Lesson Three: False Claims Act and Health Insurance Portability and Accountability Act (HIPAA)
|
|
- Noel Houston
- 5 years ago
- Views:
Transcription
1 Lesson Three: False Claims Act and Health Insurance Portability and Accountability Act (HIPAA)
2 Introduction: Welcome to Honesty and Confidentiality Lesson Three: The False Claims Act is an important part of BAYADA s commitment to honesty. The Health Insurance Portability and Accountability Act, also known as (HIPAA), is what guides BAYADA s commitment to confidentiality. In this lesson we ll continue to focus on the laws that govern our work and our responsibilities as BAYADA employees. Our Objectives: At the end of this lesson you will be able to: Recognize the laws, regulations, standards, and policies that govern our work at BAYADA. Act in accordance with the False Claims Act and the Health Insurance Portability and Accountability Act We ll begin with the False Claims Act, our commitment to honesty. Created by LCD 2 BAYADA Home Health Care, 2017
3 The Federal False Claims Act: The Federal False Claims Act (31 USC ) helps the federal government combat fraud and recover losses resulting from fraud in federal programs, such as Medicare and Medicaid. What does it mean?: A person or entity violates the False Claims Act by knowingly: Submitting a false claim for payment Making or using a false record or statement to obtain payment for a false claim Conspiring to make a false claim or get one paid Making or using a false record to avoid payments owed to the government Concealing or improperly avoiding an obligation to pay the government Documenting and billing for visits not performed Documenting longer visit times than actually performed Continued Created by LCD 3 BAYADA Home Health Care, 2017
4 Knowingly means a person either has actual knowledge that the information is false, acts in deliberate ignorance of the truth or falsity of the information, or acts in reckless disregard of the truth or falsity of the information. Examples of Potential False Claims: Examples of potential false claims include: Billing for goods and services that were never delivered or rendered Performing inappropriate or unnecessary medical procedures to increase Medicare reimbursement Billing for work or tests not performed Double billing or charging more than once for the same goods or services Billing to increase revenue instead of billing to reflect actual work performed Forging physician signatures when required for reimbursement from Medicare or Medicaid Created by LCD 4 BAYADA Home Health Care, 2017
5 BAYADA s Non-Retaliation Policy: BAYADA promotes an environment that encourages all of us to seek clarification of issues and report questions and concerns. It is our duty and responsibility to report possible violations of our standards, guidelines, or policies. You will be protected from retaliation if you make a good-faith report, complaint, or inquiry. Do the Right Thing: Let s apply what we ve learned so far to a scenario. Mary is a billing clerk who has fallen behind with posting charges into the billing system. She doesn t want to work late so she rushes through her work to catch up. She knows she may have made some errors like listing inaccurate codes, but she turns a blind eye to them. Is this a problem? Yes Correct. Mary has violated policy, as well as the federal law. Mary has opened herself individually to prosecution for submitting a false claim. In addition, she has exposed BAYADA to criminal liability under the False Claims Act. No Oops, that is incorrect. Mary has violated policy, as well as the federal law. Mary has opened herself individually to prosecution for submitting a false claim. In addition, she has exposed BAYADA to criminal liability under the False Claims Act. Created by LCD 5 BAYADA Home Health Care, 2017
6 Next, we ll review the Health Insurance Portability and Accountability Act (HIPAA), and BAYADA s commitment to confidentiality. The Health Insurance Portability and Accountability Act (HIPAA) is federal legislation that includes rules to protect the privacy and confidentiality of client information. The medical condition and care-related information, specific to a client, is Protected Health Information or PHI. This includes all information about a client, whether written on paper, saved on a computer, or spoken aloud. The suite of HIPAA regulations include the Privacy Rule, which protects all forms of PHI; the Security Rule, which sets standards for the security of electronic PHI (ephi); and the Breach Notification Rule, which requires notification of a breach of PHI. A breach is an unauthorized disclosure of PHI. Client Protected Health Information (PHI) includes, but is not limited to: Client name Address Names of relatives Birth date address Photographs that identify a client or relative Everyone at BAYADA has a role to play in the privacy and security of PHI and confidential information - it is truly a shared responsibility. We all have health information and want it to be secure and private; RESPECT our client information as if it were YOUR OWN! Created by LCD 6 BAYADA Home Health Care, 2017
7 Privacy Rule: Communicate privately Protect client and confidential documents Communicate Privately: Office and Field Access and use only information that is necessary for your authorized job responsibilities. Do not share any client PHI or confidential information with anyone, in person or on the telephone, who does not need to know, including coworkers or personal acquaintances not involved in the client s care or treatment. Discussions about a client s PHI should be conducted as discreetly and privately as possible; use a soft voice and use minimal PHI during the conversation. De-identify the client. When appropriate, move to a private area, away from other people. How to de-identify: Use first name only. Use last initial only if needed to distinguish clients with common name. Created by LCD 7 BAYADA Home Health Care, 2017
