California HIPAA Privacy Implementation Survey: Appendix A. Stakeholder Interviews
|
|
- Noel Lindsey
- 5 years ago
- Views:
Transcription
1 California HIPAA Privacy Implementation Survey: Appendix A. Stakeholder Interviews Prepared for the California HealthCare Foundation Prepared by National Committee for Quality Assurance and Georgetown University Health Privacy Project April 2002
2 Appendix A. Stakeholder Interviews Prior to developing a finalized HIPAA survey for this project, an independent survey research firm conducted a series of stakeholder interviews. The purpose of these interviews was to obtain a general sense of what the actual and perceived barriers are to implementation of the HIPAA privacy rule from those who are and will be directly affected. The NCQA and The Health Privacy Project at Georgetown University chose the stakeholders judgmentally as those who would be familiar with the issues surrounding implementation of the HIPAA privacy rule. Not all stakeholders that were chosen were interviewed due to the time constraints of the project and stakeholders non-compliance. Using a pre-determined script (Attachment I), developed by the research firm, NCQA and The Health Privacy Project at Georgetown University, a total of seven stakeholders were interviewed. The results of the calls identified some main themes that were included in the generation of the final survey. The main themes are: 1. Training for HIPAA will be costly and time consuming; 2. California state law already has strict regulations regarding privacy so that HIPAA will not drastically change most of the processes; 3. Lack of industry knowledge surrounding technology and its capabilities; 4. Specific Requirements (i.e. consent, minimum necessary, business associate, research) could use clarification. Detailed Summary of Results Potential Implementation Issue General Do you think guidance or modifications are needed with regards to HIPAA? Is guidance/ modification really the issue with HIPAA? If yes, where in the HIPAA regulations do you think more guidance should be given? If not, what is/are the issue(s)? Cost What do you think the cost of implementing the HIPAA regulations will be for your organization? Will there be offsetting financial benefits of implementing other sections of HIPAA, such as the transactions and code sets? Stakeholder Answers Accounting of disclosures. Yes, the privacy rule within larger organizations will be onerous. The solo/small group offices will be affected the most. California state requirements already have legal implications for security breaches. At a minimum the DHHS, should clarify the regulations. The savings are real, but distant. We will not benefit for a couple of years and there will be an ongoing expense associated with this. State law is already so strict, the cost of this implementation should not be prohibitive. Anticipate that it will cost $1,000 - $2,000 per doctor to train. Do not see any cost off-set by the transaction and code set regulation, since they are already submitting electronically. People - What staffing changes do you anticipate having to make to meet the policy requirements by the deadline and then complying with the regulations after the deadline? PMO s have already been established to distribute responsibility. Organizations may have trouble dedicating people to regulate HIPAA compliance. The Chief Medical Officer has the lead on HIPAA implementation. California HIPAA Privacy Implementation Survey/California HealthCare Foundation 2
3 Potential Implementation Issue Process Do you think you will need to change the processes within your organization (i.e. the way information travels, employee behavior) in order to comply with HIPAA? Why? Is one of the issues time? What are the other process issues? Do you envision any difficulties doing this? Training - Do you think that you will be able to effectively train all of your employees on the regulations? Do you envision any difficulties doing this? Technology Do the regulations provide adequate guidelines for information technology developers? Can the regulations, such as confidential communications, be implemented with available tools and technologies? Do the regulations support current efforts to automate processes and transactions, e.g. electronic signatures on consent forms? Consent - Are the regulation s current consent requirements workable? What are some of the specifics issues/ barriers/problems you see with the consent requirements?? Do you think that the consent requirements may limit the flow of information needed to assess health care quality? Stakeholder Answers For small offices, the doctor will become the privacy official. The Medical Director is taking the lead with at least another FTE and additional data systems staff. California already has strict privacy laws. Most organizations are already in compliance. It is always difficult to change people s behavior. There is a tough state law, so everybody is meeting the requirements already. Have already been doing so much to plan ahead. Thought about manpower, resources, re-evaluating all past policies and procedures. Doctor s offices will have a problem writing/maintaining all of the policies needed for HIPAA. This will be a resource issue. It may be smart to piggy back this type of training off of Sexual Harassment training. The small offices will be looking to the professional organizations to guide them. Already planning the training but this is a large undertaking. Training center accommodates five at a time and there are over 300 doctors in the group. [HIPAA] Regulations will be a reason to delay moving towards technology. The regulations will make technology development less problematic. Believe that current technology can support confidential communications. There is an internet barrier. People think that everything on the internet is wide-open. [They think that] will not be able to use the internet anymore. Doctor s do not have internet security. No upgrades or system changes have to be made. The current consent requirements are workable. That is a good question. It will be interesting to see what people say. Yes, consent requirements may limit the flow of information needed to assess health care quality. The new [Consent] requirements will create confusion for doctors uncertain as to what is required and how you will know if you are in compliance. In time, [Consent] will be workable. California HIPAA Privacy Implementation Survey/California HealthCare Foundation 3
4 Potential Implementation Issue Minimum Necessary Does the minimum necessary rule achieve its intended purpose? Are there unintended consequences? What are they? Do you think Minimum Necessary may limit the flow of information needed to deliver, pay for, and assess health care quality? Research Does the regulation adequately distinguish research and health care operations? Are the guidelines clear for what process providers should follow when determining whether they can or cannot participate in quality measurement activities under HIPAA? Does the rule create significant barriers to researcher access to patient data, or does the rule impose needed procedural safeguards? Stakeholder Answers This will be a nightmare for referring physicians. Its onerous and I do not see the point. The unintended consequence is that this will drive up cost of compliance. It is too reliant on personal judgment Creates tendency to develop overkill and can create unnecessary complexity. This is the easiest part of it. Doctors already do this. Now, it is a documentation process but it won t hurt much. My concern is that research will be cut off. This will thwart clinical research. Local doctors will not participate in studies, like breast cancer studies. Regulations must be simplified and made more logical. Don t deal much with research but it will be increasingly difficult to enroll patients in disease management programs. It is not so good now but HIPAA will make things worse. Additional Comments: Fear that health plans will no longer contract with disease management organizations because they will think that transmitting PHI will be breaking the law. More education is needed on consent and disease management entities need to be defined under HIPAA. Transaction rule is the best aspect of HIPAA. HIPAA is more of an administrative exercise then an exercise of value. The strategy should be made simpler. Please rank the top barriers of implementation: Minimum Necessary; Business Associates; Intersect between state and federal regulations. Perception that you will be unable to use the internet; Research; Training; Compliance / Quality Assurance; Doctor education around the issues. Policy and procedure development; Resource use and cost. Design of office plan; Training requirements; Was not a collaborative approach between legislation and delivery system. Information exchange between doctors, patients and research; Technology; Training; Quality Assurance; Implementation of the rest of the regulations. California HIPAA Privacy Implementation Survey/California HealthCare Foundation 4
5 Stakeholder Interview Script Preliminary Stakeholder Interviews Draft Agenda Date: Time: Our firm was hired by the National Committee for Quality Assurance (NCQA) in order to assist in the development and execution of a survey for the California HealthCare Foundation. The survey s goal is to identify actual and perceived barriers to the implementation of the HIPAA privacy regulation. The president of the NCQA, and the project director of the Georgetown University Health Privacy Project, have identified you as an individual who might be able to give us some insight into the actual and perceived barriers so that we can develop a focused survey. We are looking to you to help identify key survey topics and also assist in identifying potential survey respondents. Your participation will be kept confidential and only those participating in the development of the survey will have access to your responses. I know that this is a busy time of the year so; I would like to thank you in advance for your time. I anticipate that this interview will take between 30 and 40 minutes. The meeting agenda will be as follows: Background / Roles Key Issues surrounding HIPAA Survey Respondent Identification Wrap-Up Background / Roles We were was chosen to aid the NCQA in developing a survey that would identify areas of the HIPAA privacy regulation where guidance or modifications may be needed to clarify and interpret sections of the rule. The results of this survey will be shared with the Department of Health and Human Services in order to help them understand any issues identified The survey will be a telephone survey that will take under California HIPAA Privacy Implementation Survey/California HealthCare Foundation 5
