Key Factors to Develop HIPAA Policies and Procedures
Overview:
One of the major requirements of the health care organization to be HIPAA compliant is to develop and implement a set of HIPAA privacy and security policies and procedures. This can be a daunting task for those not knowing where to start and what a set of HIPAA privacy and security policies and procedures should look like. For the cost conscious health care organization, the HIPAA policies and procedures can have multiple uses: first, they can become a basis for training the health care organization workforce; second, they can be used as a basis for conducting a HIPAA self-assessment; and third, they can be used to demonstrate due diligence should there be a breach or an external HIPAA compliance audit.
In today's world it is not necessary that the health care organization spend significant funds to develop a set of HIPAA privacy and security policies and procedures from scratch. The health care organization can likely find templates on the internet that can be used as a starting point to customize HIPAA policies and procedures to be unique for the health care organization.
The preparation of a well-documented set of HIPAA policies and procedures needs to be addressed through the development of Privacy and Security policies and procedures that address each of the requirements shown in the HIPAA regulations as amended by the HITECH law and the final Omnibus Regulations. The process of developing the HIPAA privacy and security policies and procedures also provides a reference for the health care organization how to consider the security addressable and required regulation requirements.
Why should you attend: There are three situations where having a set of HIPAA policies and procedures are needed:
First, the policies and procedures become a good reference to ensure that all areas are addressed for becoming HIPAA compliant.
Second, the HIPAA regulations REQUIRE covered entities and business associates to have a set of policies and procedures directing the workforce to perform their tasks in a controlled environment.Having a set of policies and procedures is positive evidence of the health care organization exercising due diligence.
Third, if there is a breach, the health care organization needs to demonstrate that it has proactively implemented a comprehensive set of HIPAA policies and procedures to keep any penalties to a minimum
Areas Covered in the Session:
- What is a comprehensive set of HIPAA policy and procedures and why you need them
- What to look for in a set of HIPAA policy and procedures templates on the internet
- How to customize the set of HIPAA policies and procedures for the health care organization
- How to train the health care organization workforce in using the HIPAA policies and procedures
- How to use the HIPAA policies and procedures to perform a HIPAA assessment
Who Will Benefit:
- Health Care Organization ownership
- Office Management
- Work Staff
- Physicians
Speaker Profile
In working with health care organizations he has developed processes and procedures related to improving the provision of health care services, measuring the outcomes of those services and the addressing the impact of these factors on the reimbursement models. He has lead the effort for developing an ACO to serve Medicaid and Medicare beneficiaries and has presented this course as a reference for participants at a recent Healthcare Financial Management Association National Conference.