8 Data Protection: Keep all client records secure and private at all times. When documents are on your desk or when transporting records, keep them in a place where others cannot see. It s important to note that there may be slight differences between how client Protected Health Information (PHI) is handled in an office versus the field. Office: Turn documents face down, place them in a drawer, or use a folder. When finished with client information, place in secured locked cabinets. Office: Always dispose of documents containing client PHI using a shredder or secure disposal vendor. Office/Field: Do not keep client records at home unless they are required for your job. Office/Field: Return ALL client records to the office when complete and no longer needed, including, but not limited to, all Activity Records, Nurse s Notes, or Therapy Notes for filing or proper disposal. Retaining client records for personal reasons is PROHIBITED. Created by LCD 8 BAYADA Home Health Care, 2017
9 Do the Right Thing Scenario: Read the statement in the scenario and choose the most correct answer. If a client s friend or neighbor calls an office or the client s home to ask a field employee about a clients health status or treatment: 1. It s okay to share with client verbal authorization. 2. It s okay to share as long as I don t give a diagnosis. 3. It s never okay to share. *Option 1 is the correct answer. Sharing any client Protected Health Information (PHI) with a friend, neighbor, or relative requires written or verbal authorization from the client or their power of attorney. Secure Computing: Communicating securely includes all forms of communication: , text, fax, telephone, photos, social media, and the internet. Created by LCD 9 BAYADA Home Health Care, 2017
10 Office employees may ONLY use BAYADA-provided accounts. Never send client Protected Health Information (PHI) to non-bayada accounts such as Gmail, Yahoo Mail, or Hotmail. If use of a personal service cannot be avoided: Office/Field: Use minimal information required; for example, de-identify the client by removing client Protected Health Information (PHI) or using first name only and last initial, if necessary. Office: We do not recommend that client records containing client Protected Health Information (PHI) be ed to field employees. If necessary, be sure to redact all client PHI (for example, name, address, and phone number) Office: When using your BAYADA account to send client Protected Health Information (PHI) to a non- BAYADA address, secure the by adding the word bayadasecure to the end of the subject line (this will encrypt the using our Zix platform). Once the recipient receives their first via Zix and follows the instructions, the recipient can respond and send future messages securely to BAYADA. Field: Do NOT print s or documents, unless necessary, that contain client Protected Health Information (PHI). If printing is necessary, leave any printed s or documents in the client s home or return to the office for proper disposal. Field: If you receive an from BAYADA s secure service (Zix), follow the instructions. This will register you to be able to receive the message. This will also provide the ability for you to send and receive future messages with BAYADA securely. Created by LCD 10 BAYADA Home Health Care, 2017
11 Text, Fax, and Telephone: Never communicate client Protected Health Information (PHI) via text message. Texting is not secure and not compliant with HIPAA standards, if sending client PHI that is not de-identified. When sending a fax, always use a cover sheet so information is covered at the receiving end. Be sure to verify the fax number before sending. NOTE: Office employees must use a BAYADA cover sheet with office information and BAYADA s confidentiality notice. Do not discuss client PHI with an unknown caller. If you do not recognize the caller, ask for identifying information or return the call to a number on file. Do not leave a voic or answering machine message that contains any client Protected Health Information (PHI) unless you have permission from the client. You cannot be sure who may listen to the message. Photos: Never take personal photos of a client, client s home, family, or friends with a mobile phone or camera. Only photos for medical purposes, at the request of a supervisor or physician, are permitted. To take authorized photos for care purposes: Use a secure BAYADA device if available If a personal device must be used, the photo should not show a client s face and the client s name should not be used when transmitting the photo. Use of a personal device to take photos of clinical records or timesheets that are not de-identified is NOT permitted. Created by LCD 11 BAYADA Home Health Care, 2017
12 Social Media and The Internet: When using social media, please ensure you do not share any client Protected Health Information (PHI) for example Facebook, Twitter, or LinkedIn. Forming personal relationships or conducting business through social media between clients or clients representatives when they are receiving care from BAYADA is NOT permitted per policy. When using a BAYADA computer or device remember: o Be cautious when using social media, , and surfing the internet. Do not open attachments, click links, or provide information to unknown sources. o It is critical to report any suspicious that you may have opened and accidentally clicked on a link or opened an attachment. o Field employees should immediately report any concerns to their supervisor. Office employees should immediately report any concerns to the IS office ( ). Do the Right Thing Scenario: In this scenario, one of your clients sends you a friend request on social media. Do you accept? 1. Yes 2. No Yes - INCORRECT! Forming personal relationships or conducting business through social media between clients or clients representatives when they are receiving care from BAYADA is NOT permitted per policy. No - CORRECT! Forming personal relationships or conducting business through social media between clients or client's representatives when they are receiving care from BAYADA is NOT permitted per policy. Created by LCD 12 BAYADA Home Health Care, 2017
