HOME | ABOUT US | CONTACT |

Assessing Your HIPAA Privacy and Security
Standards in Indian Country



Has your tribe kept up to date with the recent HIPAA changes? Most tribes are not currently compliant, and most do not realize they aren’t. With significant increases in penalties for violations, now it’s more important than ever that you understand and comply with HIPAA.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is the most significant body of health care legislation enacted since Medicare. HIPAA’s far-reaching provisions govern all health care entities that maintain or transmit protected health information in both paper and electronic format. While it may seem like a daunting task to become and/or remain compliant with all HIPAA regulations, compliance not only helps maintain privacy but also streamlines your organization’s operations.

HIPAA is an ongoing evolution of compliance activities that everyone, from receptionists to executives, must understand. The best way to keep your entire organization on the same page while streamlining processes is to have solid policies and procedures in place. They will ensure privacy, security, effective use of information systems technology and customer satisfaction and will help your organization avoid penalties.

During this hands-on class, we’ll review the Indian Health Service (IHS) HIPAA Privacy Requirements Checklist, which correlates requirements to policies, procedures and action items. We’ll also review the 2013 Omnibus Rule, including statutory changes under the HITECH Act, enacted as part of the American Recovery and Reinvestment Act of 2009, and the Genetic Information Nondiscrimination Act of 2008. And we’ll look at the final security rule requirements, how to comply and how to document why your organization may be exempt from a specific requirement. Then, using case studies and discussions, you’ll work with our expert instructor to assess your current practices and start revising your existing policies and procedures.

T O P I C S   I N C L U D E
Overview of HIPAA Standards
  • Legislation and intent
  • Rules and regulations
  • Impact on Indian Country
  • HIPAA compliance issues
HIPAA Privacy Standards
  • Managing electronic and paper records
  • Procedures for securing records properly
  • Controlling access
  • Multiple providers and information sharing
  • Contracting with outside providers
HIPAA Security Standards
  • Understanding security procedures
  • Required vs. addressable implementation specifications
  • Maintaining electronic records
Gap Analysis and IHS Forms
  • Assessing current systems and practices
  • Identifying gaps and problem areas
  • Value of the walk-through
  • New IHS-approved forms
  • Using IHS forms
HIPAA Privacy Requirements Checklist
  • Detailed matrix
  • Outline of HIPAA privacy standards, including:
    • Privacy of individually identifiable health information
    • Notice of privacy practices for protected health information
    • Access of individuals to protected health information
    • Accounting of disclosures of protected health information
  • Existing policies and procedures
Administrative Requirements
  • Roles and responsibilities of a privacy officer
  • Writing a scope of work
  • Consent and requirement standards
  • Authorization for use and disclosure standards
  • Minimizing risk of incidental disclosures
Additional Considerations
  • Using IHS technical support to meet electronic transfer standards
  • New IHS recommended policies
  • Use of policies as a model
  • Next steps for implementing change and achieving compliance
Focused Group Work
  • Your privacy and security policies and procedures
  • Possible discussion topics:
    • Administrative requirements
    • Scope of privacy officer’s duties
    • Consent requirement standards
    • Authorization for use and disclosure standards
    • Minimizing the risk of incidental disclosures
    • Physical safeguards
    • Technical security services
  • Identifying HIPAA-related problem areas in your policies and procedures
  • Brainstorming solutions and revisions to rectify problems and meet requirements
  • Possible discussion topics:
    • Psychotherapy note disclosure
    • Core elements of a valid authorization
    • Applying the HIPAA Privacy Requirements Checklist
REQUIRED! Bring your current HIPAA policies that are currently in place for hands-on exercises, case studies and discussion.

*Topics subject to change.

Click here to find out how you can bring a Falmouth Institute seminar to your location!
© Copyright 2012 | Terms of Use | Privacy Policy