement Audit Plan April Assess resources to complete audits Generate access log reports Analyze access reports Communicate with HR/clinic managers Follow up on sanctions Refer reports of inappropriate access to Breach Investigation process Manage data, save, report Audit Plan April
16 Write audit plan What reports How often Who will run Who will analyze Follow up actions Annual reporting to what committees Who approves the audit plan Audit Plan April Legacy Audit Plan Started in April 2012 (still in approval process) Monthly Proactive audit > Rotating 3 audits > Analysis of 2 weeks of data > Scan results > In-depth review of 10 records Reports to HIPAA Steering Committee Quarterly reports to Compliance Committee Annual report to Audit Committee Audit Plan April
17 Audit Plan April Questions? Audit Plan April
18 Sandy Gilmore
Entity Overview and EMR Implementation Status. EMR Implementation: Compliance Challenges. Panel Members 11/29/2013. Moderator: Lynda Hilliard
EMR Implementation: Compliance Challenges HCCA Upper West Coast Regional Conference December 6, 2013 San Francisco Panel Members Greta Fees Ginny Kim Kevin Longo Moderator: Lynda Hilliard Entity Overview
More informationEMR Implementation: Compliance Challenges
EMR Implementation: Compliance Challenges HCCA Upper West Coast Regional Conference December 6, 2013 San Francisco Panel Members Greta Fees Ginny Kim Kevin Longo Sutter Health John Muir Health Adventist
More informationHow To Use An Ehr
Compliance Considerations in the World of an EHR Jackie Smith, CHC, CHPC Network Privacy & Compliance Officer Community Health Network April 8, 2014 Community Health Network 7 Hospitals, 12 Outpatient
More informationEstablishing an Access Auditing Program. Cindy Matson, CHC, CHPC Chief Privacy Officer
Establishing an Access Auditing Program Cindy Matson, CHC, CHPC Chief Privacy Officer Hospitals: 31 Clinics: 111 Long-term care facilities: 31 Health Plan Employees: 18,000+ Physicians: 900+, offering
More informationMANUAL OF UNIVERSITY POLICIES PROCEDURES AND GUIDELINES. Applies to: faculty staff students student employees visitors contractors
Page 1 of 5 Applies to: faculty staff students student employees visitors contractors Effective Date of This Revision: October 19, 2006 Contact for More Information: Chief Privacy Officer 1303 A West Campus
More informationFinal. National Health Care Billing Audit Guidelines. as amended by. The American Association of Medical Audit Specialists (AAMAS)
Final National Health Care Billing Audit Guidelines as amended by The American Association of Medical Audit Specialists (AAMAS) May 1, 2009 Preface Billing audits serve as a check and balance to help ensure
More informationJoint Implementation of Epic Ambulatory in Two Academic Centers
Joint Implementation of Epic Ambulatory in Two Academic Centers Tara Coxon Director, Information Technology St. Joseph s Healthcare, Hamilton Rob Lloyd MD FRCPC Medical Director, Clinical Informatics Hamilton
More informationView the Replay on YouTube. Sustainable HIPAA Compliance: Enhancing Your Epic Reporting. FairWarning Executive Webinar Series October 17, 2013
View the Replay on YouTube Sustainable HIPAA Compliance: Enhancing Your Epic Reporting FairWarning Executive Webinar Series October 17, 2013 Today s Panel Chris Arnold FairWarning VP of Product Management
More informationMEANINGFUL USE 101. Selecting the WRONG EMR can cost you Time & Money
MEANINGFUL USE 101 Selecting the WRONG EMR can cost you Time & Money This presentation will provide an insider s view of the most critical aspects of demonstrating Meaningful Use... with an EMR All Complete
More informationBILL TYPES PAGE 1 OF 8 UPDATED: 9/13
INPATIENT HOSPITAL 111 REGULAR INPATIENT 112 FIRST PORTION: CONTINUOUS STAY INPATIENT 113 SUBSEQUENT PORTION: CONTINUOUS STAY INPATIENT 114 FINAL PORTION: CONTINUOUS STAY INPATIENT 115 INPATIENT: LATE
More informationHIPAA Privacy Rule Policies
DRAFT - Policies and Procedures PRIVACY OFFICE ASSIGNMENT AND RESPONSIBILITIES APPROVED BY: SUPERCEDES POLICY: Policy #1 ADOPTED: REVISED: REVIEWED: Purpose This policy is designed to assure the establishment
More informationSUMMARY OF Proactive Monitoring Procedures
SUMMARY OF Proactive Monitoring Procedures for Secure Individual Identifiable Health Information OCTOBER 2014 Minnesota E-Health Initiative & the Minnesota Department of Health, Office of Health Information
