SlideShare une entreprise Scribd logo
1  sur  18
Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13
Healthcare Provider Proposal Page: 1 Adhering to Healthcare Industry Regulations
Proposal to Healthcare Providers
on:
Adherence to Regulatory Requirements,
Workplace Security and Threat Elimination,
Workplace Violence Prevention,
and
Workflow Management.
Proposed by:
Thomas Bronack, President
Data Center Assistance Group, Inc.
15180 20th Avenue
Whitestone, New York 11357
Email: bronackt@dcag.com
Cell Phone: (917) 673-6992
Audience Includes:
• Hospitals, Clinics, Doctors Offices; and
• Business Associates providing services to
Healthcare Organizations.
Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13
Healthcare Provider Proposal Page: 2 Adhering to Healthcare Industry Regulations
Purpose of Presentation and Deliverables that can be achieved
• Define healthcare industry New and Existing Compliance Regulations;
• Discuss New Patient Freedoms related to patient information sharing;
• Show how “Joint Commission Accrediting Healthcare Organization” (JCAHO)
certification can be achieved and why it is a benefit;
• Suggest methods to perform Risk Management, Auditing, and Incident Reporting;
• Demonstrate how better utilization of Information Technology, Data Management,
and Access Controls can create a safeguarded and efficient environment;
• Determine Security and Emergency Response Planning needed to protect the
Workplace, safeguard Patients Rights, and comply with regulatory requirements;
• Creating project plan / road map to Implement Physical and Data Security;
• Assist in the development and Implementation of Emergency Response Plans;
• Document new Standards and Procedures needed to better protect patients,
achieve a safeguarded environment, and improve efficiency;
• Provide Employee Awareness and Training; and,
• Provide Integration, Support, and Maintenance going forward.
Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13
Healthcare Provider Proposal Page: 3 Adhering to Healthcare Industry Regulations
Audience and Compliance Requirements
Healthcare Industry
Patient Security & Safety
New Patient Freedoms
Workplace Protection
Penalties and Financial Losses
Training and Awareness
Risk Management
Response Identification and Planning
• Hospitals; Clinics; Doctors Offices; and,
• Business Associates and Sub-Contractors.
• HIPAA; HITECH; ePHI; and Final Omnibus Rule.
• “Meaningful Use” reimbursement for electronic data ($40-60K)
• Ability to have records transferred by request of patient or their
authorized representative (Record Sharing).
• Responsible for protecting employees, patients, and visitors;
• OSHA, DHS, OEM, and NFPA 1600;
• Workplace Violence Prevention;
• Workplace Physical Security and Evidence Capturing; and,
• Ability to evacuate patients in Emergency Mode.
• Criminal and Civil penalties; fines up to $1.5 million per
occurrence taking effect 9/23/2013.
• Staff must be aware of requirements and trained on how to
respond to a wide-range of disaster events.
• Identification of Risks and potential Disaster Event obstacles.
• Mitigate Gaps and Exceptions; Mediate obstacles blocking the
ability to respond to Disaster events; insure the ability to
respond to encountered incidents; have the ability to provide a
safeguarded environment capable of providing enhanced
protections and efficiency while achieving compliance.
Integrate within the everyday functions and environment.
Healthcare Provider Proposal Page: 4 Adhering to Healthcare Industry Regulations
Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13
• Physical (Guards, CCTV, Card Keys, etc.) and Data Security Service Providers;
• IT Equipment, Software, Consulting, and Support Vendors;
• Lawyers, Accountants, and Auditors;
• Leasing firms and other financial providers;
• Telephone and Communications Vendors;
• Shredding Vendors, Waste Disposal, and Transportation;
• Primary and Secondary Data Centers;
• Cloud Computing and Virtualization Service Providers;
• Answering Services for Medical Offices;
• Medical Billing Services;
• Medical Transcriptions Services;
• Medical Collection Agencies; and,
• Cleaning, Disposal, and internal Service staff.
The best protection is to perform a Risk Analysis to determine regulatory gaps and exceptions
that must be mitigated, along with impeding obstacles that must be mediated. Then implement
controls and procedures to create a safeguarded and compliant environment.
Who is effected by these changes?
Business Associates and Contractors including:
Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13
Healthcare Provider Proposal Page: 5 Adhering to Healthcare Industry Regulations
History and purpose of HIPAA rules and regulations, from original to current updates.
• 1996 - Initially HIPAA was introduced to improve efficiency and effectiveness of the U.S.
Healthcare System through guidelines and regulatory requirements.
• 2/2009 – (HITECH) Health Information Technology for Economic and Clinical Health Act
was introduced as part of the American Recovery and Reinvestment Act covering health
records from paper based through all types of current and future electronic health
records.
• 1/25/2013 – The Final Omnibus Rule was published by the Federal Register to include
more stringent privacy and security protection for patients (to be en-acted 9/23/13).
• Rule also increased sanctions and penalties for failure to comply, including the right
of States Attorneys General to bring lawsuits on behalf of private individuals for
breach of the Privacy Rule.
• The Security Rule concentrates on electronic media and electronic Personal Health
Information (ePHI) covering paper, oral, and electronic media.
• Although HITECH has been enforceable since 2/2010 many organizations have failed
to take action to fully comply, thereby risking penalties, financial loss, patient
services, and reputational loss that could damage the ability to continue serving the
public’s medical needs.
• HIPAA was developed to improve the education of hospital and medical record keepers on
the rules and regulations that must be followed to safeguard patients.
• The Final Omnibus Rule and Federal Registry provide a more detailed explanation of
these safeguards and how best to protect the rights and privacy of patients.
Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13
Healthcare Provider Proposal Page: 6 Adhering to Healthcare Industry Regulations
HIPAA Contingency Planning and Security Guidelines (newly updated)
Administrative Safeguards include:
• Security Management Process (for People, Physical Environments and Data);
• Assigned Security Responsibility (Management through all levels of Personnel);
• Workforce Security (Procedures governing personnel Screening through Termination);
• Information Access Management (Data Sensitivity, Access Controls, Backup / Recovery, etc.)
• Security Awareness and Training;
• Security Incident Procedures (from identification through “Root Cause” analysis, resolution;
Logging, Tracking, Reporting, and Repository Maintenance);
• Contingency Plan (Disaster, Business, Emergency, and Crisis Management Responses);
• Evaluation (Risk Analysis and Periodic Reviews, with Attestation by Executive Management); and,
• Business Associate Contact and Other Arrangements (from definition to accreditation).
Physical Safeguards include:
