HIPAA stands for Health Insurance Portability and Accountability Act. It sets the standards for sensitive patient data in the U.S. Staying compliant with HIPAA regulations is not just mandatory but vital for the ethical operations of any healthcare entity. Our course dives deep into the intricacies of HIPAA, with a specific focus on its Privacy Documentation Requirements.
The Federal Government published the final regulations implementing the “Health Information Technology for Economic and Clinical Health (HITECH) Act” on January 25, 2013.
This act was described by the head of the Office for Civil Rights (OCR) in the department of Health and Human Services (HHS), as the “OMNIBUS FINAL RULE“
Is characterized by the OCR as comprising “the most sweeping changes to the HIPAA Privacy and Security Rules since they were first implemented.”
GOALS: Have the health care professional acquire an understanding of their responsibilities to implement Security “Written Policies and Procedures”; Change the HIAA Notice of Privacy Practices to comply with the High Tec Act and Implement a Patient’s bill of Rights; Create a Breach Notification Policy; Implement a Breach Documentation and Notification Protocols and Procedures; Acquire New Business Associate Agreements from BA; Have ANNUAL Staff Training and Conduct Continuing Periodical Internal HIPAA Staff Training; Have appropriate Patients and Office Administrative forms to comply with all Policies and; Conduct an Independent Written IT Risk Assessment, which must be signed by a professional IT company.”
OBJECTIVE: To provide licensee with the tools to examine their practice to identify situations in which PHI is being compromised, according to the High Tech or Omnibus Rule, not according to what the practitioner feels “compromise is”, and have dentists recognize that they need to make changes either administrative or structurally, in order to comply with the Federal HIPAA Privacy Law, the High-tech Act and the State of Florida’s Privacy Law (FIPAA).
COMMENTS: The course is geared to highlight a complete understanding of terminology, legal responsibilities and required documentation, and the practice’s structural, electronic and security requirements to comply with both laws, which many time, are in contradiction with traditional and recommended dental practices’ layouts. The subject matter is provocative, as it makes licensees aware of their shortcomings, and the many challenges and risk management issues they need to address; however, they are presented with acceptable solutions and
alternatives.
List Of Required Hipaa Documentation:
- Written & signed professional it risk assessment
- Written privacy policies and procedures
- Employee acknowledgement receipt of policies and procedures
- Breach notification protocol
- Privacy officer job responsibilities outline
- Employees’ confidentiality agreement
- Notice of privacy practices
- Patient acknowledgement and consent forms
- Business associate agreements
- Patient authorization for use & disclosure of phi to 3rd parties
- Patient authorization for use & disclosure of phi for purposes req. By the practice
- Fax transmittal page