More informationTOP 10 Security Questions Introduction Breaches and other privacy and security incidents in healthcare are on the rise due to the vast size of the industry and the oneoffs of protected health information
More informationMEANINGFUL USE 101. Selecting the WRONG EMR can cost you Time & Money
MEANINGFUL USE 101 Selecting the WRONG EMR can cost you Time & Money This presentation will provide an insider s view of the most critical aspects of demonstrating Meaningful Use... with an EMR All Complete
More informationOne Patient, One Record: How Allina completes an award-winning EHR with enterprise content management
Healthcare Enterprise Spotlight Brochure Allina Hospitals & Clinics One Patient, One Record: How Allina completes an award-winning EHR with enterprise content management More than 20,000 users access content
More informationPatient Privacy and HIPAA/HITECH
Patient Privacy and HIPAA/HITECH What is HIPAA? Health Insurance Portability and Accountability Act of 1996 Implemented in 2003 Title II Administrative Simplification It s a federal law HIPAA is mandatory,
More informationWhat Virginia s Free Clinics Need to Know About HIPAA and HITECH
What Virginia s Free Clinics Need to Know About HIPAA and HITECH This document is one in a series of tools and white papers produced by the Virginia Health Care Foundation to help Virginia s free clinics
More informationState of Maine Department of Health and Human Services (DHHS) Office of MaineCare Services 2010 Maine Medicaid Provider Survey Executive Summary
State of Maine Department of Health and Human Services (DHHS) Office of MaineCare Services 2010 Maine Medicaid Provider Survey Executive Summary Background As part of the environmental assessment of the
More informationAPPENDIX 1: Frequently Asked Questions
APPENDIX 1: Frequently Asked Questions Practice Name Q: What is the HIPAA Privacy Rule? A: The HIPAA Privacy Rule controls the use and disclosure of what is known as Protected Health Information (PHI).
More informationRegulatory Compliance Policy No. COMP-RCC 4.17 Title:
I. SCOPE: Regulatory Compliance Policy No. COMP-RCC 4.17 Page: 1 of 6 This Policy applies to (1) Tenet Healthcare Corporation and its wholly owned subsidiaries and affiliates (each, an Affiliate ); (2)
More informationSpecial Topics in Vendor- Specific Systems. Outline. Results Review. Unit 4 EHR Functionality. EHR functionality. Results Review
Special Topics in Vendor- Specific Systems Unit 4 EHR Functionality EHR functionality Results Review Outline Computerized Provider Order Entry (CPOE) Documentation Billing Messaging 2 Results Review Laboratory
More informationHealth Information Exchange At Sutter Health Using. Steven Lane, MD, MPH EHR Ambulatory Physician Director
Health Information Exchange At Sutter Health Using Steven Lane, MD, MPH EHR Ambulatory Physician Director 1 Sutter Health Serving 100 communities and more than three million patients in Northern California
More informationShellie Sulzberger, LPN, CPC, ICDCT-CM. Coding & Compliance Initiatives, Inc.
Shellie Sulzberger, LPN, CPC, ICDCT-CM Coding & Compliance Initiatives, Inc. My connection to coding and documentation My connection to clinical processes My connection to ICD-10 My connection to YOU Coding
More informationOhio Health Information Partnership/CliniSync HIE
Ohio Health Information Partnership/CliniSync HIE Cathy Costello, JD Regional Extension Center/MU ccostello@ohiponline.org Andrea Perry, MPA Privacy Officer aperry@ohiponline.org 63 Ohio s HIE Landscape
More informationIDAHO STATE UNIVERSITY POLICIES AND PROCEDURES (ISUPP) HIPAA Privacy & Security - Sanctions 10210
IDAHO STATE UNIVERSITY POLICIES AND PROCEDURES (ISUPP) HIPAA Privacy & Security - Sanctions 10210 POLICY INFORMATION Major Functional Area (MFA): MFA X - Office of General Counsel & Compliance Policy Title:
More informationRecord Custodian to Health Information Steward Best Practices in Record Retention, Storage, and Destruction
Record Custodian to Health Information Steward Best Practices in Record Retention, Storage, and Destruction Indian Health Services Health Information Management Meeting Sharon Lewis, MBA, RHIA, CHPS, CPHQ
More informationWISHIN Pulse Statement on Privacy, Security and HIPAA Compliance
WISHIN Pulse Statement on Privacy, Security and HIPAA Compliance SEC-STM-072014 07/2014 Contents Patient Choice... 2 Security Protections... 2 Participation Agreement... 2 Controls... 3 Break the Glass...