6 an hour and consist of 20 to 25 closed-ended questions with one or two open ended questions. The survey respondents will be healthcare entities of various types that operate (in some fashion) in the state of California. Our next step will be to ask you some open-ended questions to get some of your thoughts with regard to HIPAA. Please excuse me if there are pauses after you respond to our questions, as I will be attempting to take detailed notes. Key Issues surrounding HIPAA Do you think guidance or modifications are needed with regards to HIPAA? Is guidance/ modification really the issue with HIPAA? If yes, where in the HIPAA regulations do you think more guidance should be given? If not, what is/are the issue(s)? The following issues are those that the development team thinks may be perceived as barriers to HIPAA implementation; Cost, People, Process Redesign, Training, Technology Constraints, Unclear Regulations. As we review these, please provide feedback as to whether you think that these may also be real barriers to the healthcare community: Cost What do you think the cost of implementing the HIPAA regulations will be for your organization? Will there be offsetting financial benefits of implementing other sections of HIPAA, such as the transactions and code sets? People - What staffing changes do you anticipate having to make to meet the policy requirements by the deadline and then complying with the regulations after the deadline? California HIPAA Privacy Implementation Survey/California HealthCare Foundation 6
7 Process Do you think you will need to change the processes within your organization (i.e., the way information travels, employee behavior) in order to comply with HIPAA? Why? Is one of the issues time? What are the other process issues? Do you envision any difficulties doing this? Training - Do you think that you will be able to effectively train all of your employees on the regulations? Do you envision any difficulties doing this? Technology Do the regulations provide adequate guidelines for information technology developers? Can the regulations, such as confidential communications, be implemented with available tools and technologies? Do the regulations support current efforts to automate processes and transactions; e.g., electronic signatures on consent forms? Unclear Regulations - CHCF has identified the following three categories as key issues where the language may need clarification within the HIPAA regulation. Please provide feedback as to whether you also think that these topics may need some clarification or modification: Consent - Are the regulation s current consent requirements workable? What are some of the specifics issues/ barriers/problems you see with the consent requirements?? Do you think that the consent requirements may limit the flow of information needed to assess health care quality? Minimum Necessary Does the minimum necessary rule achieve its intended purpose? Are there unintended consequences? What are they? Do you think Minimum Necessary may limit the flow of information needed to deliver, pay for, and assess health care quality? Research Does the regulation adequately distinguish research and health care operations? Are the guidelines clear for what process providers should follow when determining whether they can or cannot participate in quality measurement activities under HIPAA? Does the rule create significant barriers to researcher access to patient data, or does the rule impose needed procedural safeguards? Of the barriers / key issues identified above, what do you think are the most significant? Please rank the top five. California HIPAA Privacy Implementation Survey/California HealthCare Foundation 7
8 Respondent Identification Our goal is to survey between 75 and 100 healthcare organizations. We are limiting our survey to respondents representing hospitals, health plans, physician organizations, disease management companies, and researchers. After having spoken with us to gain an understanding of the survey objective, who do you feel would be appropriate to respond to the survey? One of the most challenging parts of this survey is to identify whom the correct person to respond within an organization. Identifying the correct individual would help us get more meaningful data therefore, as much detail on the respondents you give us would be appreciated (i.e. name, title, telephone number). Wrap-Up I would like to thank you for taking the time to help us develop our survey topics and questions. The information that you have provided us is central in helping us to achieve our goal. Once we have finished conducting our survey, NCQA will compile and analyze the information and send it to the California Healthcare Foundation for their publication. Once again, I would like to ensure you that your responses will not be tied to you or your organization in the final survey results. If you think of additional information after the call that may be useful to us, please feel free to call me at. California HIPAA Privacy Implementation Survey/California HealthCare Foundation 8
9 California HIPAA Privacy Implementation Survey: Appendix B. Questionnaire Prepared for the California HealthCare Foundation Prepared by National Committee for Quality Assurance and Georgetown University Health Privacy Project April 2002
10 Appendix B. California HIPAA Implementation Survey Questionnaire Hello, my name is. Our research group was hired by the National Committee for Quality Assurance (NCQA) and the Georgetown University Health Privacy Project to conduct a survey for the California HealthCare Foundation. The survey s goal is to obtain feedback on the impact of the HIPAA privacy regulation on your organization. Once we have finished conducting the survey, NCQA and Georgetown University Health Privacy Project will compile and analyze the results and prepare a report for publication by the California HealthCare Foundation. The results of this survey will be shared with the Department of Health and Human Services. In addition, as a participant in this survey, you will receive a copy of the final report. You have been identified as the individual within your organization who will be able to answer the survey questions on behalf of your organization. Your responses will be kept confidential. Only those administering the survey will have access to your responses. There will be a total of 20 closedended and 9 open-ended questions. I anticipate that this interview will take between 30 and 40 minutes, so thank you in advance for your time. What questions do you have at this time? These questions are scripted, so if at any time you need me to repeat a question or answer, please feel free to interrupt. Also, please excuse any pauses, as I will be taking detailed notes during this survey. California HIPAA Privacy Implementation Survey/California HealthCare Foundation 2
11 First, I would like to verify some demographic information. Please remember that your name will be kept confidential and your organization will not be publicly associated with its specific responses. Background Participant: Name: Position: Phone #: Name of Facility/Organization: Type of Facility/Organization: Hospital: Rural, Community, Academic Size: < 50 bed, 50 99, , > 300 Physician: Single Specialty Multi-specialty Size: < > 100 Payor: Type: Commercial Medicaid Medicare (Check all that apply) Researcher Disease Management Address of Facility/Organization Street 1: Street 2: City: State: Zip: California HIPAA Privacy Implementation Survey/California HealthCare Foundation 3
12 Questions 1. On a scale of 1 5, with 1 being Low and 5 being High, how would you rate your overall knowledge of the HIPAA privacy regulation? 1 = Low (only cursory awareness) 2 = 3 = Medium Have attended a HIPAA awareness seminar 4 = 5 = High Have read the HIPAA Regulations and Notice of Proposed Rule Making and attended training On a scale of 1 5, with 1 being least workable and 5 being most workable, how do you view the workability of the HIPAA Privacy Regulation s current consent requirements? 1 = Consent requirements are not workable 2 = 3 = Consent requirements are somewhat workable 4 = 5 = Consent requirements are very workable Don t Know 3. On a scale of 1 5, with 1 being will greatly limit and 5 being will greatly enhance how do you think the consent requirements will affect the flow of information needed to assess health care quality? 1 = Consent requirements will greatly limit the flow of information 2 = Consent requirements will somewhat limit the flow of information 3 = Consent requirements will have no affect on the flow of information 4 = Consent requirements will somewhat enhance the flow of information 5 = Consent requirements will greatly enhance the flow of information Don t Know California HIPAA Privacy Implementation Survey/California HealthCare Foundation 4
13 3a. (If answered 1 or 2 to question 3) In what way do you think that the consent requirement will limit the flow of information? 4. What do you deem useful and what are your concerns with the consent requirements? 5. On a scale of 1 5, with 1 being least workable and 5 being most workable, how do you view the workability of the HIPAA Privacy Regulation s current Minimum Necessary requirements? 1 = Minimum Necessary requirements are not workable 2 = 3 = Minimum Necessary requirements are somewhat workable 4 = 5 = Minimum Necessary requirements are very workable Don t Know California HIPAA Privacy Implementation Survey/California HealthCare Foundation 5
14 6. This will be a three-part question. On a scale of 1 5, with 1 being will greatly limit and 5 being will greatly enhance, how do you think the Minimum Necessary rule will affect the flow of information needed for each of the following: delivery, payment, and assessment of health care quality? Please use these choices for each of the following categories; delivery, payment and assessment: 1 = Minimum Necessary will greatly limit the flow of information 2 = Minimum Necessary will somewhat limit the flow of information 3 = Minimum Necessary will have no affect on the flow of information 4 = Minimum Necessary will somewhat enhance the flow of information 5 = Minimum Necessary will greatly enhance the flow of information Don t Know Delivery Payment Assessment 7. On a scale of 1-5, with 1 being No Impact and 5 being Significant Impact, to what degree will the regulations have an impact on whether or not providers can or cannot participate in quality measurement activities under HIPAA? 1 = No impact 2 = 3 = Minimal impact 4 = 5 = Significant impact Don t Know 8. This will be a three-part question. Do you believe that the regulations clearly define who your business associates are, what their responsibilities are and what provisions need to be included in the agreement? Yes No Don t Know Business Associates Responsibilities Agreement Provisions California HIPAA Privacy Implementation Survey/California HealthCare Foundation 6
