HIPAAwareness

Create organizational awareness of HIPAA and capitalize on HIPAA "best practices"...

Training – The First and Last Word in Privacy Compliance By D'Arcy Guerin Gue, Executive Vice President, Phoenix Health Systems

For your patients: Fact Sheet on HIPAA Medical Privacy Basics from the Privacy Rights Clearinghouse

HIPA-A-B-C's for Small Providers by the HIPAAsolutions Staff, Phoenix Health Systems

Medical Practice "Before and After": A HIPAA Reality Play in Two Acts by Helen Hadley, President, VantagePoint HealthCare Advisors

Training and education ideas for your HIPAAwareness campaign.

Here's a collection of catchy phrases & slogans for use in your organizational awareness education!

Medical Privacy Stories (PDF)

OCR's "What's Your Privacy IQ?" online HIPAA quiz
HHS' Office of Civil Rights (OCR), responsible for enforcing the HIPAA privacy rule, offers a Web-based quiz on 15 top concerns of the rule. The true-false quiz, presented via PowerPoint slides, is designed to dispel myths about the rule, while highlighting legitimate concerns. Issues covered include:

• caregiver verbal conversations
• creation of a government database of patient information
• filling and picking up prescriptions
• dealing with business associates
• disclosing patient information
• purchasing technology for compliance purposes
• using sign-in sheets and calling out names of patients in waiting rooms

HIPAA Training Requirements

Security Awareness Training and Education guidelines document from WEDI SNIP

Educating the Organization
It’s not just about software. A healthcare organization’s best strategy for HIPAA compliance lies with a well planned and comprehensively developed education program.

Executive awareness summary presentations cover the basics, and work towards senior management buy-in:
Our sample Executive Awareness HIPAA presentation
(View the Compliance Calendar for an updated HHS timetable.)

Follow up with a more in-depth educational session for all managers, department heads and professional staff. At a minimum, this should include a discussion of HIPAA's implications department-by-department, and a high-level action plan
Our sample Half-Day Department Head/ Management HIPAA Presentation

More HIPAA training presentations:

• HIPAA 101 suggestions
  
  
• HIPAA 101 (0.5 MB Powerpoint) from NHVSHIP (New Hampshire & Vermont Strategic HIPAA Implementation Plan), updated 3/22/02
  
  
• HIPAA 101 Executive Summary (0.3 MB Powerpoint) from NHVSHIP

Keep up-to-date on Privacy Legislation in Congress , with a table that summarizes key issues.

Articles

The HIPAA Training Challenge: Customized E-Learning Helps Staff Pass the Test
by Jody Strike, Healthcare Informatics, November 2004
With oversight from the Mayo Foundation HIPAA Coordinating Group, staff at Mayo's three principal sites developed a custom e-learning strategy.

The Psychology of Change Management by Emily Lawson and Colin Price,
The McKinsey Quarterly, 2003 Number 2
Companies can transform the attitudes and behavior of their employees by applying psychological breakthroughs that explain why people think and act as they do.

Pillars of Your Community by Meg Mitchell Moore, CSO Magazine, January 2003
The biggest challenge facing the security industry is knowing how to transform an organization's users from its biggest vulnerability into the first line of defense. The bad news is that it's not going to be easy. The good news is that it's not going to be impossible. Here are three steps to get started.

Not Just for HIPAA: Best Practices for Security and Privacy Make Good Business Sense by John J. Halamka, HealthLeaders, December 4, 2002
Though many providers find HIPAA Byzantine and its implementation is sometimes painful and frustrating, they can obtain many business benefits from working to develop an administrative simplification system that makes sense.

Is HIPAA Really Happening? by Bill Bysinger, HealthLeaders, July 15, 2002
Here is a set of proposals that could break the mental logjam of slow HIPAA adoption.

Handling of Health Data is a Difficult Issue by Lois M. Collins, Deseret News, July 10, 2002
As the health industry grapples with HIPAA, it's finding the federal mandate is 10 percent technology and 90 percent about business practices.

The Step Child of HIPAA Compliance: Culture Change by D'Arcy Guerin Gue, Exec. Vice President, Phoenix Health Systems
A "HIPAAtized" culture: "where compliant attitudes, behaviors and sensitivity to patient privacy and confidentiality become second nature and assumed throughout the workforce."

"HIPAA's Myths, Practical Realities and Opportunities" (PDF) white paper from PriceWaterhouseCoopers dispels some of the popular myths circulating about HIPAA.

Organizational Change Organizational change surrounding the security of identifiable health information will be imperative.

Organizational Change Management white paper and presentation from WEDI focuses on how communication and education are the building blocks to integrating security throughout an organization’s business processes and roles.

Health Care EDI Transactions: A Business Primer
This report provides a general overview of how electronic data interchange standards can be used by health care organizations. The report gives a brief introduction about the development of ASC X12 standards for electronic data interchange (EDI), describes the purpose of ASC X12 transaction sets, and provides examples of how these transactions can be used by health care providers, payer and plan sponsors.

Three Steps to Increasing Employee Information Security Awareness by Karen Czirr, MS, RHIA, Journal of AHIMA
In 1999, the Children's Hospital of Philadelphia began to build a comprehensive employee awareness program on confidentiality and security of patient and hospital information. The three phases of the program are outlined and described.

Capitalizing on HIPAA Compliance by Ellen G. Lanser, with Joe Pokorney,
Phoenix Health Systems

Go to TOP