More informationUC Medical Centers (UC-Davis, LA, SF, SD and Irvine), Epic, Allscripts and California Smokers Helpline Update Date: October 2014
ereferral Project Summary Please describe the purpose / goals for your ereferral project. Give a description of the health care provider/system, why/how they were selected, and other relevant information.
More informationNew Privacy Laws Impacting the Health Care Work Place
New Privacy Laws Impacting the Health Care Work Place Presented by Thomas E. Jeffry, Jr., Esq. Arent Fox LLP Washington, DC New York, NY Los Angeles, CA November 12 & 19, 2009 Overview 1. Overview of California
More informationUniversity of Wisconsin-Madison Policy and Procedure
Page 1 of 14 I. Policy II. A. The, the units of the UW-Madison Health Care Component and each individual or unit within UW-Madison that is a Business Associate of a covered entity (hereafter collectively
More informationTexas ereferral Project with Baylor Scott and White, Epic, Alere Wellbeing and University of Texas at Austin Update Date: October 2014
ereferral Project Summary Please describe the purpose / goals for your ereferral project. Give a description of the health care provider/system, why/how they were selected, and other relevant information.
More informationUnderstanding Health Insurance Portability Accountability Act AND HITECH. HIPAA s Privacy Rule
Understanding Health Insurance Portability Accountability Act AND HITECH HIPAA s Privacy Rule 1 What Is HIPAA s Privacy Rule The privacy rule is a component of the Health Insurance Portability and Accountability
More informationIntegration for your Health Information System
Integration for your Health Information System Achieve comprehensive healthcare IT integration that leverages your existing IT investments and helps you meet the growing demands of Meaningful Use, HIE,
More informationLegacy Epic for Affiliated Physicians
Legacy Epic for Affiliated Physicians Electronic Health Record Legacy Health Offering a complete automated solution Legacy Health is offering private practice physicians a complete solution: Legacy Epic
More informationNOTICE OF PRIVACY PRACTICES
NOTICE OF PRIVACY PRACTICES In 1996, the U.S. Congress passed the Health Insurance Portability and Accountability Act (HIPAA). Among others, the Act applies to health care providers and hospitals; it is
More informationSCDA and SCDA Member Benefits Group
SCDA and SCDA Member Benefits Group HIPAA Privacy Policy 1. PURPOSE The purpose of this policy is to protect personal health information (PHI) and other personally identifiable information for all individuals
More informationExperiences Implementing Ambulatory EMRs and Early Benefits
Experiences Implementing Ambulatory EMRs and Early Benefits Colleen Rogers, Chad Leaver and Simon Hagens ehealth 2015 Today s Presentation Infoway and Investment in Ambulatory EMR Adoption Progress Emerging
More informationFiscal Year 2015-16 Information Technology Request
PROGRAM PLAN STATUS and OIT BEST PRACTICES 2015-030 Approved Program Plan? Yes Date Approved: February 22, 2013 The department says that it has coordinated with the Governor's Office of Information Technology
More informationTIPS FOR SELECTING AN ELECTRONIC HEALTH RECORD FOR YOUR PRACTICE 2009
TIPS FOR SELECTING AN ELECTRONIC HEALTH RECORD FOR YOUR PRACTICE 2009 It is important to understand that if you wish to participate in incentive payments offered by the federal government, you will need
More informationListening to the Human Side A collaborative approach to building an electronic health record
Listening to the Human Side A collaborative approach to building an electronic health record Keith Adamson, PhD, RSW Senior Director, Collaborative Practice http://hollandbloorview.ca/about/index.php Towards
More informationFour Goals of Certification
Mission CCHIT is an independent, nonprofit organization with the mission of accelerating the adoption of robust, interoperable health IT by creating an efficient, credible certification process 2008 Slide
More informationClinical Research Management Training Program Electronic Medical Records: Access, Use and Compliance for Research March 11, 2013
Clinical Research Management Training Program Electronic Medical Records: Access, Use and Compliance for Research March 11, 2013 Linda Metro, RHIA Director, Health Information Management Electronic Medical
