Embed Size (px)
Citation preview
FY15Q3 FY15Q4 FY16Q1 FY16Q2 FY16Q3 FY16Q4
HIPAATRAINING
HIPAAPOLICYUPDATES/
DEVELOPMENT
Privacy Office
OffermonthlyPrivacyWorkshops:ReleaseofInformationAuthorization,GeneralHIPAARefresher,NoticeofPrivacyPractice
Fundraising
RISKASSESSMENTEvaluateHIPAATrainingComplianceeverysixmonths
LaunchAnnualFY2016HIPAAUpdateTraining:Staff
FinalSet-upofHIPAATrainingforMDs:IE11,Pre-booking,CertificateMailing
✓ LEGENDFirmTimeframe
OngoingTimeframe Milestone Completed
MilestoneDelayedMilestone
TentativeTimeframe
LaunchAnnualFY2016HIPAAUpdateTraining:Physicians
Plan,Build,andTestHIPAAUpdateTrainingforFY2016
LaunchAnnual2016UpdateTraining:Attestation
PrivacyOfficeWebsiteIntranetUpdate
RISKASSESSMENTEvaluateHIPAATrainingComplianceeverysixmonths
WrapupHIPAA2014StaffTrainingWTMS;ApplySanctionforDelinquencies
HIPAATrainingforMDs
Post-ImplementationofWTMSnon-employeeregistrationsolution,discontinueMyCertificates,analyze/archivetrainingrecords
AuthorizationforReleaseofPHIandRevocationofAuthorization
SanctionsPolicy/AccountabilityMatrix
ProtectingPHIduringDisasterMode/ContingencyPlan AccountingofDisclosures
UseandDisclosureofPHIforResearch
HIPAADeidentification&HonestBroker
PatientRequestsforAmendmenttoMedicalRecord
PrivacyRiskAssessmentPolicy
OffisiteStorageofPHI/RecordRetention/PurgingofRecords
RetentionofVoiceRecordings(PhoneRecords)withPHI
RetentionofRecordswithPHI
AnnualPolicyReviewaspartofRISKASSESSMENT
AuthorizationforHIE
✓
✓ ✓
✓
✓
✓
✓
✓
✓
✓ ✓
✓
✓
✓ ✓
Marketing
✓
✓
✓
✓
✓
✓
FY15Q3 FY15Q4 FY16Q1 FY16Q2 FY16Q3 FY16Q4
BUSINESSASSOCIATE
AGREEMENTS
PRIVACYINCIDENT
MANAGEMENT
PRIVACYRISKASSESSMENTS
FAIRWARNINGMONITORING
CENTRALIZEROI
Privacy Office
Post-ImplementationofFairWarning–varioussamplingroutinesatdesignatedtimes(vs.perpetual)
Selectcentralizeddatabase–ServiceNow,FairWarning,SharePoint
Offsitestoragesurvey.PartOne:Wherearewestoring?
✓ LEGENDFirmTimeframe
OngoingTimeframe Milestone Completed
MilestoneDelayedMilestone
TentativeTimeframe
BeginRelationshipReviewProcessRolloutBAASharePointWorkflowtoallDepartmentstoInclude
ActiveVendorReviewannuallyforPossible
MissedBAAsaspartofRISKASSESSMENT
ActiveVendorReviewannuallyforPossibleMissedBAAsaspartofRISKASSESSMENTImplementprocesstosurveyBAAsaspart
ofRISKASSESSMENTduringrelationshipreview
ImplementIncidentReviewCommitteeandMeetBi-Monthly
1
EndofYearReportingtoHHS-OCR
EndofYearReportingtoHHS-OCR
2
Formulateproposalandbusinessplantosetupcentralunittomanagerecordrequests,patient-requestedaccountingofdisclosures,andpatient-requestedrecordamendments.
Offsitestoragesurvey.PartTwo:Purgeprocessesofoldrecord
HHS-OCRMockResponse(auditorinvestigation)Project HHS-OCRMockResponse
(auditorinvestigation)Project
Walk-ThroughSurveyPracticeSites,onedepartmentpermonth
FairWarningSetUpProject
✓
✓
✓
✓
✓
✓
✓
✓
✓