15 8a. (If No to any part of question 8) Where do additional clarifications or modifications need to be given? 9. On a scale of 1 5, with 1 being small and 5 being large, what is the magnitude of the burden of implementing the Business Associate Agreement in terms of cost and time? 1 = Small burden 2 = 3 = Burden is neither small nor large 4 = 5 = Large burden Don t Know Cost Time 10. On a scale of 1 5, with 1 being regulations are unclear and 5 being regulations are very clear, does the regulation adequately distinguish between research and health care operations? 1 = The regulations are unclear between research and operations 2 = 3 = The regulations are neither clear nor unclear 4 = 5 = The regulations are clear between research and operations Don t Know 10a. (If answered 1 or 2 to question 10) Where do additional clarifications or modifications need to be given? California HIPAA Privacy Implementation Survey/California HealthCare Foundation 7
16 11. Are there additional areas in the HIPAA Privacy Regulation where you would like to see the Department of Health and Human Services provide additional clarification and/or modification? Yes No Don t Know 11a. (If Yes to question 11) Which component(s) of the Privacy Regulation would you like to see the Department of Health and Human Services provide additional clarification and/or modification? 12. Has your organization developed a strategy for HIPAA Privacy Regulation compliance? Yes No Don t Know 13. We are now ten months into a two-year compliance period. Which of the following has your organization completed toward the implementation of the HIPAA Privacy Regulation? (Check all that apply) Yes No Don t Know Developed a strategic plan Conducted Gap Assessment Developed Readiness Initiatives Completed Implementing Readiness Initiatives 14. Has your organization designated a Privacy Official as defined by HIPAA? Yes No Don t Know California HIPAA Privacy Implementation Survey/California HealthCare Foundation 8
17 14a. (If Yes to question 14) Has the Privacy Official identified the resources (people) within your organization that are needed to ready your organization for HIPAA compliance? Yes No Don t know 15. Which department in your organization has the lead on the HIPAA privacy implementation? 1 = Medical Records 2 = Information Technology 3 = Legal 4 = Operations 5 = Other, please specify: Don t Know 16. If and when do you anticipate the cost to comply with the Privacy regulations will be offset by the savings expected by implementing other components of the regulations (e.g., the Transaction and Code Set regulations)? (Check all that apply). Short Term (<1 year) Medium Term (3 5 years) Long Term (5 + years) No Savings Don t Know 17. Which of the following describes your organization s progress in regards to the budgeting and funding of your HIPAA efforts?(check the option that most applies to your organization). Not Budgeted Budgeted, but not yet funded Partially funded (e.g., cost to upgrade system and develop consent form, privacy notice and disclosure form) Fully Funded Not developing a HIPAA specific budget (e.g. will be included in individual department s budget) Don t Know California HIPAA Privacy Implementation Survey/California HealthCare Foundation 9
18 18. In which departments or areas of your organization will implementation of the HIPAA Privacy Regulation be most costly? Please provide the top three in descending order highest to lowest. 1. Area: 2. Area: 3. Area: 19. How does your organization plan to monitor compliance after the HIPAA Privacy regulation is in effect? 20. Have you identified those state laws that are preempted by and are not preempted by the HIPAA Privacy Regulation? Yes No Don t Know Preempt Do Not Preempt 20a. (If Yes to question 20) How are you analyzing and tracking state privacy law s interplay with HIPAA? California HIPAA Privacy Implementation Survey/California HealthCare Foundation 10
19 20b. (If No to question 20) How are you planning to analyze and track state privacy laws interplay with HIPAA? 21. On a scale of 1 5, with 1 being no guidelines and 5 being extensive guidelines, to what extent do the HIPAA Privacy regulations provide guidelines for information technology developers? 1 = No guidelines 2 = Few guidelines 3 = Adequate guidelines 4 = Several guidelines 5 = Extensive guidelines Don t Know 22. Can the following requirements be implemented with available tools and technologies? Yes Partially No Don t know Tracking Consent Revocations of Consent Limitations on Consent Accounting of Disclosure California HIPAA Privacy Implementation Survey/California HealthCare Foundation 11
20 23. What are the greatest benefits and/or challenges for your organization relating to the implementation of the HIPAA Privacy Regulation? This concludes the survey. Thank you for taking the time to participate. Once again, I would like to ensure you that your responses will not be tied to you or your organization in the final survey results. Thank you. Have a good day. California HIPAA Privacy Implementation Survey/California HealthCare Foundation 12
21 California HIPAA Privacy Implementation Survey: Appendix C. Survey Protocol Outcomes Prepared for the California HealthCare Foundation Prepared by National Committee for Quality Assurance and Georgetown University Health Privacy Project April 2002
22 Appendix C: Survey Protocol Outcomes 1) Response Rates Overall and by Group There were 420 organizations identified for the survey, out of which 416 were still in business at the time of the survey. These organizations were classified as Hospitals, Physician Groups, Payors, and Others (Disease Management Organizations, Researchers, and Other organizations believed to be impacted by HIPAA regulations). One hundred surveys out of the 416 were completed, yielding an overall response rate of 24% for the survey. The highest response rate by group was 70%, among respondents representing Payors (26 completed out of 37 attempted). Respondents representing Others had the second highest response rate at 32% (26 completed out of 81 attempted). Only 22% (29 out of 131 attempted) of the Hospitals in our sample completed the survey, and only 11% (19 out of 167 attempted) of Physician Groups in our sample completed the survey. 2) Reasons given by Non-Respondents Of non-respondents that could be reached, many provided reasons for not participating in the survey when asked. Twenty-four respondents stated that they did not believe their organization would be impacted by HIPAA regulations. Fifty percent of these responses were from Physician Group non-respondents, and 47% of these responses were from Disease Management organization non-respondents. Other common reasons given for non-participation were no time to do the survey or that the respondent doesn t do surveys. 3) Characteristics of Respondents Overall and by Group Despite the low response rates among Hospital respondents in this study, surveys completed by respondents representing Hospitals still constitute 29% of the total number of completed surveys, followed by Payors and Others (each 26% of total). Physician Groups constituted 19% of the total number of completed surveys. Hospitals represented in the sample tended to be large community hospitals. Of the 29 Hospitals, 18 (63%) were Community hospitals, 8 (27%) were Academic hospitals, and 3 (10%) were rural hospitals. Sixty-three percent of the Hospital respondents represented hospitals with 300 or more beds, 27% were from hospitals with 100 to 299 beds, 7% were from hospitals with 50 to 99 beds, and 3% were from hospitals with less than 50 beds. Physician Groups represented in the sample tended to be mostly multiple specialty groups with more than 100 physicians. Multiple specialty physician groups comprise 84% of Physician Group responses, while single specialty groups comprise 16% of Physician Group responses. 74% of Physician Group responses were from groups with a size greater than 100; 10% were from groups of 31 to 100 in size, and 16% of physician responses were from groups with less than 30 physicians. Fifty percent of Payors were either partially or exclusively Medicaid Payors, while 46% were either Commercial or Commercial and Medicare. Fifty percent of Other respondents represented Disease Management Organizations, and 46% were from Other organizations. Only 1 respondent was classified as Researcher. Twelve respondents classified as Other represented organizations such as: clearinghouses, corporate offices for a system of hospitals, employee benefit consulting firms, behavioral health care organizations, medical groups/medical management groups, and online companies. California HIPAA Implementation Survey/California HealthCare Foundation 2
23 California HIPAA Privacy Implementation Survey: Appendix D. Pie Charts Prepared for the California HealthCare Foundation Prepared by National Committee for Quality Assurance and Georgetown University Health Privacy Project April 2002
24 Appendix D. Pie charts with percentages of total valid responses for each closed-ended question California HIPAA Privacy Implementation Survey/California HealthCare Foundation 2
25 1. On a scale of 1 5, with 1 being Low and 5 being High, how would you rate your overall knowledge of the HIPAA privacy regulation? Total Response Percentage - By Response 1-Low 1% 2 3% 3-Medium 21% 5-High 37% 4 38% Percentage of Responses by Category Response Response #1 Response #2 Response #3 #4 Response #5 Hospital 0% 0% 10% 34% 55% Physician Group 5% 5% 26% 42% 21% Payor 0% 8% 35% 31% 27% Other 0% 0% 15% 46% 38% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 3