More informationPhysician Office EMR Training
Physician Office EMR Training HERO = Health Electronic Record Online 1 LOGGING IN 1) Log into HERO by accessing one of the following: a. From the DrWeb page drweb.excelahealth.org HERO b. myapps.exceleahealth.org
More informationMedical Management Requirements Effective January 1, 2008
December 1, 2007 Dear Provider and Colleague: Please be advised that effective January 1, 2008, Health Plan will change its Medical Management Policies to include new requirements for prior authorizations
More informationHealthcare IT (HIT) Strategic Planning & Budgeting MARCH 26, 2014
Healthcare IT (HIT) Strategic Planning & Budgeting MARCH 26, 2014 Agenda Introduction / Session Overview HIT Budgeting 101 Security and Compliance EHR budgeting HIT Where Are We Going Q & A 2 Copyright
More informationFluency Direct. Proof of Concept Requirements
Fluency Direct Proof of Concept Requirements Contents Overview... 3 Standard Information... 3 Environment Requirements... 3 Target Applications... 3 Use Cases... 4 Configuration... 4 Training... 4 Support
More informationPREVENTIVE CARE See the REHP Benefits Handbook for a list of preventive benefits* MATERNITY SERVICES Office visits Covered in full including first
Network Providers Non Network Providers** DEDUCTIBLE (Per Calendar Year) None $250 per person $500 per family OUT-OF-POCKET MAXIMUM (When the out-of-pocket maximum is reached, benefits are paid at 100%
More informationHIPAA PRIVACY AND SECURITY AWARENESS
HIPAA PRIVACY AND SECURITY AWARENESS Introduction The Health Insurance Portability and Accountability Act (known as HIPAA) was enacted by Congress in 1996. HIPAA serves three main purposes: To protect
More informationWhat s new In the News Data Breach Discussion The 5 W s Risk Analysis: Why, What, how, When, and Who Common Issues Observed Q / A Session Purdue
What s new In the News Data Breach Discussion The 5 W s Risk Analysis: Why, What, how, When, and Who Common Issues Observed Q / A Session Purdue Healthcare Advisors The # of data breaches is climbing The
More informationFrequently Asked Questions
Frequently Asked Questions What is an electronic health record? Borgess has transitioned from paper-based medical records to electronic health records (EHRs). An EHR is an electronic version of your medical
More informationHIPAA Compliance Evaluation Report
Jun29,2016 HIPAA Compliance Evaluation Report Custom HIPAA Risk Evaluation provided for: OF Date of Report 10/13/2014 Findings Each section of the pie chart represents the HIPAA compliance risk determinations
More informationManaged Care Trading Partner Testing Packet. Managed Care Trading Partners
Managed Care Trading Partner Testing Packet Information in this ForwardHealth Managed Care Trading Partner Testing Packet is provided to ForwardHealth managed care s who intend to exchange electronic health
More informationFrom EHR Implementation to Attestation: Auditing and Monitoring Meaningful Use
From EHR Implementation to Attestation: Auditing and Monitoring Meaningful Use Donna M. Abbondandolo, MBA, CHC, CPHQ, RHIA, CCS, CPC AVP of Compliance Laura Massa, RHIA, CCS, CTR Compliance Data Specialist
More informationUAMS Physician Relations. This is our team
UAMS Physician Relations This is our team UAMS Physician Relations A national reputation for excellence Melanie Meyer Past-President Past-Board of Directors Carla Alexander Board of Directors *AAPL 500+
More informationMeeting the HIPAA Training and Business Associate Requirements Questions and Answers, with HIPAA Security Expert Mike Semel
Meeting the HIPAA Training and Business Associate Requirements Questions and Answers, with HIPAA Security Expert Mike Semel Questions Answers 1 Is a Business Associate (BA) responsible for assuming a Covered
More informationUpdate of Replacement of Electronic Health Record
Update of Replacement of Electronic Health Record Presentation to UMC Audit & Finance Committee August 11, 2015 Phase 1 Key Tasks by Month July August September October November Project Launch Initial
More informationHEALTH CARE AUDITING & MONITORING TOOLS
HEALTH CARE AUDITING & MONITORING TOOLS TABLE OF CONTENTS ABOUT THIS MANUAL SUGGESTIONS INTRODUCTION LIST OF CONTRIBUTORS MONITORING & AUDITING PRACTICES FOR EFFECTIVE COMPLIANCE PLANNING AND CONDUCTING
More information2014 AHA Annual Survey Information Technology Supplement Health Forum, L.L.C.