13 Secure Use and Access of BAYADA Devices and Applications: Now that we ve covered communicating securely, let s move on to safeguarding your devices and storing information. Secure Your Devices: Position device screens, copiers, and fax machines in a position or place where information cannot be viewed by unauthorized individuals. Always lock or log off of your computer when you are away from your desk and at the end of the day. A best practice is to use Window-L to quickly hide/lock your screen. Always keep laptop/mobile/portable device physically secure to prevent theft and unauthorized access. All BAYADA-issued computers and devices MUST be returned to a BAYADA office for proper disposal. Created by LCD 13 BAYADA Home Health Care, 2017
14 Protect Your Password: Do not share your username and password with anyone. Keep your password private at all times. If you suspect your password has been compromised, immediately change your password and report the incident. For assistance with changing your password, please contact the IS Office ( ). It is critical to report a compromised password. Field employees should immediately report any concerns to their supervisor. Office employees should immediately report any concerns to the IS office ( ). Use BAYADA Provided Storage Only: Do not store client Protected Health Information (PHI) on personal equipment or in personal accounts. For example, do not store on personal laptop, mobile telephone, Google drive, Dropbox, portable media (USB drive) or cloud storage. Created by LCD 14 BAYADA Home Health Care, 2017
15 Great job! Reporting a Suspected Breach: A breach is an unauthorized use, disclosure, or loss of client Protected Health Information (PHI), even if it is inadvertent or unintentional. Created by LCD 15 BAYADA Home Health Care, 2017
16 Examples of Breaches: Examples of potential breaches include but are not limited to: Discussing or sharing a client s Protected Health Information (PHI) with someone not authorized Lost or stolen documents, computers, or devices that contain client Protected Health Information Improper disposal of documents, computers, or devices that contain client Protected Health Information (PHI) Posting client information on social media, such as Facebook, Twitter, or Instagram, even if removed right away Unauthorized access to documents, computers, or devices that contain client Protected Health Information (PHI) Sending client Protected Health Information via or text that has not been de-identified Leaving a message that contains client Protected Health Information (PHI) that is not authorized An or fax that contains client Protected Health Information (PHI) sent to the wrong address or telephone number Created by LCD 16 BAYADA Home Health Care, 2017
17 Report a Suspected Breach: Field employees should report a suspected breach immediately to their supervisor or via the BAYADA Hotline ( ). Office employees should follow BAYADA s incident reporting process. For serious incidents where a supervisor cannot be reached or an incident report cannot immediately be filed and help or support is needed, call Legal Services (LS) between 8:30 am and 7:30 pm EST Monday through Friday at or after hours and weekends at Do the Right Thing Scenario: Read the statement in the scenario and choose the most correct answer. I routinely store extra copies of my client s records at home. As long as I keep them in a locked file drawer, this is not a breach of HIPAA. 1. True 2. False *False. Return ALL client records to the office when complete and no longer needed including but not limited to all Activity Records, Nurse s Notes, or Therapy Notes to the office for filing or shredding. Do not keep client records at home unless they are required for your job. Retaining client records for personal reasons is PROHIBITED. Created by LCD 17 BAYADA Home Health Care, 2017
18 Do the Right Thing! While BAYADA does its part to safeguard information, privacy and security of client Protected Health Information (PHI) starts and ends with YOU! Understand and comply with BAYADA IT policies and best practices. Stay informed, read BAYADA IT Security Bulletin articles. Report any suspected breach. Always ask when you are not sure. Congratulations, you are ready to move on to Honesty and Confidentiality Lesson Four! Congratulations: Congratulations, you are ready to move on to Honesty and Confidentiality Lesson Four! Created by LCD 18 BAYADA Home Health Care, 2017
Compliance & HIPAA Annual Education
Compliance & HIPAA Annual Education 1 The purpose of this education is to UPDATE The purpose and of this education REFRESH is to UPDATE your and REFRESH understanding understanding of: of: Aultman s Compliance
More informationHIPAA Faux Pas. Lauren Gluck Physician s Computer Company User s Conference 2016
HIPAA Faux Pas Lauren Gluck Physician s Computer Company User s Conference 2016 Goals of this course Overview of HIPAA and Protected Health Information Define HIPAA s Minimum Necessary Rule Properly de-identifying
More informationHIPAA FOR BROKERS. revised 10/17
HIPAA FOR BROKERS revised 10/17 COURSE PURPOSE The purpose of this information is to help ensure that all Optima Health Brokers are prepared to protect the privacy and security of our members health information.