• Facility Access Controls (Physical Security to produce a safe workplace);
• Workstation Use;
• Workstation Security; and,
• Device and Media Controls.
Technical Safeguards include:
• Access Controls (Data Security and elimination of Data Corruption);
• Audit Controls;
• Integrity;
• Person and Entity Authentications (User Entitlements); and,
• Transmission Security (Local and Remote / Encryption).
Violation Category
Section 1176 (a) (1):
A. Did Not Know
B. Reasonable Cause
C. 1. – Willful Neglect
– Corrected
C. 2. – Willful Neglect
– Not Corrected
Each Violation:
$100 to Max of
$5,000
$1,000 to Max of
$50,000
$10,000 to Max of
$50,000
$50,000
All such Violations of
an identical provision
in a calendar year:
$1,500,000
$1,500,000
$1,500,000
$1,500,000
Penalties for non-Compliance
CATEGORIES OF VIOLATIONS AND RESPECTIVE PENALTY AMOUNTS AVAILABLE
As you can see, penalties and loss of reputation can grow rapidly through repeated violations
Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13
Healthcare Provider Proposal Page: 7 Adhering to Healthcare Industry Regulations
Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13
Healthcare Provider Proposal Page: 8 Adhering to Healthcare Industry Regulations
Steps that lead to Achieving presentation Goals and Objectives
• Perform a Risk Assessment, conduct a Physical / Data Security evaluation,
and review Emergency Response Plans regarding compliance issues;
• Conduct a Workflow Analysis;
• Define Gaps, Exceptions, and Obstacles that must be Mitigated and Mediated;
• Establish Direction / Project Plan to resolve issues and gain approval;
• Implement Mitigations and Mediations, including: Compliance, Controls,
Emergency Response Plans, and Incident Management procedures;
• Provide Awareness and Training to employees and business associates;
• Achieve compliance to HIPAA, ePHI, HITECH, and Final Omnibus Rule;
• Achieve JCAHO certification, leading to improved business and profitability;
and,
• Provide Implementation, Support, and Maintenance going forward.
Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13
Healthcare Provider Proposal Page: 9 Adhering to Healthcare Industry Regulations
HIPAA Five Step Circle of Compliance
Global Tracking:
- Incidents Mediation;
- Gaps & Exception Mitigation;
- Training;
- Authorizations and Disclosures;
- Document Repository.
Reporting and Visualization:
- Audit Reports;
- Tracking Reports;
- Dashboard View;
- Change Management.
Compliance Management
Tools:
- Easy to Use (like MS Office based);
- Regulation Look-Up;
- Enterprise Level Access;
- Third Party Data Integration.
Account Management:
- Member Management;
- Vendor Management;
- Business Associate; and,
- Management and Technical Reporting.
Auditing and Remediation:
- Gap and Obstacle Collection;
- Reported Problems & Incidents;
- Remediation and Mitigation;
- Audit Workflow Definition;
- Audit Workflow Optimization.
Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13
Healthcare Provider Proposal Page: 10 Adhering to Healthcare Industry Regulations
Accounts:
• Members (Staff and Affiliates);
• Vendors and Business Associates: and,
• Vendor Questionnaire Design and Completion.
Auditing:
• Audit Questionnaire; * Incidents;
• Gaps and Exceptions; * Obstacles; and,
• Remediation Planning and Execution.
Tracking:
• Training Sessions;
• Authorization and Disclosures;
• Document Manager (Version Control); and,
• Employee Policy / Procedure Viewer.
Reporting:
• Gap & Exception Analysis; * Remediation Summary;
• Questionnaire Results; * Incident Summary;
• Training History; * Authorization Summary;
• Disclosure Summary; * Member Breakdown;
• Vendor Breakdown; and, * Employee Policy /
Procedure Crosswalk.
Administration:
• Preferences; * Update Password;
• Guard Users; * Custom Mandates;
• Custom Regulations; * Custom Questions.
Technical Glossary:
• Technical Glossary; * Change Facilities;
• Status Alerts; * Help;
• Support; and * Logout.
Healthcare Industry Workflow Management System Goals
RDBMS
Programs Data
3. Service Transition
• Change Management (Problems & Enhancements)
• Project Management (Transition Planning and Support)
• Release and Deployment Management (V & R Mgmt.)
• Service Validation and Testing
• Application Development and Customization
• Service Asset and Configuration Management
• Knowledge Management (Training & Awareness)
4. Service Operation
• Event Management
• Incident Management
• Request Fulfillment
• Access Management
• Problem Management
• IT Operations Management
• Facilities Management
1. Service Strategy
• Service Portfolio Management (available
Services and Products)
• Financial Management (PO, WO, A/R, A/P,
G/L, Taxes, and Treasury)
2. Service Design
• Service Catalogue Management
• Service Level Management (SLA / SLR)
• Risk Management (CERT / COSO)
• Capacity / Performance Management
• Availability Management (SLA / SLR)
• IT Service Continuity Management (BCM)
• Information Security Management (ISMS)
• Compliance Management (Regulatory)
• Architecture Management (AMS, CFM)
• Supplier Management (Supply Chain)
ITIL Available Modules
ITIL Five Phase approach to IT Service Support
1. Service Strategy,
2. Service Design,
3. Service Transition,
4. Service Operation, and
5. Continual Service Improvement.
Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13
Healthcare Provider Proposal Page: 11 Adhering to Healthcare Industry Regulations
Example of existing Workflow Management System
ITIL stands for:
Information
Technology
Information
Library
Workflow Management / Training System Interfaces & Flow
Work Request
Workflow
Analysis & Training
System
Analyze
Workload and
Type of Work
Log, Assign
And Track
Work
Workload
Too High
?
New
Work / Tool
?
Prioritize Work
on “To-do” List
(Date & Priority)
Move Work
To Designated
Worker
Automated
Personnel
System
Automated
Training
System
Completion &
movement to
last worker
Audit Trail
Analyze and
Report
Close Request
New Tool,
New Staff,
New Procedure
Staff Request
Volume
Workload
Measurement
Workload levels can accept new work, without personnel change.
Y Y
N
N
Newly Recruited Personnel
Newly Trained Personnel
Reports Audit Log
Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13
Healthcare Provider Proposal Page: 12 Adhering to Healthcare Industry Regulations
High
Low
Normal
(Request through fulfillment, with staffing increase and training as deemed necessary)
New Staff
New Training
Workflow Life Cycle
Workload levels can accept new work, with new personnel updates /training changes.
Workflow Forms
Management
System
• Create and respond to a Needs Analysis Questionnaire to define Gaps &
Exposures, Obstacles, and to define deliverables, time lines, and scope.
• Review current forms, workflows and controls.
• Identify personnel associated with forms processing.
• Redesign Forms and Workflow associated with forms, as needed.
• Develop Forms Data Base System.
• Implement Forms Management System functions and flows.
• Create User Interface to Forms Management System.
• Produce Management, Technical, and User Analysis Reports.
• Document Forms Management System.
• Supply Awareness and Training to staff, employees and associates.
• Roll-out Forms Management System.
• Support and Maintain Forms Management System going forward.
Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13
Healthcare Provider Proposal Page: 13 Adhering to Healthcare Industry Regulations