2014 AHA Annual Survey Information Technology Supplement Health Forum, L.L.C. Please return to: AHA Annual Survey Information Technology Supplement 155 N. Wacker Chicago, IL 60606 Please Note: This year
More informationMeditech Scanning & Archiving
Meditech Scanning & Archiving Overview Effective November 14, 2012, Children s Hospital will go-live with Meditech Scanning & Archiving. Documents will no longer be scanned in ChartMaxx. Exception: Orders
More informationJMH User Access Request Form
The JMH UAR (User Access Request) Form is a multi-page agreement for attesting you will comply with the requirements set forth herein and a form for requesting the provisioning of access to John Muir Health
More informationCase Study Healthcare Allina Health One Patient, One Record: Enterprise content management is a core system for Allina Health
Case Study Healthcare Allina Health One Patient, One Record: Enterprise content management is a core system for Allina Health Table of Contents Executive Summary... 3 HIM and EMR Integration: No more chart
More informationDoes Your Information Security Program Measure Up? Session #74
Does Your Information Security Program Measure Up? Session #74 DISCLAIMER: The views and opinions expressed in this presentation are those of the author and do not necessarily represent official policy
More informationKeys to EMR/EHR Success
Keys to EMR/EHR Success Tuesday September 2 nd, 2014 Presented by Ron Sterling Sterling Solutions, Ltd. rbsterling@sterlingsolutions.com The information provided in AHC Media Webinars does not, and is
More informationAHAdatainfo@healthforum.com 866-375-3633. 2012 AHA Annual Survey Information Technology Supplement. Healthcare IT Database Download and Data Licensing
2012 AHA Annual Survey Information Technology Supplement Survey Questionnaire This survey instrument can be used to facilitate sales, planning and marketing activities. For example, consider current and
More informationHealth Plans Comparison Chart
Health Plans Comparison Chart PPO Deductible Coinsurance (Plan pays) Annual Out-of-Pocket Maximum (Medical) (all medical s, deductibles and coinsurance for covered services will apply. Once limit is met,
More informationSustainable HIPAA Compliance: Protecting Patient Privacy through Highly Leveraged Investments
View the Replay on YouTube Sustainable HIPAA Compliance: Protecting Patient Privacy through Highly Leveraged Investments FairWarning Executive Webinar Series October 31, 2013 Today s Panel Chris Arnold
More informationOffice of Compliance and Ethics Introductory Report. Lynette Fons, Chief Compliance Officer
Office of Compliance and Ethics Introductory Report Lynette Fons, Chief Compliance Officer Why the Office of Compliance and Ethics was Created The City operates in a highly complex regulatory environment
More informationLEVERAGING HEALTH INFORMATION EXCHANGE TO CREATE A CONNECTED CARE COMMUNITY
LEVERAGING HEALTH INFORMATION EXCHANGE TO CREATE A CONNECTED CARE COMMUNITY Sue Schade, MBA, FCHIME, FHIMSS Chief Information Officer University of Michigan Hospitals and Health Centers Objectives Why?