More informationHIPAA Privacy and Security. Rochelle Steimel, HIPAA Privacy Official Judy Smith, Staff Development January 2012
HIPAA Privacy and Security Rochelle Steimel, HIPAA Privacy Official Judy Smith, Staff Development January 2012 Goals and Objectives Course Goal: Can serve as annual HIPAA training for physician practice
More informationHIPAA. Developed by The University of Texas at Dallas Callier Center for Communication Disorders
HIPAA Developed by The University of Texas at Dallas Callier Center for Communication Disorders Purpose of this training Everyone with access to Protected Health Information (PHI) must comply with HIPAA
More informationHIPAA Privacy and Security Training Program
Note The following HIPAA training is intended for Vendors, Business Associates, Students, Pre Approved Shadowers, and Visitors. The following training module does not provide credit for annual training
More informationHIPAA Privacy & Security Training. HIPAA The Health Insurance Portability and Accountability Act of 1996
HIPAA Privacy & Security Training HIPAA The Health Insurance Portability and Accountability Act of 1996 AMTA confidentiality requirements AMTA Professional Competencies 20. Documentation 20.7 Demonstrate
More informationHIPAA Privacy & Security Training. Privacy and Security of Protected Health Information
HIPAA Privacy & Security Training Privacy and Security of Protected Health Information Course Competencies: This training module addresses the essential elements of maintaining the HIPAA Privacy and Security
More informationHIPAA UPDATE. Michael L. Brody, DPM
HIPAA UPDATE Michael L. Brody, DPM Objectives: How to respond to a patient s request for a copy of their records. Understand your responsibilities after you send information out to another doctor, hospital
More informationPreventing Breaches When Using , Telephone and Fax Machines
Preventing Breaches When Using E-mail, Telephone and Fax Machines Harley HIPAA Presented by the UAMS HIPAA Office, July 26, 2011 Breach Reporting When a use or disclosure occurs that is not allowed by
More informationEmployee Security Awareness Training Program
Employee Security Awareness Training Program Date: September 15, 2015 Version: 2015 1. Scope This Employee Security Awareness Training Program is designed to educate any InComm employee, independent contractor,
More informationHIPAA Federal Security Rule H I P A A
H I P A A HIPAA Federal Security Rule nsurance ortability ccountability ct of 1996 HIPAA Introduction - What is HIPAA? HIPAA = The Health Insurance Portability and Accountability Act A Federal Law Created
More informationFamily Medicine Residents HIPAA Highlights May 2016 Heather Schmiegelow, JD
Family Medicine Residents HIPAA Highlights May 2016 Heather Schmiegelow, JD The UAMS HIPAA Office Heather Schmiegelow, UAMS HIPAA Privacy Officer Stephen Cochran, UAMS Security Officer Sara Thompson, HIPAA
More informationElements of a Swift (and Effective) Response to a HIPAA Security Breach
Elements of a Swift (and Effective) Response to a HIPAA Security Breach Susan E. Ziel, RN BSN MPH JD Krieg DeVault LLP Past President, The American Association of Nurse Attorneys Disclaimer The information
More informationInformation Privacy and Security Training 2016 for Instructors and Students. Authored by: Office of HIPAA Administration
Information Privacy and Security Training 2016 for Instructors and Students Authored by: Office of HIPAA Administration Objectives After you finish this Computer-Based Learning (CBL) module, you should
More informationHIPAA: Health Insurance Portability & Accountability Act. Presented by the UAMS HIPAA Office August 2015
HIPAA: Health Insurance Portability & Accountability Act Presented by the UAMS HIPAA Office August 2015 HIPAA (not HIPPA) Is the Health Insurance Portability and Accountability Act. A federal law that
More informationInformation Privacy and Security Training Authored by: Office of HIPAA Administration
Information Privacy and Security Training 2018 Authored by: Office of HIPAA Administration Objectives After you finish this Computer-Based Learning (CBL) module, you should be able to: Define privacy practices
More informationBeam Technologies Inc. Privacy Policy
Beam Technologies Inc. Privacy Policy Introduction Beam Technologies Inc., Beam Dental Insurance Services LLC, Beam Insurance Administrators LLC, Beam Perks LLC, and Beam Insurance Services LLC, (collectively,
More informationHIPAA and Social Media and other PHI Safeguards. Presented by the UAMS HIPAA Office August 2016 William Dobbins
HIPAA and Social Media and other PHI Safeguards Presented by the UAMS HIPAA Office August 2016 William Dobbins Social Networking Let s Talk Facebook More than 1 billion users (TNW, 2014) Half of all adult
More informationWhat is HIPAA? The Health Insurance Portability and Accountability Act (HIPAA) was enacted in 1996.
HIPAA Training What is HIPAA? The Health Insurance Portability and Accountability Act (HIPAA) was enacted in 1996. It provides the ability to transfer and continue health insurance coverage for workers
More informationRed Flags/Identity Theft Prevention Policy: Purpose
Red Flags/Identity Theft Prevention Policy: 200.3 Purpose Employees and students depend on Morehouse College ( Morehouse ) to properly protect their personal non-public information, which is gathered and
More informationHIPAA and HIPAA Compliance with PHI/PII in Research
HIPAA and HIPAA Compliance with PHI/PII in Research HIPAA Compliance Federal Regulations-Enforced by Office of Civil Rights State Regulations-Texas Administrative Codes Institutional Policies-UTHSA HOPs/IRB
More informationCompliance A primer. Surveys indicate that 80% of the spend on IT security technology is driven by the need to comply with regulatory legislation.
Compliance A primer Surveys indicate that 80% of the spend on IT security technology is driven by the need to comply with regulatory legislation. The growth in the sharing of sensitive data combined with
More informationWASHINGTON UNIVERSITY HIPAA Privacy Policy # 7. Appropriate Methods of Communicating Protected Health Information
WASHINGTON UNIVERSITY HIPAA Privacy Policy # 7 Appropriate Methods of Communicating Protected Health Information Statement of Policy Washington University and its member organizations (collectively, Washington
More informationRed Flags Program. Purpose
Red Flags Program Purpose The purpose of this Red Flags Rules Program is to document the protocol adopted by the University of Memphis in compliance with the Red Flags Rules. Many offices at the University
More informationRETINAL CONSULTANTS OF ARIZONA, LTD. HIPAA NOTICE OF PRIVACY PRACTICES. Our Responsibilities. Our Uses and Disclosures
RETINAL CONSULTANTS OF ARIZONA, LTD. HIPAA NOTICE OF PRIVACY PRACTICES This notice describes how health information about you may be used and disclosed and how you can get access to this information. Please
More informationSample BYOD Policy. Copyright 2015, PWW Media, Inc. All Rights Reserved. Duplication, Reproduction or Distribution by Any Means Prohibited.