26 2. On a scale of 1 5, with 1 being least workable and 5 being most workable, how do you view the workability of the HIPAA Privacy Regulation s current consent requirements? Total Response Percentage - By Response 5-High 10% 1-Low 7% 2 13% 4 19% 3-Medium 51% Percentage of Responses by Category Response Response #1 Response #2 Response #3 #4 Response #5 Hospital 3% 7% 66% 14% 10% Physician Group 5% 16% 58% 21% 0% Payor 12% 20% 36% 16% 16% Other 8% 12% 42% 27% 12% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 4
27 3. On a scale of 1 5, with 1 being will greatly limit and 5 being will greatly enhance how do you think the consent requirements will affect the flow of information needed to assess health care quality? Total Response Percentage - By Response 4 9% 5-High 1% 1-Low 7% 3-Medium 32% 2 51% Percentage of Responses by Category Response #1 Response #2 Response #3 Response #4 Response #5 Hospital 4% 61% 18% 18% 0% Physician Group 5% 42% 42% 5% 5% Payor 4% 48% 44% 4% 0% Other 15% 50% 27% 8% 0% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 5
28 5. On a scale of 1 5, with 1 being least workable and 5 being most workable, how do you view the workability of the HIPAA Privacy Regulation s current Minimum Necessary requirements? Total Response Percentage - By Response 4 18% 5-High 5% 1-Low 4% 2 15% 3-Medium 58% Percentage of Responses by Category Response #1 Response #2 Response #3 Response #4 Response #5 Hospital 4% 14% 57% 18% 7% Physician Group 5% 11% 68% 11% 5% Payor 0% 22% 52% 22% 4% Other 8% 13% 54% 21% 4% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 6
29 6. This will be a three-part question. On a scale of 1 5, with 1 being will greatly limit and 5 being will greatly enhance, how do you think the Minimum Necessary rule will affect the flow of information needed for each of the following: delivery, payment, and assessment of health care quality? Delivery Total Response Percentage - By Response 4 9% 5-High 1% 1-Low 4% 2 41% 3-Medium 45% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 7
30 6. Payment Total Response Percentage - By Response 4 12% 5-High 4% 1-Low 4% 2 35% 3-Medium 45% Percentage of Responses by Category Response #1 Response #2 Response #3 Response #4 Response #5 Hospital 4% 19% 59% 15% 4% Physician Group 0% 56% 33% 6% 6% Payor 0% 58% 25% 13% 4% Other 14% 10% 57% 14% 5% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 8
31 6. Assessment Total Response Percentage - By Response 4 6% 5-High 2% 1-Low 9% 3-Medium 35% 2 48% Percentage of Responses by Category Response #1 Response #2 Response #3 Response #4 Response #5 Hospital 4% 36% 48% 12% 0% Physician Group 6% 61% 22% 0% 11% Payor 9% 50% 32% 9% 0% Other 17% 48% 35% 0% 0% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 9
32 7. On a scale of 1-5, with 1 being No Impact and 5 being Significant Impact, to what degree will the regulations have an impact on whether or not providers can or cannot participate in quality measurement activities under HIPAA? Total Response Percentage - By Response 5- High 8% 4 15% 1-Low 29% 3-Medium 26% 2 22% Percentage of Responses by Category Response Response #1 Response #2 Response #3 #4 Response #5 Hospital 50% 15% 27% 8% 0% Physician Group 18% 18% 29% 29% 6% Payor 14% 33% 29% 10% 14% Other 26% 22% 22% 17% 13% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 10
33 8. This will be a three-part question. Do you believe that the regulations clearly define who your business associates are, what their responsibilities are and what provisions need to be included in the agreement? Business Associates Total Response Percentage - By Response 2-No 35% 1 -Yes 65% Percentage of Responses by Category Response #1 Response #2 Hospital 69% 31% Physician Group 81% 19% Payor 50% 50% Other 64% 36% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 11
34 8- Responsibilities Total Response Percentage - By Percentage 2-No 37% 1-Yes 63% Percentage of Responses by Category Response #1 Response #2 Hospital 72% 28% Physician Group 78% 22% Payor 44% 56% Other 60% 40% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 12
35 8- Agreement Provisions Total Repsonse Percentage - By Response 2-No 38% 1 -Yes 62% Percentage of Responses by Category Response #1 Response #2 Hospital 74% 26% Physician Group 71% 29% Payor 50% 50% Other 54% 46% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 13
36 9. On a scale of 1 5, with 1 being small and 5 being large, what is the magnitude of the burden of implementing the Business Associate Agreement in terms of cost and time? Cost Total Response Percentage - By Response 5-High 25% 1-Low 7% 2 7% 3-Medium 32% 4 28% Percentage of Responses by Category Response #1 Response #2 Response #3 Response #4 Response #5 Hospital 4% 7% 30% 30% 30% Physician Group 5% 0% 26% 42% 26% Payor 12% 4% 32% 20% 32% Other 8% 17% 38% 25% 13% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 14
37 9-Time Total Response Percentage - By Response 1-Low 6% 2 4% 5-High 39% 3-Medium 18% 4 33% Percentage of Responses by Category Response Response #1 Response #2 Response #3 #4 Response #5 Hospital 4% 4% 7% 30% 56% Physician Group 5% 0% 11% 26% 58% Payor 8% 0% 28% 32% 32% Other 8% 13% 25% 42% 13% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 15
38 10. On a scale of 1 5, with 1 being regulations are unclear and 5 being regulations are very clear, does the regulation adequately distinguish between research and health care operations? Total Response Percentage - By Response 5-High 17% 1-Low 8% 2 10% 4 33% 3-Medium 32% Percentage of Responses by Category Response #1 Response #2 Response #3 Response #4 Response #5 Hospital 8% 17% 33% 33% 8% Physician Group 0% 15% 46% 15% 23% Payor 10% 5% 33% 38% 14% Other 10% 5% 20% 40% 25% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 16
39 11. Are there additional areas in the HIPAA Privacy Regulation where you would like to see the Department of Health and Human Services provide additional clarification and/or modification? Total Response Percentage - By Response 2-No 22% 1-Yes 78% Percentage of Responses by Category Response #1 Response #2 Hospital 96% 4% Physician Group 42% 58% Payor 79% 21% Other 76% 24% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 17
40 12. Has your organization developed a strategy for HIPAA Privacy Regulation compliance? Total Repsonse Percentage - By Response 2-No 14% 1-Yes 86% Percentage of Responses by Category Response #1 Response #2 Hospital 93% 7% Physician 78% 22% Payor 77% 23% Other 92% 8% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 18
41 13. We are now ten months into a two-year compliance period. Which of the following has your organization completed toward the implementation of the HIPAA Privacy Regulation? (Check all that apply) Developed a strategic plan Total Response Percentage - By Response 2-No 19% 1-Yes 81% Percentage of Responses by Category Response #1 Response #2 Hospital 96% 4% Physician Group 65% 35% Payor 77% 23% Other 80% 20% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 19
42 13-Conducted Gap Assessment Total Response Percentage - By Response 2-No 33% 1-Yes 67% Percentage of Responses by Category Response #1 Response #2 Hospital 75% 25% Physician Group 53% 47% Payor 69% 31% Other 65% 35% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 20
43 13-Developed Readiness Initiatives Total Response Percentage - By Response 2-No 48% 1-Yes 52% Percentage of Responses by Category Response #1 Response #2 Hospital 67% 33% Physician Group 35% 65% Payor 48% 52% Other 52% 48% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 21
44 13-Completed Implementing Readiness Initiatives Total Response Percentage - By Response 1-Yes 12% 2-No 83% Percentage of Responses by Category Response #1 Response #2 Hospital 4% 96% Physician Group 12% 88% Payor 8% 92% Other 24% 76% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 22
45 14. Has your organization designated a Privacy Official as defined by HIPAA? Total Response Percentage - By Response 2-No 23% 1-Yes 77% Percentage of Responses by Category Response #1 Response #2 Hospital 76% 24% Physician Group 65% 35% Payor 75% 25% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 23
46 14a. (If Yes to question 14) Has the Privacy Official identified the resources (people) within your organization that are needed to ready your organization for HIPAA compliance? Total Response Percentage - By Response 2 No 13% 1-Yes 87% Percentage of Responses by Category Response #1 Response #2 Hospital 100% 0% Physician Group 75% 25% Payor 79% 21% Other 86% 14% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 24
47 15. Which department in your organization has the lead on the HIPAA privacy implementation? Total Response Percentage - By Response 6-Other 28% 1-Compliance 27% 2-Medical Records 9% 5-Operations 13% 4-Legal 10% 3-Information Technology 13% Percentage of Responses by Category Response #1 Response #2 Response #3 Response #4 Response #5 Response #6 Hospital 46% 25% 4% 0% 11% 14% Physician Group 16% 11% 21% 5% 21% 26% Payor 23% 0% 8% 23% 15% 31% Other 16% 0% 24% 12% 8% 40% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 25
48 16. If and when do you anticipate the cost to comply with the Privacy regulations will be offset by the savings expected by implementing other components of the regulations (e.g., the Transaction and Code Set regulations)? (Check all that apply). Total Response Percentage - By Response 1-Short Term 4% 2-Medium Term 26% 4-No Savings 48% 3-Long Term 22% Percentage of Responses by Category Response #1 Response #2 Response #3 Response #4 Hospital 11% 26% 37% 26% Physician Group 6% 25% 6% 63% Payor 0% 31% 23% 46% Other 0% 25% 20% 55% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 26
49 17. Which of the following describes your organization s progress in regards to the budgeting and funding of your HIPAA efforts? (Check the option that most applies to your organization). Total Response Percentage - By Response 5-Not Developing 28% 1-Not Budgeted 18% 2-Bugeted Not Funded 6% 4-Fully Funded 21% 3-Partially Funded 27% Percentage of Responses by Category Response #1 Response #2 Response #3 Response #4 Response #5 Hospital 17% 14% 24% 24% 21% Physician Group 42% 11% 21% 5% 21% Payor 4% 0% 42% 29% 25% Other 13% 0% 21% 21% 46% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 27
50 20. Have you identified those state laws that are preempted by and are not preempted by the HIPAA Privacy Regulation? Preempt Total Response Percentage - By Response 2-No 56% 1-Yes 44% Percentage of Responses by Category Response #1 Response #2 Hospital 52% 48% Physician Group 38% 62% Payor 42% 58% Other 41% 59% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 28
