free hipaa training bci computers free hipaa training (c) 2014 bci computers all rights reserved

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Free HIPAA TrainingBCI Computers

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

What is HIPAA?

• Standardizes health care transactions and rules to protect the privacy and security of health information.

• Standardization of transactions to electronic format for administrative and healthcare privacy.

• Delineates unique health identifiers for employers, health plans, health care providers and individuals.

• Sets security standards to protect the confidentiality, integrity and availability of Individually Identifiable Health Information (IIHI).

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

The HITECH Act

• Enacted on February 17, 2009

• Addresses the privacy and security concerns associated with the electronic transmission of health information

• Lists penalties in order to strengthen the civil and criminal enforcement the rules.

• Defines Data Content as elements and code sets inherent to a transaction

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Omnibus Rule

• Final set of rules effective September 23, 2013.

• Expands the obligations of physicians and other health care providers regarding protected health information (PHI)

• Extends the definition of Business Associates ( BA) and Covered Entities (CE)

• Increases the penalties for violations of any of the obligations.

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Break

•Quiz 1

•Continue to Quiz 1

•Contact Us

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

• Is HIPAA mandatory?

• HIPAA does not deal with security standards. T/F?

• Business Associates and Covered Entities do not fall under HIPAA compliance. T/F?

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

How could this affect you?Tier 1, 2 Violations and Fines

HIPAA Violation Minimum Penalty Maximum Penalty

Individual did not know (and by exercising reasonable diligence would not have known) that he/she violated HIPAA

$100 per violation, with an annual maximum of $25,000 for repeat violations (Note: maximum that can be imposed by State Attorneys General regardless of the type of violation)

$50,000 per violation, with an annual maximum of $1.5 million

HIPAA violation due to reasonable cause and not due to willful neglect

$1,000 per violation, with an annual maximum of $100,000 for repeat violations

$50,000 per violation, with an annual maximum of $1.5 million

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Tier 3, 4 Violations and Fines

HIPAA violation due to willful neglect but violation is corrected within the required time period

$10,000 per violation, with an annual maximum of $250,000 for repeat violations

$50,000 per violation, with an annual maximum of $1.5 million

HIPAA violation is due to willful neglect and is not corrected

$50,000 per violation, with an annual maximum of $1.5 million

$50,000 per violation, with an annual maximum of $1.5 million

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Break

•Quiz 2

•Continue to Quiz 2

•Contact Us

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

• How many tiers of violations are there?

• What is the minimum amount per violation you can be fined?

• Can a violation result in jail time?

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

How to Protect Patient Information

• Encryption (Desktops, Laptops and Tablets)

• Encrypting the drives

• Encrypting E-mails

• E-mail Retention Policy

• Firewall

• Virus Protection

• Secure Internet Connection

• Hardware Locks on each machine

• Password-Protection Enabled (Changed every 30 days)

• Smart Cards Coming Soon

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Server

• One Machine should be Server

• Must be encrypted

• Must have a back-up and retention policy in place

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Mobile Devices

• Password Protected

• Encrypted

• Phones cannot be left out in the open

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Break

•Quiz 3

•Continue to Quiz 3

•Contact Us

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

• Is it ever necessary to change your passwords?

• Do your servers need to be encrypted?

• Should your phone be password protected?

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Internet Security & Firewalls

• Intrusion Protection

• Smart FireWall

• - No Best Buy, RadioShack, etc...

• Secure Wi-Fi for your office

• - Is it available for your patients?

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Education

• Train Staff

• Educate staff

• Proper Forms

• BAA, Non-Disclosure, etc…

• Locks (Hardware, doors, windows, files)

• Assign Privacy Officer

• BCI HIPAA Guide on Amazon

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Break

•Quiz 4

•Continue to Quiz 4

•Contact Us

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

• What constitutes a “Smart FireWall”?

• Does your Wi-Fi have to be secure if the patients have access to it?

• How often does your staff require training?

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Questions & Support

• If you have any questions, contact our HIPAA Specialists Jameson McKay or Brenden Smerbeck at:

• Phone: (401) 828-5200

• E-Mail: info@bcicomputers.net