Sample BYOD Policy Copyright 2015, PWW Media, Inc. All Rights Reserved. Duplication, Reproduction or Distribution by Any Means Prohibited. SAMPLE BRING YOUR OWN DEVICE POLICY TERMS OF USE This Sample Bring
More informationInformation Technology Standards
Information Technology Standards IT Standard Issued: 9/16/2009 Supersedes: New Standard Mobile Device Security Responsible Executive: HSC CIO Responsible Office: HSC IT Contact: For questions about this
More informationHIPAA Omnibus Notice of Privacy Practices
HIPAA Omnibus Notice of Privacy Practices Revised 2013 Urological Associates of Bridgeport, PC 160 Hawley Lane, Suite 002, Trumbull, CT 06611 Tel: 203-375-3456 Fax: 203-375-4456 Effective as of April/14/2003
More informationHIPAA How to Comply with Limited Time & Resources. Jonathan Pantenburg, MHA, Senior Consultant August 17, 2017
HIPAA How to Comply with Limited Time & Resources Jonathan Pantenburg, MHA, Senior Consultant JPantenburg@Stroudwater.com August 17, 2017 Stroudwater Associates is a leading national healthcare consulting
More informationLifeWays Operating Procedures
07-02.08 EMAIL GUIDELINES AND REQUIREMENTS I. PURPOSE To define the security, privacy and professional standards and considerations regarding electronic mail communication. II. SCOPE This procedure covers
More informationSHS Annual Information Privacy and Security Training
SHS Annual Information Privacy and Security Training Purpose for Training Samaritan Health Services has created the following training to meet the annual regulatory requirements for education related to
More informationWHITE PAPER. HIPAA Breaches Continue to Rise: Avoid Becoming a Casualty
WHITE PAPER HIPAA Breaches Continue to Rise: Avoid Becoming a Casualty WHITE PAPER HIPAA Breaches Continue to Rise: Avoid Becoming a Casualty By Jill Brooks, MD, CHCO and Katelyn Byrne, BSN, RN Data Breaches
More informationecare Vault, Inc. Privacy Policy
ecare Vault, Inc. Privacy Policy This document was last updated on May 18, 2017. ecare Vault, Inc. owns and operates the website www.ecarevault.com ( the Site ). ecare Vault also develops, operates and
More informationFederal Breach Notification Decision Tree and Tools
Federal Breach Notification and Tools Disclaimer This document is copyright 2009 by the Long Term Care Consortium (LTCC). These materials may be reproduced and used only by long-term health care providers
More informationFor any questions regarding this notice call: Meredith Damboise, Privacy Officer , ext. 17
This notice describes how information about you may be used and disclosed and how you can get access to this information. Please review it carefully. For any questions regarding this notice call: Meredith
More informationData Compromise Notice Procedure Summary and Guide
Data Compromise Notice Procedure Summary and Guide Various federal and state laws require notification of the breach of security or compromise of personally identifiable data. No single federal law or
More informationMobile Application Privacy Policy
Mobile Application Privacy Policy Introduction This mobile application is hosted and operated on behalf of your health plan. As such, some information collected through the mobile application may be considered
More informationUniversity of Mississippi Medical Center Data Use Agreement Protected Health Information
Data Use Agreement Protected Health Information This Data Use Agreement ( DUA ) is effective on the day of, 20, ( Effective Date ) by and between (UMMC) ( Data Custodian ), and ( Recipient ), located at
More informationUTAH VALLEY UNIVERSITY Policies and Procedures
Page 1 of 5 POLICY TITLE Section Subsection Responsible Office Private Sensitive Information Facilities, Operations, and Information Technology Information Technology Office of the Vice President of Information
More informationLet s get started with the module Ensuring the Security of your Clients Data.
Welcome to Data Academy. Data Academy is a series of online training modules to help Ryan White Grantees be more proficient in collecting, storing, and sharing their data. Let s get started with the module
More informationHIPAA in 2017: Hot Topics You Can t Ignore. Danika Brinda, PhD, RHIA, CHPS, HCISPP March 16, 2017
HIPAA in 2017: Hot Topics You Can t Ignore Danika Brinda, PhD, RHIA, CHPS, HCISPP March 16, 2017 Breach Notification State Law Privacy Rule Authorizations Polices and Procedures The Truth Is Have created
More informationPRIVACY-SECURITY INCIDENT REPORT
SECTION I GENERAL INFORMATION Name of Staff Member Reporting Incident PRIVACY-SECURITY INCIDENT REPORT Telephone Number Email Address Division/Office/Facility Unit/Section Supervisor SECTION II PRIVACY
More informationMobile Device Policy. Augusta University Medical Center Policy Library. Policy Owner: Information Technology Support and Services
Augusta University Medical Center Policy Library Mobile Device Policy Policy Owner: Information Technology Support and Services POLICY STATEMENT Augusta University Medical Center (AUMC) discourages the
More informationTerms and Conditions 01 January 2016
Terms and Conditions 01 January 2016 thehealthsource: Terms and Conditions Page 1 of 7 This Agreement (the Agreement ) is entered into by and between thehealthsource (Pty) Ltd and the entity agreeing to
More informationYour Information. Your Rights. Our Responsibilities.