51 20. Do Not Preempt Total Response Percentage - By Response 2-No 54% 1-Yes 46% Percentage of Responses by Category Response #1 Response #2 Hospital 56% 44% Physician Group 38% 62% Payor 43% 57% Other 43% 57% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 29
52 21. On a scale of 1 5, with 1 being no guidelines and 5 being extensive guidelines, to what extent do the HIPAA Privacy regulations provide guidelines for information technology developers? Total Response Percentage - By Response 4-High Guidelines 9% 1-No Guidelines 13% 3-Guidelines 29% 2-Low Guidelines 49% Percentage of Responses by Category Response #1 Response #2 Response #3 Response #4 Hospital 5% 48% 43% 5% Physician Group 6% 56% 31% 6% Payor 14% 43% 29% 14% Other 23% 55% 14% 9% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 30
53 22. Can the following requirements be implemented with available tools and technologies? Tracking Consent Total Response Percentage - By Response 3-No 21% 2-Partial 26% 1-Yes 53% Percentage of Responses by Category Response #1 Response #2 Response #3 Hospital 52% 28% 20% Physician Group 47% 20% 33% Payor 53% 32% 16% Other 61% 22% 17% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 31
54 22. Revocations of Consent Total Response Percentage - By Response 3-No 28% 1- Yes 45% 2-Partially 27% Percentage of Responses by Category Response #1 Response #2 Response #3 Hospital 44% 32% 24% Physician Group 47% 20% 33% Payor 39% 28% 33% Other 50% 25% 25% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 32
55 22. Limitations of Consent Total Response Percentage - By Response 3-No 35% 1- Yes 37% 2-Partially 28% Percentage of Responses by Category Response #1 Response #2 Response #3 Hospital 30% 39% 30% Physician Group 40% 27% 33% Payor 32% 21% 47% Other 45% 23% 32% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 33
56 22. Accounting of Disclosure Total Response Percentage - By Response 3-No 29% 1-Yes 43% 2-Partially 28% Percentage of Responses by Category Response #1 Response #2 Response #3 Hospital 44% 32% 24% Physician Group 33% 33% 33% Payor 43% 24% 33% Other 48% 24% 29% California HIPAA Privacy Implementation Survey/California HealthCare Foundation 34
57 California HIPAA Privacy Implementation Survey: Appendix E. Bar Charts Prepared for the California HealthCare Foundation Prepared by National Committee for Quality Assurance and Georgetown University Health Privacy Project April 2002
58 1. On a scale of 1 5, with 1 being Low and 5 being High, how would you rate your overall knowledge of the HIPAA privacy regulation? Number of Responses by Category Number of Response Hospital Physician Payor Other Type of Response California HIPAA Privacy Implementation Survey/California HealthCare Foundation 2
59 2. On a scale of 1 5, with 1 being least workable and 5 being most workable, how do you view the workability of the HIPAA Privacy Regulation s current consent requirements? Number of Responses by Category Number of Response Hospital Physician Payor Other Type of Response California HIPAA Privacy Implementation Survey/California HealthCare Foundation 3
60 3. On a scale of 1 5, with 1 being will greatly limit and 5 being will greatly enhance how do you think the consent requirements will affect the flow of information needed to assess health care quality? Number of Responses by Category Number of Response Hospital Physician Payor Other Type of Response 0 California HIPAA Privacy Implementation Survey/California HealthCare Foundation 4
61 5. On a scale of 1 5, with 1 being least workable and 5 being most workable, how do you view the workability of the HIPAA Privacy Regulation s current Minimum Necessary requirements? Number of Responses by Category Number of Response Hospital Physician Payor Other Type of Response California HIPAA Privacy Implementation Survey/California HealthCare Foundation 5
62 6. This will be a three-part question. On a scale of 1 5, with 1 being will greatly limit and 5 being will greatly enhance, how do you think the Minimum Necessary rule will affect the flow of information needed for each of the following: delivery, payment, and assessment of health care quality. Delivery Number of Responses by Category Number of Response Hospital Physician Payor Other Type of Response California HIPAA Privacy Implementation Survey/California HealthCare Foundation 6
63 6 Payment Number of Responses by Category Number of Response Hospital Physician Payor Other Type of Response California HIPAA Privacy Implementation Survey/California HealthCare Foundation 7
64 6. Assessment Number of Responses by Category Number of Response Hospital Physician Payor Other Type of Response California HIPAA Privacy Implementation Survey/California HealthCare Foundation 8
65 7. In a scale of 1-5, with 1 being No Impact and 5 being Significant Impact, to what degree will the regulations have an impact on whether or not providers can or cannot participate in quality measurement activities under HIPAA? Number of Responses by Category Number of Response Hospital Physician Payor Other Type of Response 0 California HIPAA Privacy Implementation Survey/California HealthCare Foundation 9
66 8. This will be a three-part question. Do you believe that the regulations clearly define who your business associates are, what their responsibilities are and what provisions need to be included in the agreement? Business Associates Number of Responses by Category Number of Response Hospital Physician Payor Other Type of Response California HIPAA Privacy Implementation Survey/California HealthCare Foundation 10
67 8- Responsibilities Number of Responses by Category Number of Response Hospital Physician Payor Other Type of Response California HIPAA Privacy Implementation Survey/California HealthCare Foundation 11
68 8- Agreement Provisions Number of Responses by Category Number of Response Hospital Physician Payor Other Type of Response California HIPAA Privacy Implementation Survey/California HealthCare Foundation 12
69 9. On a scale of 1 5, with 1 being small and 5 being large, what is the magnitude of the burden of implementing the Business Associate Agreement in terms of cost and time? Cost Number of Responses by Category Number of Response Hospital Physician Payor Other Type of Response California HIPAA Privacy Implementation Survey/California HealthCare Foundation 13
California HIPAA Privacy Implementation Survey
California HIPAA Privacy Implementation Survey Prepared for: California HealthCare Foundation Prepared by: National Committee for Quality Assurance and Georgetown University Health Privacy Project April
More informationAn Introduction to the HIPAA Privacy Rule. Prepared for
An Introduction to the HIPAA Privacy Rule Prepared for January 2005 An Introduction to the HIPAA Privacy Rule Prepared for Covering Kids & Families National Program Office Southern Institute on Children
More informationCompliance Program Updated August 2017
Compliance Program Updated August 2017 Table of Contents Section I. Purpose of the Compliance Program... 3 Section II. Elements of an Effective Compliance Program... 4 A. Written Policies and Procedures...
More informationHIPAA in DPH. HIPAA in the Division of Public Health. February 19, February 19, 2003 Division of Public Health 1
HIPAA in the Division of Public Health February 19, 2003 February 19, 2003 Division of Public Health 1 Handouts HIPAA Definitions AG Advisory Opinion - Definition of Health Plan DPH Coverage Determination
More informationFebruary 18, Re: Draft Trusted Exchange Framework and Common Agreement
Charles N. Kahn III President & CEO February 18, 2018 Electronically Submitted at exchangeframework@hhs.gov Donald Rucker, MD National Coordinator for Health Information Technology Department of Health
More informationThe HIPAA privacy rule and long-term care : a quick guide for researchers
Scripps Gerontology Center Scripps Gerontology Center Publications Miami University Year 2005 The HIPAA privacy rule and long-term care : a quick guide for researchers Jane Straker Patricia Faust Miami
More informationRe: CMS Code 3310-P. May 29, 2015
May 29, 2015 Centers for Medicare & Medicaid Services Department of Health and Human Services P.O. Box 8013 Baltimore, MD 21244-8013 Attention: CMS-3310-P Re: The Centers for Medicare Medicaid Services
More informationSan Francisco Department of Public Health Policy Title: HIPAA Compliance Privacy and the Conduct of Research Page 1 of 10
Page 1 of 10 TITLE: HIPAA COMPLIANCE: PRIVACY AND THE CONDUCT OF RESEARCH POLICY It is the policy of the San Francisco Department of Public Health (DPH) to maintain the privacy of Protected Health Information
More informationDO I NEED TO SUBMIT FOR THIS?... & OTHER FREQUENTLY ASKED QUESTIONS. March 2015 IRB Forum
DO I NEED TO SUBMIT FOR THIS?... & OTHER FREQUENTLY ASKED QUESTIONS March 2015 IRB Forum Topics Quality Assurance/Quality Improvement Projects Informed Consent- when is a waiver appropriate? Retrospective/Prospective
More informationHumana At Home-Star Member Talking Points
At Home-Star Member Talking Points What are the CMS Medicare Star Ratings? The Center for Medicare & Medicaid Services (CMS) is a federal agency that oversees Medicare & Medicaid, and is part of the Department
More informationRural Arizona Hospital Community Health Needs Assessment Status Report May 2013
Rural Arizona Hospital Community Health Needs Assessment Status Report May 2013 Prepared by Benjamin Brady In Collaboration with Joyce Hospodar CPH 594B Rural Health Policy and Management Practicum Mel
More informationHIPAA PRIVACY TRAINING
HIPAA PRIVACY TRAINING HIPAA Privacy Training Objective Present a general overview of HIPAA and define important terms Understand the purpose of HIPAA and the Privacy Rule Understand the term Protected
More informationSTANDARD ADMINISTRATIVE PROCEDURE
STANDARD ADMINISTRATIVE PROCEDURE 16.99.99.M0.21 Patient Request to Amend Personal Health Information Approved October 27, 2014 Next scheduled review: October 27, 2019 SAP Statement This procedure applies
More informationEmployers are essential partners in monitoring the practice
Innovation Canadian Nursing Supervisors Perceptions of Monitoring Discipline Orders: Opportunities for Regulator- Employer Collaboration Farah Ismail, MScN, LLB, RN, FRE, and Sean P. Clarke, PhD, RN, FAAN
More informationA GUIDE TO Understanding & Sharing Your Survey Results
A GUIDE TO Understanding & Sharing Your Survey Results Learning & al Development Table of Contents The 2017 UVA Health System Survey provides insight and awareness gained through team member feedback,
More informationAAHRPP Accreditation Procedures Approved April 22, Copyright AAHRPP. All rights reserved.