Workflow Management Tasks to be Performed include:
Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13
Healthcare Provider Proposal Page: 14 Adhering to Healthcare Industry Regulations
Joint Commission on Accreditation of Healthcare Organizations (JCAHO) review
• JCAHO is pro-active investigator, while HIPAA is exception driven investigator;
• Covers Hospitals, Nursing Homes, Office-Based Surgery Practices, Home Care
Providers and Laboratories, along with their Business Associates;
• Most prestigious Healthcare Industry Accreditation Organization in industry;
• Certification assures patients and providers that the healthcare organization
has achieved the highest standards required by the industry;
• To achieve certification both healthcare organizations and their staff members
must be able to demonstrate proficiency across specific job competencies and
compliance issues;
• Both Healthcare Organizations and their Business Associates must adhere to
regulatory requirements and competencies;
• JCAHO Certification will help to achieve a competitive edge, educated staff,
ability to retain and recruit staff and new business; higher level of safety; and
compliance.
Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13
Healthcare Provider Proposal Page: 15 Adhering to Healthcare Industry Regulations
Sitting
Area
Admitting
Area
Financing
Area
Finance
Waiting Area
Emergency Room
Guards
Area
Sliding
Door
2
4
5
3
Patient Movement to gain entrance to Emergency Room:
1. Patients enter past Guards Desk (no verification or scan);
2. Patient waits for admittance in waiting area (unsupervised);
3. Patient is Admitted and Vital Signs Taken (ID Shown);
4. Patient goes to Finance where they are Identified and
insurance papers validated (first true check of identity);
5. Patient waits to be called to go to Emergency Room where
they are examined by staff; and
6. Patient is admitted to hospital, or treated and sent home.
Signifies where card key doors can be installed to
restrict access to hospital area by unauthorized
personnel (low cost solution to high cost problem)
Signifies patient movement
General
Hospital
Area
Initial
Area
Examined
Problem Analysis:
• Lack of security at ER area can lead to Threat:
• Identification at Entrance;
• Metal Scanner or Search for weapons;
• Surveillance and Cameras for evidence;
• Restrictive movement of patients.
• Possible Weaknesses:
• Unidentified people accompanying patients;
• Unrestrictive movement can lead to terrorism;
• Possible threat to people and hospital
reputation.
• Possible Threats include:
• Terrorism and Active Shooter;
• Deranged People acting out;
• Disgruntled personnel; and
• Civil Disorder.
• Possible Repercussions include:
• Bombs and Guns;
• Deaths and Destruction or property;
• Damage to facilities causing outage of service
to community;
• Loss of reputation; and
• Loss of business and many law suits, with
potential facility closing.
Card Key access requirements
can restrict movement at a low
cost and CCTV can provide
evidence to prosecute.
Initial Physical Security Review from Admittance to ER acceptance (Real World).
6
1
5
Discharged Admitted
Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13
Healthcare Provider Proposal Page: 16 Adhering to Healthcare Industry Regulations
Benefits, Savings, and New Business possibilities
• Learn existing and new Healthcare Industry compliance laws and regulations;
• Identifying audience that must comply to Healthcare Industry regulations;
• Risk Assessment to define current gaps, exceptions, and obstacles impeding compliance;
• Formulate direction plan to achieve compliance and implement a Workflow Management
System that improves efficiency and better safeguards patient information and services;
• Achieve Physical and Data Security requirements;
• Better utilize Information Technology to achieve goals and improve efficiency;
• Adhere to compliance requirements;
• Update Functional Responsibilities and Job Descriptions, as needed;
• Fully Document upgraded environment in Standards and Procedures Manual and Usage
Guides;
• Implement Awareness and Training programs, as required;
• Achieve JCAHO certification; and,
• Utilize compliance upgrade and JCAHO certification to advertise the healthcare
organization, attract new patient and insurance business, and retain and attract personnel
who have a high morale.
Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13
Healthcare Provider Proposal Page: 17 Adhering to Healthcare Industry Regulations
Estimated Costs to perform work outlined within this presentation
Goals and Objectives are:
• This is a “Gateway” document describing new and existing compliance requirements;
• JCHAO certification based on compliance;
• Obtain reimbursement via “Meaningful Use” directive for electronic data conversion;
• Safeguarded and efficient environment that complies with all laws and regulations for
both the healthcare organization and its associates.
Tasks to be performed are:
• Presentation as a teaching tool and awareness vehicle for compliance issues;
• Stakeholder identification and team formulation;
• Team Awareness, Education, Work Plan, Assignments, and Reporting Schedule;
• Risk Assessment to define Gaps, Exceptions, and Obstacles;
• Repair / Control Plan to Mitigate Gaps & Exceptions, Mediate Obstacle & Impediments;
• Project Plan including deliverable’s, schedule, resources, time line, and costs;
• Perform tasks needed to gain compliance certification (JCHOA Compliant);
• Perform tasks to certify Associates and Supply Chain;
• Integrate Workflow Management, Compliance Procedures, and Response Plans;
• Develop and publish all needed documentation;
• Provide Awareness and Educational Training;
• Integration within everyday functions performed by personnel; and,
• Provide ongoing Support and Maintenance going forward.
Healthcare Provider Proposal Page: 18 Adhering to Healthcare Industry Regulations
Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13
I look forward to working with you to achieve the goals of this proposal.
Points that should be remembered include:
• The CEO is responsible for producing a safeguarded and efficient environment that is in compliance with
HIPAA, OSHA, NFPA 1600, and DHS regulations (at a minimum);
• Specific new healthcare regulatory requirements are identified in this presentation;
• “Meaningful Use” reimbursement for converting Medicare / Medicaid file to electronic data can be as high
as $40 - $60K per conversion
• The CEO can not delegate his responsibility, only share some responsibilities with insurance companies;
• Damages from lawsuits can run into the multiple millions and over all damages can exceed billions;
• Loss of reputation can result in the closing of the facility;
• Damages to the community can be extensive;
• Criminal and Civil charges can result in jail time and extensive monetary penalties; and
• Only you can take the initiative to implement a safeguarded environment that is in compliance with all
regulatory requirements, while improving productivity and personnel morale. “It is better to set the
example than to be the example”.
I can be reached via the following contact information:
Thomas Bronack, President
Data Center Assistance Group, Inc.
15180 20th Avenue Cell Phone: (917) 673-6992
Whitestone, New York 11357 Email: bronackt@dcag.com
Thank you