Notice of Privacy Practices Your Information. Your Rights. Our Responsibilities. This notice describes how medical information about you may be used and disclosed and how you can get access to this information.
More informationHIPAA & Privacy Compliance Update
HIPAA & Privacy Compliance Update Vermont Medical Society FREE Wednesday Webinar Series March 15, 2017 Anne Cramer and Shireen Hart Primmer Piper Eggleston & Cramer PC acramer@primmer.com shart@primmer.com
More informationHMIS (HOMELESS MANAGEMENT INFORMATION SYSTEM) SECURITY AWARENESS TRAINING. Created By:
HMIS (HOMELESS MANAGEMENT INFORMATION SYSTEM) SECURITY AWARENESS TRAINING Created By: Overview The purpose of this presentation is to emphasize the importance of security when using HMIS. Client information
More informationHIPAA Compliance Officer Training By HITECH Compliance Associates. Building a Culture of Compliance
HIPAA Compliance Officer Training By HITECH Compliance Associates Building a Culture of Compliance Your Instructor Is Michael McCoy Nationally Recognized HIPAA Expert » Nothing contained herein should
More informationSecurity and Privacy Breach Notification
Security and Privacy Breach Notification Version Approval Date Owner 1.1 May 17, 2017 Privacy Officer 1. Purpose To ensure that the HealthShare Exchange of Southeastern Pennsylvania, Inc. (HSX) maintains
More informationProtecting Your Gear, Your Work & Cal Poly
9/20/2016 1 Protecting Your Gear, Your Work & Cal Poly Information Security Office Shar i f Shar i f i, CI SSP, CRISC Kyle Gustafson, Information Security Analyst Jon Vasquez, Information Security Analyst
More informationFreedom of Information and Protection of Privacy (FOIPOP)
Freedom of Information and Protection of Privacy (FOIPOP) No.: 6700 PR1 Policy Reference: 6700 Category: FOIPOP Department Responsible: Records Management and Privacy Current Approved Date: 2008 Sep 30
More informationAcceptable Use Policy
Acceptable Use Policy POLICY 07.01.01 Effective Date: 01/01/2015 The following are responsible for the accuracy of the information contained in this document Responsible Policy Administrator Information
More informationDavid C. Marshall, Esq. PACAH 2017 Spring Conference April 27, 2017
David C. Marshall, Esq. PACAH 2017 Spring Conference April 27, 2017 Privacy and security of patient information held by health care providers remains a concern of the federal government. More resources
More informationPrivacy Impact Assessment (PIA) Tool
Privacy Impact Assessment (PIA) Tool 1 GENERAL Name of Public Body: PIA Drafter: Email/Contact: Program Manager: Email/Contact: Date (YYYY-MM-DD) In the following questions, delete the descriptive text
More informationHIPAA For Assisted Living WALA iii
Table of Contents The Wisconsin Assisted Living Association... ix Mission... ix Vision... ix Values... ix Acknowledgments... ix Who Should Use This Manual... x How to Use This Manual... x Updates and Forms...
More informationData Backup and Contingency Planning Procedure
HIPAA Security Procedure HIPAA made Easy Data Backup and Contingency Planning Procedure Please fill in date implemented and updates for your facility: Goal: This document will serve as our back-up storage
More informationPCA Staff guide: Information Security Code of Practice (ISCoP)
PCA Staff guide: Information Security Code of Practice (ISCoP) PCA Information Risk and Privacy Version 2015.1.0 December 2014 PCA Information Risk and Privacy Page 1 Introduction Prudential Corporation
More informationData Processing Agreement
In accordance with the European Parliament- and Council s Directive (EU) 2016/679 of 27th April 2016 (hereinafter GDPR) on the protection of physical persons in connection with the processing of personal
More information8 COMMON HIPAA COMPLIANCE ERRORS TO AVOID
Billing & Reimbursement Revenue Cycle Management 8 COMMON HIPAA COMPLIANCE ERRORS TO AVOID Billing and Reimbursement for Physician Offices, Ambulatory Surgery Centers and Hospitals Billings & Reimbursements
More informationORA HIPAA Security. All Affiliate Research Policy Subject: HIPAA Security File Under: For Researchers
All Affiliate Research Policy Subject: HIPAA File Under: For Researchers ORA HIPAA Issuing Department: Office of Research Administration Original Policy Date Page 1 of 5 Approved by: May 9,2005 Revision
More information2017_Privacy and Information Security_English_Content
2017_Privacy and Information Security_English_Content 2.3 Staff includes all permanent or temporary, full-time, part-time, casual or contract employees, trainees and volunteers, including but not limited
More informationRed Flag Policy and Identity Theft Prevention Program
Unified Government of Wyandotte County and Kansas City, Kansas Adopted: 5/11/2011 Red Flag Policy and Identity Theft Prevention Program Authority: The Mayor and the Board of Commissioners are responsible
More informationHIPAA Security Manual
2010 HIPAA Security Manual Revised with HITECH ACT Amendments Authored by J. Kevin West, Esq. 2010 HALL, FARLEY, OBERRECHT & BLANTON, P.A. DISCLAIMER This Manual is designed to set forth general policies
More informationFERPA & Student Data Communication Systems
FERPA & Student Data Ellevation is subject to the Family Educational Rights and Privacy Act (FERPA) as operating under the "school official" exception, wherein student directory and PII (Personal Identifying
More informationPrivacy Statement. Your privacy and trust are important to us and this Privacy Statement ( Statement ) provides important information
Privacy Statement Introduction Your privacy and trust are important to us and this Privacy Statement ( Statement ) provides important information about how IT Support (UK) Ltd handle personal information.