AAHRPP Accreditation Procedures Approved April 22, 2014 Copyright 2014-2002 AAHRPP. All rights reserved. TABLE OF CONTENTS The AAHRPP Accreditation Program... 3 Reaccreditation Procedures... 4 Accreditable
More informationWHAT IS HIPAA? HIPAA is the ELECTRONIC transmission of Three programs have been enacted to date Privacy Rule April 2004
Rev. 1/22/2010 HIPAA TRAINING WHAT IS HIPAA? Health Insurance Portability and Accountability Act HIPAA is the ELECTRONIC transmission of Three programs have been enacted to date Privacy Rule April 2004
More informationOAK HAMMOCK AT THE UNIVERSITY OF FLORIDA, INC. NOTICE OF PRIVACY PRACTICES. Privacy Office: (352) Effective Date: September 23, 2013
OAK HAMMOCK AT THE UNIVERSITY OF FLORIDA, INC. NOTICE OF PRIVACY PRACTICES Privacy Office: (352) 548-1142 Effective Date: September 23, 2013 THIS NOTICE DESCRIBES HOW PROTECTED HEALTH INFORMATION ABOUT
More informationRoom 505A, Humphrey Building, HHS, Washington, DC January 25, 2010
Statement of the National Community Pharmacists Association to the HIT Policy Committee Information Exchange Workgroup Hearing on Successes and Challenges Related to E-Prescribing Room 505A, Humphrey Building,
More informationWork of Internal Auditors
IFAC Board Final Pronouncements March 2012 International Standards on Auditing ISA 610 (Revised), Using the Work of Internal Auditors Conforming Amendments to Other ISAs The International Auditing and
More informationUNIVERSITY OF ROCHESTER MEDICAL CENTER BILLING COMPLIANCE PLAN
UNIVERSITY OF ROCHESTER MEDICAL CENTER BILLING COMPLIANCE PLAN Revised December 31, 1998 INTRODUCTION This plan is an integral part of the University s ongoing efforts to achieve compliance with federal
More informationA GUIDE TO Understanding & Sharing Your Survey Results. Organizational Development
A GUIDE TO Understanding & Sharing Your Survey Results al Development Table of Contents The 2018 UVA Health System Survey provides insight and awareness gained through team member feedback, which is used
More informationOverview of Key Policies and CMS Statements of Intent Regarding the Medicaid State Plan HCBS Benefits and HCBS Waiver Final Rule
January 16, 2014 Overview of Key Policies and CMS Statements of Intent Regarding the Medicaid State Plan HCBS Benefits and HCBS Waiver Final Rule On January 10, 2014, the Centers for Medicare and Medicaid
More informationWELCOME. Payment will be expected at the time of service. Please remember our 24 hour cancellation notice.
WELCOME Those of us at Crossroads Counseling want to thank you for choosing to work with us and we want to make your time with us as productive as possible. In order to expedite the intake process, please
More informationManaging employees include: Organizational structures include: Note:
Nursing Home Transparency Provisions in the Patient Protection and Affordable Care Act Compiled by NCCNHR: The National Consumer Voice for Quality Long-Term Care, April 2010 Part I Improving Transparency
More informationNOFA No MBI-01. Massachusetts Technology Collaborative 75 North Drive Westborough, MA
FLEXIBLE GRANT PROGRAM NOTICE OF FUNDING AVAILABILITY FOR INNOVATIVE APPROACHES TO PROVIDE BROADBAND SERVICE TO UNSERVED TOWNS IN WESTERN MASSACHUSETTS NOFA No. 2018-MBI-01 Massachusetts Technology Collaborative
More informationStudy Management PP STANDARD OPERATING PROCEDURE FOR Safeguarding Protected Health Information
PP-501.00 SOP For Safeguarding Protected Health Information Effective date of version: 01 April 2012 Study Management PP 501.00 STANDARD OPERATING PROCEDURE FOR Safeguarding Protected Health Information
More informationNOTICE OF PRIVACY PRACTICES
535 East 70th Street New York, NY 10021 (212) 606-1000 Specialists in Mobility NOTICE OF PRIVACY PRACTICES Effective Date: April 14, 2003 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE
More informationMedicaid EHR Incentive Program Survey of Registrants 2015 Summary of Findings
Medicaid EHR Incentive Program Survey of Registrants 2015 Summary of Findings INTRODUCTION Beginning in April 2012, providers that registered for the Michigan Department of Health and Human Services (MDHHS)
More informationChallenges for National Large Laboratories to Ensure Implementation of ELR Meaningful Use
White Paper Challenges for National Large Laboratories to Ensure Implementation of ELR Meaningful Use January, 2012 Developed by the Council of State and Territorial Epidemiologists (CSTE) and the Centers
More informationModule: Research and HIPAA Privacy Protections ( )
Module: Research and HIPAA Privacy Protections (7-18-11) HIPAA's protections focus on individually identifiable health information HIPAA defines identifiable health information as (1) any form or medium"
More informationNew York Notice Form Notice of Psychologists Policies and Practices to Protect the Privacy of Your Health Information
New York Notice Form Notice of Psychologists Policies and Practices to Protect the Privacy of Your Health Information THIS NOTICE DESCRIBES HOW PSYCHOLOGICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED
More informationREQUEST FOR PROPOSAL
REQUEST FOR PROPOSAL Regional Fiber Infrastructure Feasibility Study August 16, 2013 The Center for Rural Development 2292 South Hwy 27 Somerset, KY 42501 606-677-6000 The Center for Rural Development
More informationFebruary 21, Regional Directors Child Nutrition Programs All Regions. State Agency Directors All States
United States Department of Agriculture Food and Nutrition Service 3101 Park Center Drive Alexandria, VA 22302-1500 SUBJECT: TO: February 21, 2003 Implementation of Interim Rule: Monitor Staffing Standards
More informationKeeping Your Compliance Program in Pace with Rapidly Expanding TeleHealth Services
Keeping Your Compliance Program in Pace with Rapidly Expanding TeleHealth Services In April 1924, an imaginative cover for the magazine Radio News foreshadowed telemedicine in its depiction of a "radio
More informationAPPLICATION FOR RESEARCH REQUESTING AN IRB WAIVER OF CONSENT AND HIPAA AUTHORIZATION
FORM W/H-01 APPLICATION FOR RESEARCH REQUESTING AN IRB WAIVER OF CONSENT AND HIPAA AUTHORIZATION Research for which this form is appropriate generally involves only existing patient records or specimens.