Contenu connexe

Tendances

hitech act
hitech acthitech act
hitech actpadler01
 
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...Hybrid Cloud
 
Hi paa and eh rs
Hi paa and eh rsHi paa and eh rs
Hi paa and eh rssupportc2go
 
Presentation Zeroes in on Successful CIN
Presentation Zeroes in on Successful CIN   Presentation Zeroes in on Successful CIN
Presentation Zeroes in on Successful CIN PYA, P.C.
 
Cyber Risk in Healthcare Industry- Are you Protected?
Cyber Risk in Healthcare Industry- Are you Protected?  Cyber Risk in Healthcare Industry- Are you Protected?
Cyber Risk in Healthcare Industry- Are you Protected? Mark Merrill
 
Responding To The Opportunity
Responding To The OpportunityResponding To The Opportunity
Responding To The Opportunityguest7042c6
 
Role-Based Access Governance and HIPAA Compliance: A Pragmatic Approach
Role-Based Access Governance and HIPAA Compliance: A Pragmatic ApproachRole-Based Access Governance and HIPAA Compliance: A Pragmatic Approach
Role-Based Access Governance and HIPAA Compliance: A Pragmatic ApproachEMC
 
Modern Physician-Hospital Affiliations in an Era of Increased Fraud and Abuse...
Modern Physician-Hospital Affiliations in an Era of Increased Fraud and Abuse...Modern Physician-Hospital Affiliations in an Era of Increased Fraud and Abuse...
Modern Physician-Hospital Affiliations in an Era of Increased Fraud and Abuse...PYA, P.C.
 
