1 4 Resources for Privacy Professionals OCR Enforcement and - - PDF document

1
SMART_READER_LITE
LIVE PREVIEW

1 4 Resources for Privacy Professionals OCR Enforcement and - - PDF document

Feb 16, 2023 547 likes •611 views

Daniel J. Weissburg, JD, CHC Compliance & Privacy Officer University of Wisconsin Hospitals & Clinics 1 The views and opinions expressed in here today are mine alone. They may not be attributed to any entity with which I am

slide-1
SLIDE 1

1

Daniel J. Weissburg, JD, CHC Compliance & Privacy Officer University of Wisconsin Hospitals & Clinics

1

 The views and opinions expressed

in here today are mine alone. They may not be attributed to any entity with which I am presently or have previously been associated.

2

 We are a room full of privacy professionals  Pragmatism is a job requirement  Collaboration is a way to learn from each other  From collaboration, “best practices” and

“conventional wisdom” can emerge and evolve

 Roundtable is today’s vehicle for collaboration  Lavish (yet fully compliant) prizes for those who

demonstrate:

  • Exemplary Pragmatism
  • Exceptional Collaboration
  • Otherwise jump in and participate

3

slide-2
SLIDE 2

2

4

 Resources for Privacy Professionals  OCR Enforcement and Settlements  Effectiveness of Privacy Compliance Program  Privacy Policies  Privacy Training  Data Security  Breach Issues  Issues Related to Business Associates and

Other Vendors

5

Resources for Privacy Professionals

HCCA-info.org HIPAACow.org hhs.gov/ocr

6

slide-3
SLIDE 3

3

OCR Enforcement and Settlements

Massachusetts Eye and Ear Infirmary (Harvard) Corrective Action Plan http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/meei-agreement-pdf.pdf Halifax Hospital Medical Center Corporate Integrity Agreement http://oig.hhs.gov/fraud/cia/agreements/Halifax_Hospital_03102014.pdf

7

Effectiveness of Privacy Compliance Program

OIG Compliance Program Guidance for Hospitals - Supplement http://oig.hhs.gov/fraud/docs/complianceguidance/012705Ho spSupplementalGuidance.pdf

8

Privacy Policies

9

HIPAA COW Privacy Deliverables: http://hipaacow.org/resources/hipaa-cow-documents/privacy- security/

slide-4
SLIDE 4

4

Privacy Training

10

HealthIT.gov Privacy and Security training games: http://www.healthit.gov/providers-professionals/privacy-security- training-games HIPAA COW Privacy Training deliverables: http://hipaacow.org/resources/hipaa-cow-documents/privacy- security/ http://hipaacow.org/resources/hipaa-education/hipaa-101/

Data Security

11

NIST Computer Security Resource Center: http://csrc.nist.gov/publications/PubsSPs.html HealthIT.gov Security Risk Assessment: http://www.healthit.gov/providers- professionals/security-risk-assessment

Breach Issues

12

OCR Breach Notification Rule: http://www.hhs.gov/ocr/privacy/hipaa/administrative/ breachnotificationrule/ HIPAA COW Breach Notification deliverables: http://hipaacow.org/resources/hipaa-cow- documents/privacy-security/

slide-5
SLIDE 5

5

Issues Related to Business Associates and Other Vendors

13

HHS.gov Sample BAA: http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/contractprov.html AMA Sample BAA: https://www.ama-assn.org/ama/pub/physician-resources/solutions-managing-your-practice/coding-billing- insurance/hipaahealth-insurance-portability-accountability-act.page HIPAA COW BAA deliverables: http://hipaacow.org/resources/hipaa-cow-documents/privacy-security/ http://hipaacow.org/resources/hipaa-education/hipaa-101/

Dani niel J. Weissbur urg, JD, CHC Compliance & Priva vacy y Officer Unive versity y of Wiscons nsin n Hospitals & Clini nics

14

Thank you u for r your r part rtici icipation!

  • n!