More informationManaging the Insider Threat: Real-time Monitoring of Access Patterns to ephi
Managing the Insider Threat: Real-time Monitoring of Access Patterns to ephi Mac McMillan (CynergisTek, HIMSS) Jennings Aske (Partners Healthcare) Mike Terra (Oracle Corp.) Daniel Fabbri (U. Michigan)
More informationPrivacy Issues and the Children s s Hospital EMR
Privacy Issues and the Children s s Hospital EMR This roundtable discussion is brought to you by the Children s s Hospital Affinity Group of the In-House Counsel (In- House) and Teaching Hospitals and
More information12/1/2014. Cybersecurity and Cloud Services Compliance Considerations. Community Medical Centers. Cedars-Sinai. Dec. 5, 2014 San Francisco
Cybersecurity and Cloud Services Compliance Considerations Dec. 5, 2014 San Francisco Katie Gorris, CHC,CHPS,CHPC Privacy Manager, Corporate Integrity Program Cedars-Sinai Health System gorrisk@cshs.org
More informationHIPAA and Mental Health Privacy:
HIPAA and Mental Health Privacy: What Social Workers Need to Know Presenter: Sherri Morgan, JD, MSW Associate Counsel, NASW Legal Defense Fund and Office of Ethics & Professional Review 2010 National Association
More informationWilliam Rusty Huseman 3733 University Blvd. West, Suite 305-A Jacksonville, FL 32217
William Rusty Huseman est, Email: Rusty@husemanhealthlaw.com 1 Audit & Compliance Audit Who can audit your practice? What to expect? What to do if you are audited? Compliance 2 What you MUST have in place
More informationDefense Healthcare Management Systems
Defense Healthcare Management Systems DoD Electronic Health Records & Interoperability Strategy July 9, 2014 Mary Ann Rockey Deputy Program Executive Officer Defense Healthcare Management Systems Distribution
More informationHealth & Medical Billing System (RSystems)
Healthcare IT R Systems Expertise Overview- Healthcare IT Solutions & Services R Systems helps healthcare service providers deliver effective and timely care and comply with security compliances through
More informationImplementation Tools and Mitigating Financial Impact
ICD-10 Preparation Implementation Tools and Mitigating Financial Impact ICD-10 Preparedness Workshop Series Tuesday, April 2, 2013 John Behn, MPA Getting Started Appoint Steering Committee members Agree
More informationPRIVACY AND INFORMATION SECURITY WORKFORCE TRAINING
PRIVACY AND INFORMATION SECURITY WORKFORCE TRAINING PURPOSE The federal Health Insurance Portability and Accountability Act (referred to as HIPAA or the Privacy Rule ) requires that a covered entity must
More informationSURVEY QUESTIONNAIRE 2013 AHA ANNUAL SURVEY INFORMATION TECHNOLOGY SUPPLEMENT
2013 AHA ANNUAL SURVEY INFORMATION TECHNOLOGY SUPPLEMENT SURVEY QUESTIONNAIRE This survey instrument can be used to facilitate sales, planning and marketing activities. For example, consider current and
More informationSummary of the Proposed Rule for the Medicare and Medicaid Electronic Health Records (EHR) Incentive Program (Eligible Professionals only)
Summary of the Proposed Rule for the Medicare and Medicaid Electronic Health Records (EHR) Incentive Program (Eligible Professionals only) Background Enacted on February 17, 2009, the American Recovery
More informationRE: HIPAA Privacy Rule Accounting for Disclosures, RIN 0991-AB62
Submitted electronically at www.regulations.gov Ms. Susan McAndrew Deputy Director for Health Information Privacy Office for Civil Rights U.S. Department of Health and Human Services Hubert H. Humphrey
More informationursouthwestern Medical Center The University of Texas Southwestern Medical Center HIPAA Privacy Program Audit Internal Audit Report 15:20 July 6, 2015
ursouthwestern The University of Texas Southwestern Internal Audit Report 15:20 July 6, 2015 Table of Contents UT Southwestern I. Executive Summary Background/Scope and Objectives Conclusion 11. Detailed
More informationOptum Physician EMR Administration Module Setup Guide for Clinical Toolbar
Optum Physician EMR Administration Module Setup Guide for Clinical Toolbar Purpose of this Document This document is a guide through Optum Physician EMR s Practice, Clinical and Setup tabs in the Administration
More informationProtecting Patient Privacy It s Everyone s Responsibility
Protecting Patient Privacy It s Everyone s Responsibility Observation & Student Learning Packet 1. Read packet Instructions for Self-Study Module 2. Complete post-test. A score of 80% must be achieved.