Dental Compliance for Dentists and Business Associates
Dental Compliance for Dentists and Business AssociatesDental Compliance for Dentists and Business Associates
Dental Compliance for Dentists and Business Associatesgppcpa
 
Partnering for Population Health: Strategies to Promote Collaboration Among t...
Partnering for Population Health: Strategies to Promote Collaboration Among t...Partnering for Population Health: Strategies to Promote Collaboration Among t...
Partnering for Population Health: Strategies to Promote Collaboration Among t...Conifer Health Solutions
 
A Seven-Step Approach to a Clinically Integrated Network
A Seven-Step Approach to a Clinically Integrated NetworkA Seven-Step Approach to a Clinically Integrated Network
A Seven-Step Approach to a Clinically Integrated NetworkConifer Health Solutions
 
Big Data Applications in Healthcare
Big Data Applications in Healthcare Big Data Applications in Healthcare
Big Data Applications in Healthcare PYA, P.C.
 
What's CMS Up To These Days
What's CMS Up To These DaysWhat's CMS Up To These Days
What's CMS Up To These DaysPYA, P.C.
 
UoF - HITRUST & Risk Analysis v1
UoF - HITRUST & Risk Analysis v1UoF - HITRUST & Risk Analysis v1
UoF - HITRUST & Risk Analysis v1Bryan Cline, Ph.D.
 
Analyzing Transactions--Doing the Deal
Analyzing Transactions--Doing the DealAnalyzing Transactions--Doing the Deal
Analyzing Transactions--Doing the DealPYA, P.C.
 
Demystifying Commercial Reasonableness in Physician/Hospital Transactions
Demystifying Commercial Reasonableness in Physician/Hospital TransactionsDemystifying Commercial Reasonableness in Physician/Hospital Transactions
Demystifying Commercial Reasonableness in Physician/Hospital TransactionsPYA, P.C.
 
Journey to Value: Four Questions Providers Ask
Journey to Value: Four Questions Providers AskJourney to Value: Four Questions Providers Ask
Journey to Value: Four Questions Providers AskConifer Health Solutions
 

Tendances (20)

hitech act
hitech acthitech act
hitech act
 
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...
 
Hipaa for business associates simple
Hipaa for business associates   simpleHipaa for business associates   simple
Hipaa for business associates simple
 
Hi paa and eh rs
Hi paa and eh rsHi paa and eh rs
Hi paa and eh rs
 
Presentation Zeroes in on Successful CIN
Presentation Zeroes in on Successful CIN   Presentation Zeroes in on Successful CIN
Presentation Zeroes in on Successful CIN
 
Cyber Risk in Healthcare Industry- Are you Protected?
Cyber Risk in Healthcare Industry- Are you Protected?  Cyber Risk in Healthcare Industry- Are you Protected?
Cyber Risk in Healthcare Industry- Are you Protected?
 
Responding To The Opportunity
Responding To The OpportunityResponding To The Opportunity
Responding To The Opportunity
 
Role-Based Access Governance and HIPAA Compliance: A Pragmatic Approach
Role-Based Access Governance and HIPAA Compliance: A Pragmatic ApproachRole-Based Access Governance and HIPAA Compliance: A Pragmatic Approach
Role-Based Access Governance and HIPAA Compliance: A Pragmatic Approach
 
Modern Physician-Hospital Affiliations in an Era of Increased Fraud and Abuse...
Modern Physician-Hospital Affiliations in an Era of Increased Fraud and Abuse...Modern Physician-Hospital Affiliations in an Era of Increased Fraud and Abuse...
Modern Physician-Hospital Affiliations in an Era of Increased Fraud and Abuse...
 
Dental Compliance for Dentists and Business Associates
Dental Compliance for Dentists and Business AssociatesDental Compliance for Dentists and Business Associates
Dental Compliance for Dentists and Business Associates
 
Partnering for Population Health: Strategies to Promote Collaboration Among t...
Partnering for Population Health: Strategies to Promote Collaboration Among t...Partnering for Population Health: Strategies to Promote Collaboration Among t...
Partnering for Population Health: Strategies to Promote Collaboration Among t...
 
A Seven-Step Approach to a Clinically Integrated Network
A Seven-Step Approach to a Clinically Integrated NetworkA Seven-Step Approach to a Clinically Integrated Network
A Seven-Step Approach to a Clinically Integrated Network
 
Big Data Applications in Healthcare
Big Data Applications in Healthcare Big Data Applications in Healthcare
Big Data Applications in Healthcare
 
What's CMS Up To These Days
What's CMS Up To These DaysWhat's CMS Up To These Days
What's CMS Up To These Days
 
Managed Medicaid: CMS 2390 Impact
Managed Medicaid: CMS 2390 ImpactManaged Medicaid: CMS 2390 Impact
Managed Medicaid: CMS 2390 Impact
 
Mikhaela ripa
Mikhaela ripaMikhaela ripa
Mikhaela ripa
 
UoF - HITRUST & Risk Analysis v1
UoF - HITRUST & Risk Analysis v1UoF - HITRUST & Risk Analysis v1
UoF - HITRUST & Risk Analysis v1
 
Analyzing Transactions--Doing the Deal
Analyzing Transactions--Doing the DealAnalyzing Transactions--Doing the Deal
Analyzing Transactions--Doing the Deal
 
Demystifying Commercial Reasonableness in Physician/Hospital Transactions
Demystifying Commercial Reasonableness in Physician/Hospital TransactionsDemystifying Commercial Reasonableness in Physician/Hospital Transactions
Demystifying Commercial Reasonableness in Physician/Hospital Transactions
 
Journey to Value: Four Questions Providers Ask
Journey to Value: Four Questions Providers AskJourney to Value: Four Questions Providers Ask
Journey to Value: Four Questions Providers Ask
 