More informationSupplemental materials for:
Supplemental materials for: Krist AH, Woolf SH, Bello GA, et al. Engaging primary care patients to use a patient-centered personal health record. Ann Fam Med. 2014;12(5):418-426. ONLINE APPENDIX. Impact
More informationCMS-0044-P; Proposed Rule: Medicare and Medicaid Programs; Electronic Health Record Incentive Program Stage 2
May 7, 2012 Submitted Electronically Ms. Marilyn Tavenner Acting Administrator Centers for Medicare and Medicaid Services Department of Health and Human Services Room 445-G, Hubert H. Humphrey Building
More informationTHE JOURNEY FROM PHI TO RHI: USING CLINICAL DATA IN RESEARCH
THE JOURNEY FROM PHI TO RHI: USING CLINICAL DATA IN RESEARCH Helenemarie Blake, Esq. Chief Privacy Officer, Interim Office of HIPAA & Privacy Security August 2016 SCENARIO You are putting a study together
More informationANDREW BROWN PARKS EAST AND WEST REDEVELOPMENT
REQUEST FOR QUALIFICATIONS PROFESSIONAL SERVICES CONTRACT INSTRUCTIONS SPECIFICATIONS BID SHEET(S) FOR ANDREW BROWN PARKS EAST AND WEST REDEVELOPMENT PER THE CITY OF COPPELL SPECIFICATIONS AT THE CITY
More informationMonitoring Medicaid Managed Care Organizations (MCOs) and Prepaid Inpatient Health Plans (PIHPs):
Monitoring Medicaid Managed Care Organizations (MCOs) and Prepaid Inpatient Health Plans (PIHPs): A protocol for determining compliance with Medicaid Managed Care Proposed Regulations at 42 CFR Parts 400,
More informationThe EU GDPR: Implications for U.S. Universities and Academic Medical Centers
The EU GDPR: Implications for U.S. Universities and Academic Medical Centers Mark Barnes February 21, 2018 Agenda Introduction Jurisdictional Scope of the GDPR Compared with the Directive Offering Goods
More information[Enter Organization Logo] CONSENT TO DISCLOSE HEALTH INFORMATION UNDER MINNESOTA LAW. Policy Number: [Enter] Effective Date: [Enter]
CONSENT TO DISCLOSE HEALTH INFORMATION UNDER MINNESOTA LAW I. Policy: Policy Number: [Enter] Effective Date: [Enter] A. Purpose This policy establishes consent requirements for the disclosure of health
More informationNeurosurgery Clinic Analysis: Increasing Patient Throughput and Enhancing Patient Experience
University of Michigan Health System Program and Operations Analysis Neurosurgery Clinic Analysis: Increasing Patient Throughput and Enhancing Patient Experience Final Report To: Stephen Napolitan, Assistant
More informationMDS 3.0 Section Q Implementation Questions and Answers from Informing LTC Choice conference and s June 7, 2010
MDS 3.0 Section Q Implementation Questions and Answers from Informing LTC Choice conference and emails June 7, 2010 DATA USE AGREEMENTS (DUA) 1. Do state agencies need a Data Use Agreement to implement
More informationERN Assessment Manual for Applicants 2. Technical Toolbox for Applicants
Share. Care. Cure. ERN Assessment Manual for Applicants 2. Technical Toolbox for Applicants An initiative of the Version 1.1 April 2016 1 History of changes Version Date Change Page 1.0 16.03.2016 Initial
More informationHIPAA Policies and Procedures Manual
UNIVERSITY of NORTH CAROLINA at CHAPEL HILL SCHOOL of NURSING HIPAA Policies and Procedures Manual November 2015 1 Table of Contents I. INTRODUCTION... 3 A. GENERAL POLICY... 3 B. SCOPE... 3 II. DEFINITIONS...
More informationAGENDA. 10:45 a.m. CT Attendees Sign On 11:00 a.m. CT Webinar 11:50 a.m. CT Questions and Answers
AGENDA 10:45 a.m. CT Attendees Sign On 11:00 a.m. CT Webinar 11:50 a.m. CT Questions and Answers Asking Questions Throughout the webinar, type your questions using the "send note" button at the top of
More informationDelegation Oversight 2016 Audit Tool Credentialing and Recredentialing
Att CRE - 216 Delegation Oversight 216 Audit Tool Review Date: A B C D E F 1 2 C3 R3 4 5 N/A N/A 6 7 8 9 N/A N/A AUDIT RESULTS CREDENTIALING ASSESSMENT ELEMENT COMPLIANCE SCORE CARD Medi-Cal Elements Medi-Cal
More informationApplication of Proposals in Emergency Situations
March 27, 2018 Alex Azar Secretary Department of Health and Human Services Hubert H. Humphrey Building Room 509F 200 Independence Avenue, SW. Washington, DC 20201 Re: RIN 0945-ZA03 Re: Protecting Statutory
More informationHealth Information Exchange 101. Your Introduction to HIE and It s Relevance to Senior Living
Health Information Exchange 101 Your Introduction to HIE and It s Relevance to Senior Living Objectives for Today Provide an introduction to Health Information Exchange Define a Health Information Exchange
More informationHIPAA Privacy Rule and Sharing Information Related to Mental Health
HIPAA Privacy Rule and Sharing Information Related to Mental Health Background The Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule provides consumers with important privacy rights
More informationMedicaid EHR Incentive Program Electronic Submission of Clinical Quality Measures Request for Information (RFI) RFI # DHCAA
RFI # 06212013 06/21/13 Medicaid EHR Incentive Program Electronic Submission of Clinical Quality Measures Request for Information (RFI) RFI # 06212013 DHCAA Issued by: The State of Wisconsin Department
More informationISDN. Over the past few years, the Office of the Inspector General. Assisting Network Members Develop and Implement Corporate Compliance Programs
Information Bulletin #7 ISDN National Association of Community Health Centers, Inc. INTEGRATED SERVICES DELIVERY NETWORKS SERIES For more information contact Jacqueline C. Leifer, Esq. or Marcie H. Zakheim,
More informationMulti-Year Accessibility Action Plan
VICTORIAN ORDER OF NURSES FOR CANADA ONTARIO BRANCH Multi-Year Accessibility Action Plan 2014-2017 In accordance with the Accessibility for Ontarians with Disabilities Act (AODA) and the Integrated Accessibility
More informationNOTICE OF PRIVACY PRACTICES
NOTICE OF PRIVACY PRACTICES This notice describes how Pine Creek Medical Center may use and disclose your medical information, and how you may access this information. Please read through and review it
More informationMDS 3.0 Section Q Implementation Questions and Answers from Informing LTC Choice conference and s September 22, 2010
MDS 3.0 Section Q Implementation Questions and Answers from Informing LTC Choice conference and emails September 22, 2010 DATA USE AGREEMENTS (DUA) 1. Do state agencies need a Data Use Agreement to implement
More informationNotice of HIPAA Privacy Practices Updates
Notice of HIPAA Privacy Practices Updates The following is a summary of the updates to the privacy notice for Meridian Hospitals Corporation, Meridian Home Care Services, Inc., Meridian Nursing & Rehabilitation,
More informationOREGON HIPAA NOTICE FORM
MARCIA JOHNSTON WOOD, Ph.D. Clinical Psychologist 5441 SW Macadam, #104, Portland, OR 97239 Phone (503) 248-4511/ Fax (503) 248-6385 - Effective Sept.23, 2013 - (This copy for you to keep) OREGON HIPAA
More informationOffice of the Chief Privacy Officer. Privacy & Security in an App Enabled World HIMSS, Tuesday March 1, 2016, Las Vegas, NV
Office of the Chief Privacy Officer Privacy & Security in an App Enabled World HIMSS, Tuesday March 1, 2016, Las Vegas, NV Table of Contents Introduction Why Apps? What ONC is doing to advance use of Apps
More informationSample Privacy Impact Assessment Report Project: Outsourcing clinical audit to an external company in St. Anywhere s hospital
Sample Privacy Impact Assessment Report Project: Outsourcing clinical audit to an external company in St. Anywhere s hospital October 2010 2 Please Note: The purpose of this document is to demonstrate
More informationARRA HEALTH IT INCENTIVES - UNCERTAINTIES ABOUT "MEANINGFUL USE"
ARRA HEALTH IT INCENTIVES - UNCERTAINTIES ABOUT "MEANINGFUL USE" Publication ARRA HEALTH IT INCENTIVES - UNCERTAINTIES ABOUT "MEANINGFUL USE" September 08, 2009 HITECH1 gives a great deal of discretion
More information2. This SA does not apply if the entity does not have an internal audit function. (Ref: Para. A2)
March Standard on Auditing (SA) 610 (Revised) Using the Work of Internal Auditors Introduction Contents Scope of this SA... 1-5 Relationship between Revised SA 315 and SA 610 (Revised)... 6-10 The External
More informationICD-10 Transition Provider Roadshow. October 2012
ICD-10 Transition Provider Roadshow October 2012 About ICD-10 ICD-10 CM for diagnosis coding For use in all US healthcare settings Uses 3 to 7 digits instead of the 3 to 5 digits ICD-10-PCS for inpatient
More informationTechnology Standards of Practice
2016 Technology Standards of Practice Used with permission from the Association of Social Work Boards (2016) Table of Contents Technology Standards of Practice 2 Definitions 2 Section 1 Practitioner Competence
More informationNOTICE OF PRIVACY PRACTICES
NOTICE OF PRIVACY PRACTICES Effective Date: July 12, 2017 THIS NOTICE OF PRIVACY PRACTICES ( NOTICE ) DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED, AND HOW YOU CAN GET ACCESS TO
More informationINCOMPLETE APPLICATIONS WILL NOT BE PROCESSED
Dear Applicant: Enclosed in this reappointment application for membership to the Guadalupe Regional Medical Center (GRMC) Allied Health Professionals Staff, you will find the following. Allied Health Professional
More informationInstitutional Review Board (previously referred to as Human Participants Research Board) Updated January 2004
Institutional Review Board (previously referred to as Human Participants Research Board) Updated January 2004 All research requests meeting the following conditions must be reviewed by the Institutional
More informationIRB 101. Rachel Langhofer Joan Rankin Shapiro Research Administration UA College of Medicine - Phoenix
IRB 101 Rachel Langhofer Joan Rankin Shapiro Research Administration UA College of Medicine - Phoenix Contents Brief discussion of regulations IRB Structure Levels of Approval Informed Consent HIPAA/HITECH
More informationFMO External Monitoring Manual
FMO External Monitoring Manual The EEA Financial Mechanism & The Norwegian Financial Mechanism Page 1 of 28 Table of contents 1 Introduction...4 2 Objective...4 3 The monitoring plan...4 4 The monitoring
More informationMCCP Online Orientation
1 Objectives At the conclusion of this presentation, students will be able to: Discuss application of HIPAA to student s role. Describe the federal requirements of the HIPAA/HITECH regulations that protect
More informationRequest for Applications to Participate In Demonstration Projects to Evaluate Direct Certification with Medicaid
ATTACHMENT U.S. DEPARTMENT OF AGRICULTURE FOOD AND NUTRITION SERVICE National School Lunch Program and School Breakfast Program Request for Applications to Participate In Demonstration Projects to Evaluate
More informationInformed Consent Session Goals
1 Session Goals Identify the importance of informed consent Identify the challenges to effectively auditing and monitoring informed consent Applying the Auditing and Monitoring Framework to Medical Treatment
More informationNOTICE OF PRIVACY PRACTICES
Amended September 2013 NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
More informationHIPAA Privacy Regulations Governing Research
HIPAA Privacy Regulations Governing Research HIPAA Health Insurance Portability and Accountability Act In a Nutshell The Privacy Regulations govern a provider s use and disclosure of health information
More informationMICHIGAN DEPARTMENT OF HEALTH AND HUMAN SERVICES NOTICE OF PROPOSED POLICY
MICHIGAN DEPARTMENT OF HEALTH AND HUMAN SERVICES NOTICE OF PROPOSED POLICY Public Act 280 of 1939, as amended, and consultation guidelines for Medicaid policy provide an opportunity to review proposed
More informationMemorial Hermann Information Exchange. MHiE POLICIES & PROCEDURES MANUAL
Memorial Hermann Information Exchange MHiE POLICIES & PROCEDURES MANUAL TABLE OF CONTENTS 1. Definitions 3 2. Hardware/Software Supported Platform Requirements 4 3. Anti-virus Software Requirement 4 4.