More informationAMERICAN BURN ASSOCIATION BURN CENTER VERIFICATION REVIEW PROGRAM Verificatoin Criterea EFFECTIVE JANUARY 1, 2015. Criterion. Level (1 or 2) Number
Criterion AMERICAN BURN ASSOCIATION BURN CENTER VERIFICATION REVIEW PROGRAM Criterion Level (1 or 2) Number Criterion BURN CENTER ADMINISTRATION 1. The burn center hospital is currently accredited by The
More informationHIPAA Happenings in Hospital Systems. Donna J Brock, RHIT System HIM Audit & Privacy Coordinator
HIPAA Happenings in Hospital Systems Donna J Brock, RHIT System HIM Audit & Privacy Coordinator HIPAA Health Insurance Portability and Accountability Act of 1996 Title 1 Title II Title III Title IV Title
More informationHealthcare Connect Letter FCC 12-150 [HCF Consortium] Network Plan
Healthcare Connect Letter FCC 12-150 [HCF Consortium] Network Plan Consortium Background Marcus Daly Telemedicine Network (MDTN) The Marcus Daly Memorial Hospital Corporation (MDMHC), Hamilton, Montana
More informationRetiree Health Care Plan Benefits 2012 Enrollment Guide. Medical Coverage: Pre-Medicare Retirees
Retiree Health Care Plan Benefits 2012 Enrollment Guide Medical Coverage: Pre-Medicare Retirees You ll choose from four medical plans: Basic, Comprehensive, Health Reimbursement Arrangement (HRA) and Health
More informationDavid Liebovitz, MD CMIO, Northwestern Medical Faculty Foundation Carl Christensen CIO, Northwestern Medical Faculty Foundation
Strategies to Improve Problem List Management within Clinical EHR Workflow David Liebovitz, MD CMIO, Northwestern Medical Faculty Foundation Carl Christensen CIO, Northwestern Medical Faculty Foundation
More informationHIPAA Security Risk Analysis for Meaningful Use
HIPAA Security Risk Analysis for Meaningful Use NOTE: Make sure your computer speakers are turned ON. Audio will be streaming through your speakers. If you do not have computer speakers, call the ACCMA
More informationNursing Informatics Competencies:
Nursing Informatics Competencies: Weaving Computer & Information Literacy Skills into Organizational Support Structures & Processes Ruth Schleyer MSN, RN-BC, CPHIMS Colleen Burch RN MSN July 2007 Objectives
More informationCreating ereferral in Texas for Healthcare Systems Using NextGen as an EHR
ereferral Project Summary Please describe the purpose / goals for your ereferral project. Give a description of the health care provider/system, why/how they were selected, and other relevant information.
More informationSeries # Records Series Title Description Minimum Retention Disposition Notes and Citations
STATE AGENCIES RECORDS SCHEDULE S4: HEALTH RECORDS (Revised: 11/2010) STATE OF CONNECTICUT Connecticut State Library Office of the Public Administrator 231 Capitol Avenue, Hartford, CT 06106 www.cslib.org/publicrecords
More informationFEDERAL AND STATE BREACH NOTIFICATION LAWS FOR CALIFORNIA
APPENDIX PR 12-A FEDERAL AND STATE BREACH NOTIFICATION LAWS FOR CALIFORNIA LEGAL CITATION California Civil Code Section 1798.82 California Health and Safety (H&S) Code Section 1280.15 42 U.S.C. Section
More informationCerner s Approach to Interoperability:
Cerner s Approach to Interoperability: Enterprise Device Communication Health Information Exchange Network TM Introduction The seismic shift taking place in the health care industry has created an environment
More informationClinicalConnect EMR Download Training Guide
ClinicalConnect EMR Download Training Guide The information contained in this reference guide reflects upgrades in functionality as of February 17th, 2011 P a g e 2 Table of Contents About the EMR Download:...
More informationAccess to Electronic Health Records Policy Franciscan Health System
Access to Electronic Health Records Policy Franciscan Health System PURPOSE: The purpose of the Access to Electronic Health Records Policy ( EHR Policy ) is to establish processes and procedures for permitting
More informationHIPAA Notice of Privacy Practices
HIPAA Notice of Privacy Practices THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY. This Notice
More informationCoventry Health and Life Insurance Company PPO Schedule of Benefits
State(s) of Issue: Oklahoma PPO Plan: OI08C30050 30 Coventry Health and Life Insurance Company PPO Schedule of Benefits Covered Services Contract Year Deductible For All Eligible Expenses (unless otherwise
More informationHIPAA Myths. WEDI Member Town Hall. Chris Apgar, CISSP Apgar & Associates
HIPAA Myths WEDI Member Town Hall Chris Apgar, CISSP Apgar & Associates Overview Missed Regulatory Requirements Common HIPAA Privacy Myths Common HIPAA Security Myths Other Related Myths Finding the Right
More informationPrivacyPro ; A Key Component of Privacy Information Management Overview Whitepaper
PrivacyPro ; A Key Component of Privacy Information Management Overview Whitepaper This Whitepaper is the first of a series published by CompliancePro Solutions Founder Kelly McLendon, RHIA which will
More information