En vedette

ACO Data Center Proposal
ACO Data Center ProposalACO Data Center Proposal
ACO Data Center ProposalJeff4459
 
Data Center Energy Efficiency Best Practices
Data Center Energy Efficiency Best PracticesData Center Energy Efficiency Best Practices
Data Center Energy Efficiency Best Practices42U Data Center Solutions
 
Mo ict 2013 new data center design proposal - pts-0813-004006 - ptsp-c-13-0...
Mo ict   2013 new data center design proposal - pts-0813-004006 - ptsp-c-13-0...Mo ict   2013 new data center design proposal - pts-0813-004006 - ptsp-c-13-0...
Mo ict 2013 new data center design proposal - pts-0813-004006 - ptsp-c-13-0...khalid noman husainy
 
Final Charter
Final CharterFinal Charter
Final Charterlneut03
 
Datacenter Design Guide UNIQUE Panduit-Cisco
Datacenter Design Guide UNIQUE Panduit-Cisco Datacenter Design Guide UNIQUE Panduit-Cisco
Datacenter Design Guide UNIQUE Panduit-Cisco jpjobard
 
Presentation cisco data center security deep dive
Presentation   cisco data center security deep divePresentation   cisco data center security deep dive
Presentation cisco data center security deep divexKinAnx
 
Cisco Presentation
Cisco PresentationCisco Presentation
Cisco PresentationRBratton
 
Cisco data center support
Cisco data center supportCisco data center support
Cisco data center supportKrunal Shah
 
Presentation dc design for small and mid-size data center
Presentation   dc design for small and mid-size data centerPresentation   dc design for small and mid-size data center
Presentation dc design for small and mid-size data centerxKinAnx
 
Cisco & VMware Products & Services as of Nov 23, 08
Cisco & VMware Products & Services as of  Nov 23, 08Cisco & VMware Products & Services as of  Nov 23, 08
Cisco & VMware Products & Services as of Nov 23, 08gueste9924aa
 
Health Center Proposal
Health Center ProposalHealth Center Proposal
Health Center Proposalso0ozz
 
MetaFabric™ Architecture Virtualized Data Center: Design and Implementation G...
MetaFabric™ Architecture Virtualized Data Center: Design and Implementation G...MetaFabric™ Architecture Virtualized Data Center: Design and Implementation G...
MetaFabric™ Architecture Virtualized Data Center: Design and Implementation G...Juniper Networks
 

En vedette (14)

ACO Data Center Proposal
ACO Data Center ProposalACO Data Center Proposal
ACO Data Center Proposal
 
Data Center Energy Efficiency Best Practices
Data Center Energy Efficiency Best PracticesData Center Energy Efficiency Best Practices
Data Center Energy Efficiency Best Practices
 
Mo ict 2013 new data center design proposal - pts-0813-004006 - ptsp-c-13-0...
Mo ict   2013 new data center design proposal - pts-0813-004006 - ptsp-c-13-0...Mo ict   2013 new data center design proposal - pts-0813-004006 - ptsp-c-13-0...
Mo ict 2013 new data center design proposal - pts-0813-004006 - ptsp-c-13-0...
 
Final Charter
Final CharterFinal Charter
Final Charter
 
Datacenter Design Guide UNIQUE Panduit-Cisco
Datacenter Design Guide UNIQUE Panduit-Cisco Datacenter Design Guide UNIQUE Panduit-Cisco
Datacenter Design Guide UNIQUE Panduit-Cisco
 
Data Center Server Rack Strategies
Data Center Server Rack StrategiesData Center Server Rack Strategies
Data Center Server Rack Strategies
 
Presentation cisco data center security deep dive
Presentation   cisco data center security deep divePresentation   cisco data center security deep dive
Presentation cisco data center security deep dive
 
Cisco Presentation
Cisco PresentationCisco Presentation
Cisco Presentation
 
Cisco data center support
Cisco data center supportCisco data center support
Cisco data center support
 
Presentation dc design for small and mid-size data center
Presentation   dc design for small and mid-size data centerPresentation   dc design for small and mid-size data center
Presentation dc design for small and mid-size data center
 
Cisco & VMware Products & Services as of Nov 23, 08
Cisco & VMware Products & Services as of  Nov 23, 08Cisco & VMware Products & Services as of  Nov 23, 08
Cisco & VMware Products & Services as of Nov 23, 08
 
Basic Proposal Writing, PTAC
Basic Proposal Writing, PTACBasic Proposal Writing, PTAC
Basic Proposal Writing, PTAC
 
Health Center Proposal
Health Center ProposalHealth Center Proposal
Health Center Proposal
 
MetaFabric™ Architecture Virtualized Data Center: Design and Implementation G...
MetaFabric™ Architecture Virtualized Data Center: Design and Implementation G...MetaFabric™ Architecture Virtualized Data Center: Design and Implementation G...
MetaFabric™ Architecture Virtualized Data Center: Design and Implementation G...
 

