Hsm310 Hipaa Assignment

| You Decide| Activity| Assignment Responses| Part I| From the Chief Compliance Officer (CCO) perspective on HIPAA, contemplate the three basic areas which HIT professionals must be most concerned with are: (1) Privacy Rules (2) Security Rules, and (3) Standardized transaction code sets| Write a paragraph on each of the 3 critical areas of HIPAA for a training session of your staff. Explain what they are, why they are important and how they impact staff duties and the organization. | HIPAA Rules(1)Privacy Rules: According to the U.
S Department of Health and Human Services (HHS), the HIPAA Privacy Rule establishes national standards to protect individuals’ medical records and other personal health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically. It’s important because the Rule requires appropriate safeguards to protect the privacy of personal health information, and sets limits and conditions on the uses and disclosures that may be made of such information without patient authorization.
This rule impacts the staff by: Not sharing the information with others who have no need to know, including co-workers, family members or friends, minimizing opportunities for patient information to be overheard by others, never sharing passwords, disposing of information containing PHI properly such as shredding paper files(2)Security Rules: The HIPAA Security Rule establishes national standards to protect individuals’ electronic personal health information that is created, received, used, or maintained by a covered entity.

The Security Rule is important because it requires appropriate administrative, physical and technical safeguards to ensure the confidentiality, integrity, and security of electronic protected health information. It impacts the organization by forcing the healthcare industry to adopt uniform electronic transaction standards for Healthcare information, . (3)Standardized transaction code sets rules: This rule is designed to improve claims and management revenue cycle. It important because it helps save physicians thousands of dollars annually by using the standard transactions.
It impacts the organization because some health insurers still have not adopted all of the standard transactions and because of the inconsistency it creates a burden for physician practices| Part II| Leading experts in HIPAA implementation agree that the first step toward HIPAA compliance is to Inventory the organization’s data| Fill out the attached HIPAA inventory form for your organization. List the various departments from where you have retrieved data. Indicate how the data will be used. | Department HIPAA Inventory (1) Health Information Management Services: a.
A critical issue would be who can and cannot have access to health information b. Having only access at a specific time frame. For instance, only Monday- Friday between 8 and 4, but to patients only. (2) Clinical Nursing Services: c. A critical issue concerning Clinical Nursing Services is the staffing. The staffing effects patient safety and quality care. d. The issue can be addressed by cutting spending for other personnel, such as unlicensed caregivers, housekeepers, and other support staff.
The amount of non-nursing work performed by RNs in inpatient units could increase, and investments in medical technology and facilities to improve the quality of care could be deferred. (3) Credit Department: e. A critical issue would be hospitals continue to face volume declines, which negatively impact the bottom line. f. Since patient experience impacts the bottom line, with the increase in consumer savvy patients and the emergence of ratings sites, recognition programs, and other efforts, the issue can be addressed by incorporating pay-for-performance programs based on satisfaction outcomes as part of their financial arrangements.
This should make the financial implications greater than ever. According to “healthcare industry news” An increasing amount of research and writing has been done on the subject, offering healthcare managers an “evidence-based” case for improving the service encounter. | Part III| In a modern US hospital, the individual responsible for assembling a HIPAA implementation team generally holds the title Chief Compliance Officer, with the Chief Information Officer (CIO) in the primary role of electronic communication, and all data compliance. The CCO assures the CIO and HIMS Director that they may in fact release private health information (PHI) for TPO with a written authorization. What is TPO and why is the CCO correct under HIPAA? | Operational Activities and HIPAATreatment (T) is when a health care professional provides, coordinates or manages the health care services of one or more providers. Payment (P) means the activities we perform to get reimbursed for the health care services we have provided. Operations (O): include activities that ensure our effective business operations.
These include, conducting quality assessment and improvement activities, reviewing the competence or qualifications of health care professionals, evaluating practitioner and provider performance, etc The CCO is correct under HIPAA because The HIPAA Privacy Rule permits a health care provider to disclose protected health information about an individual, without the individual’s authorization, to another health care provider for that provider’s treatment of the individual. |
Fill in the areas required to complete the assignment questions above Works Cited Health Information Privacy. (n. d. ). Retrieved December 2011, from http://www. hhs. gov/ocr/privacy/hipaa/administrative/securityrule/index. html Hospital Impact. (n. d. ). Retrieved December 2011, from http://www. hospitalimpact. org/index. php/2011/12/01/p3571 Hospital Nurse Staffing and Quality of care. (n. d. ). Retrieved December 2011, from http://www. ahrq. gov/research/nursestaffing/nursestaff. htm#Strategies