More informationCourse Objectives Identifying Personally Identifiable Information (PII) Safeguarding Procedures of PII Reporting PII Breaches Proper disposal of PII
Course Objectives Identifying Personally Identifiable Information (PII) Safeguarding Procedures of PII Reporting PII Breaches Proper disposal of PII References Privacy Act of 1974 DA PAM 25-51, Army Privacy
More informationBCN Telecom, Inc. Customer Proprietary Network Information Certification Accompanying Statement
BCN Telecom, Inc. Customer Proprietary Network Information Certification Accompanying Statement BCN TELECOM, INC. ( BCN" or "Company") has established practices and procedures adequate to ensure compliance
More informationFirst Federal Savings Bank of Mascoutah, IL Agreement and Disclosures
Agreement and Disclosures INTERNET BANKING TERMS AND CONDITIONS AGREEMENT This Agreement describes your rights and obligations as a user of the Online Banking Service and all other services made available
More informationSFDPH Annual Privacy and Data Security Training Module
SFDPH Annual Privacy and Data Security Training Module FY2017-2018 Office of Compliance and Privacy Affairs (OCPA) 1 Objectives By the end of this course you will demonstrate: 1. How HIPAA privacy rules
More informationPolicy and Procedure: SDM Guidance for HIPAA Business Associates
Policy and Procedure: SDM Guidance for HIPAA Business (Adapted from UPMC s Guidance for Business at http://www.upmc.com/aboutupmc/supplychainmanagement/documents/guidanceforbusinessassociates.pdf) Effective:
More informationNotice of Privacy Practices Page 1
Notice of Privacy Practices Page 1 Your Rights When it comes to your health information, you have certain rights. This section explains your rights and some of our responsibilities to help you. Get an
More informationName of Policy: Computer Use Policy
Page: Page 1 of 5 Director Approved By: Approval Date: Reason(s) for Change Responsible: Corporate Services Leadership April 22, Reflect current technology and practice Corporate Services Leadership Leadership
More informationEmployee Security Awareness Training
Employee Security Awareness Training September 2016 Purpose Employees have access to sensitive data through the work they perform for York. Examples of sensitive data include social security numbers, medical
More informationPlease print or type. Complete all areas of Agreement and Enrollment form, unless otherwise indicated.
Please complete the following Mississippi Medicaid Provider EDI Enrollment Packet. The package consists of the Conduent EDI Form, Mississippi EDI Provider Agreement and the Conduent EDI Gateway Inc., Trading
More informationLusitania Savings Bank Retail Internet Banking Terms and Conditions
Retail Internet Banking Terms and Conditions Internet Banking Terms and Conditions Agreement This Agreement describes your rights and obligations as a user of the On-line Banking Service ("Service" or
More informationCampus Health Your Information Your Rights Our Responsibilities
Notice of Privacy Practices Indiana University-Purdue University at Indianapolis Campus Health Your Information Your Rights Our Responsibilities This booklet describes how medical information about you
More informationCloud Communications for Healthcare
Cloud Communications for Healthcare Today, many powerful business communication challenges face everyone in the healthcare chain including clinics, hospitals, insurance providers and any other organization
More informationBanner Health Information Security and Privacy Training Team. Morgan Raimo Paul Lockwood
Banner Health Information Security and Privacy Training Team Morgan Raimo Paul Lockwood PHI Storage InfoGraphics PHI Data Storage and Sharing Cybersecurity and Privacy Training and Awareness Table of Contents
More informationHIPAA COMPLIANCE AND DATA PROTECTION Page 1
HIPAA COMPLIANCE AND DATA PROTECTION info@resultstechnology.com 877.435.8877 Page 1 CONTENTS Introduction..... 3 The HIPAA Security Rule... 4 The HIPAA Omnibus Rule... 6 HIPAA Compliance and RESULTS Cloud
More informationBYOD (Bring Your Own Device): Employee-owned Technology in the Workplace
BYOD (Bring Your Own Device): Employee-owned Technology in the Workplace MCHRMA Spring Conference April 4, 2014 PRESENTED BY: Sonya Guggemos MCIT Staff Counsel for Risk Control sguggemos@mcit.org The information
More informationHIPAA-HITECH: Privacy & Security Updates for 2015
South Atlantic Regional Annual Conference Orlando, FL February 6, 2015 1 HIPAA-HITECH: Privacy & Security Updates for 2015 Darrell W. Contreras, Esq., LHRM Gregory V. Kerr, CHPC, CHC Agenda 2 OCR On-Site
More informationInside the OCR Investigation/Audit Process 2018 PBI HEALTH LAW INSTITUTE TUESDAY, MARCH 13, 2017 GREGORY M. FLISZAR, J.D., PH.D.