Similaire à Executive Presentation on adhering to Healthcare Industry compliance

Hipaa privacy and security 03192014
Hipaa privacy and security 03192014Hipaa privacy and security 03192014
Hipaa privacy and security 03192014Samantha Haas
 
Health care compliance webinar may 10 2017
Health care compliance webinar may 10 2017Health care compliance webinar may 10 2017
Health care compliance webinar may 10 2017Kimberly Simon MBA
 
HealthCare Compliance - HIPAA and HITRUST
HealthCare Compliance - HIPAA and HITRUSTHealthCare Compliance - HIPAA and HITRUST
HealthCare Compliance - HIPAA and HITRUSTKimberly Simon MBA
 
The Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceThe Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceJim Anfield
 
HIPAA Panel Discussion
HIPAA Panel Discussion HIPAA Panel Discussion
HIPAA Panel Discussion Dan Wellisch
 
HIPAA Violations and Penalties power point
HIPAA Violations and Penalties power pointHIPAA Violations and Penalties power point
HIPAA Violations and Penalties power pointDeena Fetrow
 
HealthCare Compliance - HIPAA & HITRUST
HealthCare Compliance - HIPAA & HITRUSTHealthCare Compliance - HIPAA & HITRUST
HealthCare Compliance - HIPAA & HITRUSTKimberly Simon MBA
 
Implementing EHR in Behavioral Health Blog Post
Implementing EHR in Behavioral Health Blog PostImplementing EHR in Behavioral Health Blog Post
Implementing EHR in Behavioral Health Blog PostJeff Brevik, PMP
 
BioIT World 2011 eHealth
BioIT World 2011 eHealthBioIT World 2011 eHealth
BioIT World 2011 eHealthChris Waller
 
HIPAA/HITECH Requirements for FQHCs and the New Omnibus Rule
HIPAA/HITECH Requirements for FQHCs and the New Omnibus RuleHIPAA/HITECH Requirements for FQHCs and the New Omnibus Rule
HIPAA/HITECH Requirements for FQHCs and the New Omnibus RuleMichigan Primary Care Association
 
Becoming HITECH - 9/2009
Becoming HITECH - 9/2009Becoming HITECH - 9/2009
Becoming HITECH - 9/2009rogersons
 
Electronic Health Records Protecting Assets With A Solid Security Plan Wp101207
Electronic Health Records Protecting Assets With A Solid Security Plan Wp101207Electronic Health Records Protecting Assets With A Solid Security Plan Wp101207
Electronic Health Records Protecting Assets With A Solid Security Plan Wp101207Erik Ginalick
 
Regulating Healthcare - Lecture D
Regulating Healthcare - Lecture DRegulating Healthcare - Lecture D
Regulating Healthcare - Lecture DCMDLearning
 
Mobile Health Symposium #HIMSS15 Session Mh5
Mobile Health Symposium #HIMSS15 Session Mh5Mobile Health Symposium #HIMSS15 Session Mh5
Mobile Health Symposium #HIMSS15 Session Mh53GDR
 
Hitech changes-to-hipaa
Hitech changes-to-hipaaHitech changes-to-hipaa
Hitech changes-to-hipaageeksikh
 
AN20230811-3.pptx
AN20230811-3.pptxAN20230811-3.pptx
AN20230811-3.pptxHabibuKumar
 

Similaire à Executive Presentation on adhering to Healthcare Industry compliance (20)

Hipaa privacy and security 03192014
Hipaa privacy and security 03192014Hipaa privacy and security 03192014
Hipaa privacy and security 03192014
 
Health care compliance webinar may 10 2017
Health care compliance webinar may 10 2017Health care compliance webinar may 10 2017
Health care compliance webinar may 10 2017
 
HealthCare Compliance - HIPAA and HITRUST
HealthCare Compliance - HIPAA and HITRUSTHealthCare Compliance - HIPAA and HITRUST
HealthCare Compliance - HIPAA and HITRUST
 
The Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceThe Startup Path to HIPAA Compliance
The Startup Path to HIPAA Compliance
 
HIPAA Panel Discussion
HIPAA Panel Discussion HIPAA Panel Discussion
HIPAA Panel Discussion
 
HIPAA Violations and Penalties power point
HIPAA Violations and Penalties power pointHIPAA Violations and Penalties power point
HIPAA Violations and Penalties power point
 
HealthCare Compliance - HIPAA & HITRUST
HealthCare Compliance - HIPAA & HITRUSTHealthCare Compliance - HIPAA & HITRUST
HealthCare Compliance - HIPAA & HITRUST
 
Healthcare and Cyber security
Healthcare and Cyber securityHealthcare and Cyber security
Healthcare and Cyber security
 
How good we are in adhering HIPAA rules
How good we are in adhering HIPAA rulesHow good we are in adhering HIPAA rules
How good we are in adhering HIPAA rules
 
Implementing EHR in Behavioral Health Blog Post
Implementing EHR in Behavioral Health Blog PostImplementing EHR in Behavioral Health Blog Post
Implementing EHR in Behavioral Health Blog Post
 
BioIT World 2011 eHealth
BioIT World 2011 eHealthBioIT World 2011 eHealth
BioIT World 2011 eHealth
 
Chapter 9
Chapter 9Chapter 9
Chapter 9
 
HIPAA/HITECH Requirements for FQHCs and the New Omnibus Rule
HIPAA/HITECH Requirements for FQHCs and the New Omnibus RuleHIPAA/HITECH Requirements for FQHCs and the New Omnibus Rule
HIPAA/HITECH Requirements for FQHCs and the New Omnibus Rule
 
Becoming HITECH - 9/2009
Becoming HITECH - 9/2009Becoming HITECH - 9/2009
Becoming HITECH - 9/2009
 
Electronic Health Records Protecting Assets With A Solid Security Plan Wp101207
Electronic Health Records Protecting Assets With A Solid Security Plan Wp101207Electronic Health Records Protecting Assets With A Solid Security Plan Wp101207
Electronic Health Records Protecting Assets With A Solid Security Plan Wp101207
 
