Your organization’s Patient Privacy Program should really be a closed-loop cycle — a continuous process that relates patient privacy regulatory requirements to meaningful actions within your organization. It’s not just about checking off regulatory boxes — it’s about truly improving your organization’s patient privacy culture.
A healthcare organization’s Patient Privacy Program must have 5 key elements in order to positively impact its patient privacy culture:
- Policies & Procedures
- Research & Trend Analysis 5. Corrective Action
This presentation will review HIPAA requirements, OCR Guidance, and other considerations to help you develop regulatory-mandated “reasonable and appropriate” policies and procedures to improve your organization’s privacy culture.
It will also discuss the importance of risk assessment to determine what systems containing PHI need to be routinely audited to comply with regulations and your organization’s specific policies and procedures. It’s imperative for your privacy auditor(s) know your data, and your users.
Types of documentation (incident, breach risk assessment, breach documentation, and breach notification), together with their unique importance, will also be covered.
Once policies are developed, auditing is conducted, and documentation occurs, an organization can then look at the results, identify trends, and use that data to work with staff to truly improve its culture and attitudes toward patient privacy. Sanctions (i.e., punishment) may be necessary, but shouldn’t be the only method for change. There are other improvements that can be made to prevent incidents in the future.
Attend this presentation to learn how to truly improve your organization’s overall patient privacy culture.
May 6, 2019
CEU: 1.0 – Privacy and Security
Mark Johnson, MHA, BSN, RN-BC, CPHIMS, FHIMSS is currently the Director of Privacy and Security Solutions at Iatric Systems. Mark joined Iatric Systems in 2007 and has served in variety of roles during that time. In addition to his position at Iatric Systems, Mark currently sits on the board of directors for the American Nursing Informatics Association (ANIA) and in the past has served on HIMSS national committees and task forces — the Connected Patient Committee, the Professional Services Committee, and the Patient Generated Health Data (PGHD) Task Force.