Inside the OCR Investigation/Audit Process 2018 PBI HEALTH LAW INSTITUTE TUESDAY, MARCH 13, 2017 GREGORY M. FLISZAR, J.D., PH.D. HIPAA GENERAL RULE PHI may not be disclosed without patient authorization
More informationThe Lee Wiggins Childcare Centre E-SAFETY, PHOTOGRAPHY and VIDEO POLICY
Policy for the acceptable use of mobile phones and cameras by the staff of the Lee Wiggins Childcare Centre (LWCC) Mobile Phones In order to provide a safe environment for children, parents and staff we
More informationTechnology Workshop HIPAA Security Risk Assessment: What s Next? January 9, 2014
Technology Workshop HIPAA Security Risk Assessment: What s Next? January 9, 2014 Welcome! Thank you for joining us today. In today s call we ll cover the Security Assessment and next steps. If you want
More informationCritical HIPAA Privacy & Security Crossover Areas
Critical HIPAA Privacy & Security Crossover Areas Presented by HIPAA Solutions, LC Peter MacKoul, JD Senior Privacy SME Ken Hughes Senior Security SME HIPAA Solutions, LC 2016 1 Critical HIPAA Privacy
More informationElectronic Communication of Personal Health Information
Electronic Communication of Personal Health Information A presentation to the Porcupine Health Unit (Timmins, Ontario) May 11 th, 2017 Nicole Minutti, Health Policy Analyst Agenda 1. Protecting Privacy
More informationThe Relationship Between HIPAA Compliance and Business Associates
The Relationship Between HIPAA Compliance and Business Associates 1 HHS Wall of Shame 20% Involved Business Associates Based on HHS Breach Portal: Breaches Affecting 500 or More Individuals, Type of Breach
More informationSelf-Directed Learning: UPMC Privacy and Information Security Policies
Self-Directed Learning: UPMC Privacy and Information Security Policies 2017 1 Purpose This self-directed learning course was developed to promote awareness of key concepts from UPMC policies on Privacy
More informationNorth Carolina Health Information Exchange Authority. User Access Policy for NC HealthConnex
North Carolina Health Information Exchange Authority User Access Policy for NC HealthConnex North Carolina Health Information Exchange Authority User Access Policy for NC HealthConnex Introduction The
More informationACCEPTABLE USE POLICY
Great Lakes Energy Connections, Inc. Truestream ACCEPTABLE USE POLICY Contents OVERVIEW... 2 INTRODUCTION... 2 VIOLATION OF THIS ACCEPTABLE USE POLICY... 2 PROHIBITED USES AND ACTIVITIES... 2 CUSTOMER
More informationHIPAA Security and Privacy Policies & Procedures
Component of HIPAA Security Policy and Procedures Templates (Updated for HITECH) Total Cost: $495 Our HIPAA Security policy and procedures template suite have 71 policies and will save you at least 400
More informationRUTGERS POLICY. Section Title: Legacy UMDNJ policies associated with Information Technology
RUTGERS POLICY Section: 70.2.8 Section Title: Legacy UMDNJ policies associated with Information Technology Policy Name: Information Security: Acceptable Use Formerly Book: 95-01-09-05:00 Approval Authority:
More informationData Privacy Statement for myportal to go
Data Privacy Statement for myportal to go Contents 1. Scope... 2 2. Data Handled by Unify Through myportal to go... 2 3. Disclosure of Your Personal Data... 3 4. Accessing, Correcting and Deleting Your
More informationAudits Accounting of disclosures
Once more unto the breach Mastering HIPAA s data breach notification requirements September 20, 2011 Presented by: Kathy Kenady Senior Loss Prevention Representative Medical Insurance Exchange of California
More informationAre you in the correct place?
1 Are you in the correct place? This is a training module on the HIPAA Privacy and Security rules. Did you access this module through Mlearning? If yes: Continue with this module If not: If you are associated
More informationHIPAA & HITECH Training 2018
HIPAA & HITECH Training 2018 Welcome 2018 Compliance Training Section 1: HIPAA Privacy Section 2: HIPAA Security Section 3: HITECH Section 4: Reporting a Breach Section 5: Disciplinary Actions Section
More informationBenefit Tracker. User Manual
Benefit Tracker User Manual 2017 www.modahealth.com Revised 10/20/2017 Table of Contents Introduction Page 3 Benefit Tracker Overview Page 3 Security and Password Protection Page 3 Passwords Page 4 Getting
More informationSTATE OF NEW JERSEY. ASSEMBLY, No th LEGISLATURE. Sponsored by: Assemblywoman ANNETTE QUIJANO District 20 (Union)
ASSEMBLY, No. 0 STATE OF NEW JERSEY th LEGISLATURE INTRODUCED NOVEMBER 0, 0 Sponsored by: Assemblywoman ANNETTE QUIJANO District 0 (Union) SYNOPSIS Requires certain persons and business entities to maintain
More informationRed Flag Regulations
Red Flag Regulations Identity Theft Put In Context Overview of Topics Red Flag Regulations Overview How UM Protects Information What is the Student Workers role in identity theft prevention? What s this
More information