1
play

1 4 Resources for Privacy Professionals OCR Enforcement and - PDF document

Feb 16, 2023 •547 likes •610 views

Daniel J. Weissburg, JD, CHC Compliance & Privacy Officer University of Wisconsin Hospitals & Clinics 1 The views and opinions expressed in here today are mine alone. They may not be attributed to any entity with which I am

  1. Daniel J. Weissburg, JD, CHC Compliance & Privacy Officer University of Wisconsin Hospitals & Clinics 1  The views and opinions expressed in here today are mine alone. They may not be attributed to any entity with which I am presently or have previously been associated. 2  We are a room full of privacy professionals  Pragmatism is a job requirement  Collaboration is a way to learn from each other  From collaboration, “best practices” and “conventional wisdom” can emerge and evolve  Roundtable is today’s vehicle for collaboration  Lavish (yet fully compliant) prizes for those who demonstrate: ◦ Exemplary Pragmatism ◦ Exceptional Collaboration ◦ Otherwise jump in and participate 3 1

  2. 4  Resources for Privacy Professionals  OCR Enforcement and Settlements  Effectiveness of Privacy Compliance Program  Privacy Policies  Privacy Training  Data Security  Breach Issues  Issues Related to Business Associates and Other Vendors 5 Resources for Privacy Professionals HCCA-info.org HIPAACow.org hhs.gov/ocr 6 2

  3. OCR Enforcement and Settlements Massachusetts Eye and Ear Infirmary (Harvard) Corrective Action Plan http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/meei-agreement-pdf.pdf Halifax Hospital Medical Center Corporate Integrity Agreement http://oig.hhs.gov/fraud/cia/agreements/Halifax_Hospital_03102014.pdf 7 Effectiveness of Privacy Compliance Program OIG Compliance Program Guidance for Hospitals - Supplement http://oig.hhs.gov/fraud/docs/complianceguidance/012705Ho spSupplementalGuidance.pdf 8 Privacy Policies HIPAA COW Privacy Deliverables: http://hipaacow.org/resources/hipaa-cow-documents/privacy- security/ 9 3

  4. Privacy Training HealthIT.gov Privacy and Security training games: http://www.healthit.gov/providers-professionals/privacy-security- training-games HIPAA COW Privacy Training deliverables: http://hipaacow.org/resources/hipaa-cow-documents/privacy- security/ http://hipaacow.org/resources/hipaa-education/hipaa-101/ 10 Data Security NIST Computer Security Resource Center: http://csrc.nist.gov/publications/PubsSPs.html HealthIT.gov Security Risk Assessment: http://www.healthit.gov/providers- professionals/security-risk-assessment 11 Breach Issues OCR Breach Notification Rule: http://www.hhs.gov/ocr/privacy/hipaa/administrative/ breachnotificationrule/ HIPAA COW Breach Notification deliverables: http://hipaacow.org/resources/hipaa-cow- documents/privacy-security/ 12 4

  5. Issues Related to Business Associates and Other Vendors HHS.gov Sample BAA: http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/contractprov.html AMA Sample BAA: https://www.ama-assn.org/ama/pub/physician-resources/solutions-managing-your-practice/coding-billing- insurance/hipaahealth-insurance-portability-accountability-act.page HIPAA COW BAA deliverables: http://hipaacow.org/resources/hipaa-cow-documents/privacy-security/ http://hipaacow.org/resources/hipaa-education/hipaa-101/ 13 Thank you u for r your r part rtici icipation! on! Dani niel J. Weissbur urg, JD, CHC Compliance & Priva vacy y Officer Unive versity y of Wiscons nsin n Hospitals & Clini nics 14 5

Recommend

More recommend