More informationNOTICE OF PRIVACY PRACTICES
NOTICE OF PRIVACY PRACTICES Effective Date: May 31, 2013 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW
More informationProtecting Patient Privacy It s Everyone s Responsibility
1 of 27 Protecting Patient Privacy It s Everyone s Responsibility This presentation is comprised of 27 screens. When you have finished reading a screen, click your mouse to continue to the next screen.
More informationCHAPTER 3. Research methodology
CHAPTER 3 Research methodology 3.1 INTRODUCTION This chapter describes the research methodology of the study, including sampling, data collection and ethical guidelines. Ethical considerations concern
More informationBest Start Regional Support Networks Request for Proposals Questions & Answers
October 20, 2017: Best Start Regional Support Networks Request for Proposals Questions & Answers 1. The RSVP deadline for the Regional Information Sessions has passed, can I still attend? Yes. RSVP s were
More informationManaging Privacy Risk in Your Research and Development Enterprise. Sujata Dayal, Abbott Justin McCarthy, Pfizer
Managing Privacy Risk in Your Research and Development Enterprise Sujata Dayal, Abbott Justin McCarthy, Pfizer Why Privacy Matters Human subject data is extremely sensitive Access to data is critical to
More informationWRAPPING YOUR HEAD AROUND HIPAA PRIVACY REQUIREMENTS
WRAPPING YOUR HEAD AROUND HIPAA PRIVACY REQUIREMENTS Jeffrey Staton Attorney at Law Legal Aid Society of Louisville 416 W. Muhammad Ali Blvd., Ste. 300 Louisville, KY 40202 Phone: 502.614.3146 Jstaton@laslou.org
More informationMonitor Staffing Standards in the Child and Adult Care Food Program Interim Rule Guidance
[ X] Information July 22, 2003 TO: RE: Sponsors of Family Day Care Homes Monitor Staffing Standards in the Child and Adult Care Food Program Interim Rule Guidance The following information we received
More informationOverview: Key Issues in Specialty Consultation Telemedicine Services
Overview: Key Issues in Specialty Consultation Telemedicine Services Written by: Marilyn Dahler Penticoff, RN Clinical Services Consultant gptrac Mary DeVany Director gptrac Specialty Consultation Telemedicine
More informationHEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT INSTRUCTIONS Read through this presentation. Submit completed post test to the Portage County MRC Coordinator. Estimated completion time: 1 hour Learning
More informationSAMPLE CARE COORDINATION AGREEMENT
SAMPLE CARE COORDINATION AGREEMENT This sample Care Coordination Agreement is between a fictional Certified Community Behavioral Health Clinic (CCBHC), Behavioral Health Clinic, and a fictional hospital,
More informationLifeBridge Health HIPAA Policy 4. Uses of Protected Health Information for Research
LifeBridge Health HIPAA Policy 4 Uses of Protected Health Information for Research This Policy contains the following Sections: I. Policy II. III. IV. Definitions Applicability Procedures A. Individual
More informationResults of the Clatsop County Economic Development Survey
Results of the Clatsop County Economic Development Survey Final Report for: Prepared for: Clatsop County Prepared by: Community Planning Workshop Community Service Center 1209 University of Oregon Eugene,
More informationMiami Dade College Resource Development. Frequently Asked Questions
Miami Dade College Resource Development Frequently Asked Questions ADMINISTRATION What is the MDC internal process for grant seeking? Once you have decided on a grant that you want to write, the MDC s
More informationPULLING INFORMATION IN RESPONSE TO A PUSH: USAGE OF QUERY-BASED HEALTH INFORMATION EXCHANGE IN RESPONSE TO AN EVENT ALERT. PRELIMINARY REPORT
PULLING INFORMATION IN RESPONSE TO A PUSH: USAGE OF QUERY-BASED HEALTH INFORMATION EXCHANGE IN RESPONSE TO AN EVENT ALERT. PRELIMINARY REPORT Evidence from a study of three New York State Qualified Entities
More informationProvider Rights and Responsibilities
Provider Rights and Responsibilities This section describes Molina Healthcare s established standards on access to care, newborn notification process and Member marketing information for Participating
More informationLily M. Gutmann, Ph.D., CYT Licensed Psychologist 4405 East West Highway #512 Bethesda, MD (301)
Lily M. Gutmann, Ph.D., CYT Licensed Psychologist 4405 East West Highway #512 Bethesda, MD 20814 (301) 996-0165 www.littlefallscounseling.com PRACTICE POLICIES AND CONSENT TO TREATMENT WELCOME Welcome
More informationA Media-Based Approach to Planning Care for Family Elders
A Media-Based Approach to Planning Care for Family Elders A Small Business Innovation Research Grant from the National Institute on Aging Grant #2 R44 AG12883-02 to Northwest Media, Inc. 326 West 12 th
More informationFAMILY PHARMACEUTICAL SERVICES NOTICE OF PRIVACY PRACTICES effective 9/23/2013
FAMILY PHARMACEUTICAL SERVICES NOTICE OF PRIVACY PRACTICES effective 9/23/2013 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.
More informationCCBHC CARE COORDINATION AGREEMENTS: OVERVIEW OF LEGAL REQUIREMENTS AND CHECKLIST OF RECOMMENDED TERMS
CCBHC CARE COORDINATION AGREEMENTS: OVERVIEW OF LEGAL REQUIREMENTS AND CHECKLIST OF RECOMMENDED TERMS Coordinating care across a spectrum of services, 29 including physical health, behavioral health, social
More information2018 HIMSS U.S. Leadership and Workforce Survey
2018 HIMSS U.S. Leadership and Workforce Survey www.himss.org 2018 HIMSS U.S. Leadership and Workforce Survey Table of Contents 1. Executive Summary... 2 2. Methodology/Respondent Demographics... 3 Leadership
More informationOklahoma Health Care Authority. ECHO Adult Behavioral Health Survey For SoonerCare Choice
Oklahoma Health Care Authority ECHO Adult Behavioral Health Survey For SoonerCare Choice Executive Summary and Technical Specifications Report for Report Submitted June 2009 Submitted by: APS Healthcare
More informationPossession is 9/10 th of the law. Once a resident has been admitted, it is very difficult under current regulations to effect a transfer.
WORKING WITH AND MANAGING DIFFICULT FAMILIES By Kendall Watkins, J.D KenWatkins@davisbrownlaw.com Possession is 9/10 th of the law. Once a resident has been admitted, it is very difficult under current
More informationWhat is HIPAA? Purpose. Health Insurance Portability and Accountability Act of 1996
Patient Privacy and HIPAA/HITECH What is HIPAA? Health Insurance Portability and Accountability Act of 1996 Implemented in 2003 Title II Administrative Simplification It s a federal law HIPAA is mandatory,
More information