Regulating Healthcare - Lecture D
Regulating Healthcare - Lecture DRegulating Healthcare - Lecture D
Regulating Healthcare - Lecture D
 
Mobile Health Symposium #HIMSS15 Session Mh5
Mobile Health Symposium #HIMSS15 Session Mh5Mobile Health Symposium #HIMSS15 Session Mh5
Mobile Health Symposium #HIMSS15 Session Mh5
 
HIPAA
HIPAAHIPAA
HIPAA
 
Hitech changes-to-hipaa
Hitech changes-to-hipaaHitech changes-to-hipaa
Hitech changes-to-hipaa
 
AN20230811-3.pptx
AN20230811-3.pptxAN20230811-3.pptx
AN20230811-3.pptx
 

Plus de Thomas Bronack

Personnel Productivity System - Exec Pres
Personnel Productivity System - Exec PresPersonnel Productivity System - Exec Pres
Personnel Productivity System - Exec PresThomas Bronack
 
Utilizing Dashboards to improve efficiency
Utilizing Dashboards to improve efficiencyUtilizing Dashboards to improve efficiency
Utilizing Dashboards to improve efficiencyThomas Bronack
 
Optimizing the it and business environment through dashboards
Optimizing the it and business environment through dashboardsOptimizing the it and business environment through dashboards
Optimizing the it and business environment through dashboardsThomas Bronack
 
Dcag training on VMware DR Process
Dcag training on VMware DR ProcessDcag training on VMware DR Process
Dcag training on VMware DR ProcessThomas Bronack
 
Achieving enterprise resiliency and corporate certification through the use o...
Achieving enterprise resiliency and corporate certification through the use o...Achieving enterprise resiliency and corporate certification through the use o...
Achieving enterprise resiliency and corporate certification through the use o...Thomas Bronack
 
Enterprise resiliency and world-wide compliance, in-depth article.
Enterprise resiliency and world-wide compliance, in-depth article.Enterprise resiliency and world-wide compliance, in-depth article.
Enterprise resiliency and world-wide compliance, in-depth article.Thomas Bronack
 
Optimizing the IT and Business Environment
Optimizing the IT and Business EnvironmentOptimizing the IT and Business Environment
Optimizing the IT and Business EnvironmentThomas Bronack
 
Dcag service optimization offering01
Dcag service optimization offering01Dcag service optimization offering01
Dcag service optimization offering01Thomas Bronack
 
Recovery and Compliance Services provided by Tom Bronack
Recovery and Compliance Services provided by Tom BronackRecovery and Compliance Services provided by Tom Bronack
Recovery and Compliance Services provided by Tom BronackThomas Bronack
 
Auditing contingency Plans
Auditing contingency PlansAuditing contingency Plans
Auditing contingency PlansThomas Bronack
 
Equipment Redeployment and Termination Procedures
Equipment Redeployment and Termination ProceduresEquipment Redeployment and Termination Procedures
Equipment Redeployment and Termination ProceduresThomas Bronack
 
Article on Emergency Management and Corporate Certification
Article on Emergency Management and Corporate CertificationArticle on Emergency Management and Corporate Certification
Article on Emergency Management and Corporate CertificationThomas Bronack
 
Smaller Presentation on Enterprise Resiliency and Corporate Certification
Smaller Presentation on Enterprise Resiliency and Corporate CertificationSmaller Presentation on Enterprise Resiliency and Corporate Certification
Smaller Presentation on Enterprise Resiliency and Corporate CertificationThomas Bronack
 
Exec Presentation on Achieving Enterprise Resiliency and Corporate Certification
Exec Presentation on Achieving Enterprise Resiliency and Corporate CertificationExec Presentation on Achieving Enterprise Resiliency and Corporate Certification
Exec Presentation on Achieving Enterprise Resiliency and Corporate CertificationThomas Bronack
 
Personnel Productivity System - Updated 6-6-2013
Personnel Productivity System - Updated 6-6-2013Personnel Productivity System - Updated 6-6-2013
Personnel Productivity System - Updated 6-6-2013Thomas Bronack
 
Achieving Enterprise Resiliency and Corporate Certification
Achieving Enterprise Resiliency and Corporate CertificationAchieving Enterprise Resiliency and Corporate Certification
Achieving Enterprise Resiliency and Corporate CertificationThomas Bronack
 
Asset Management (Acquisition, Redeployment, and Termination)(
Asset Management (Acquisition, Redeployment, and Termination)(Asset Management (Acquisition, Redeployment, and Termination)(
Asset Management (Acquisition, Redeployment, and Termination)(Thomas Bronack
 
Application migration guideline document
Application migration guideline documentApplication migration guideline document
Application migration guideline documentThomas Bronack
 
Tape vaulting audit and encryption usage analysis
Tape vaulting audit and encryption usage analysisTape vaulting audit and encryption usage analysis
Tape vaulting audit and encryption usage analysisThomas Bronack
 
Achieving Enterprise Resiliency and Corporate Certification
Achieving Enterprise Resiliency and Corporate CertificationAchieving Enterprise Resiliency and Corporate Certification
Achieving Enterprise Resiliency and Corporate CertificationThomas Bronack
 

Plus de Thomas Bronack (20)

Personnel Productivity System - Exec Pres
Personnel Productivity System - Exec PresPersonnel Productivity System - Exec Pres
Personnel Productivity System - Exec Pres
 
Utilizing Dashboards to improve efficiency
Utilizing Dashboards to improve efficiencyUtilizing Dashboards to improve efficiency
Utilizing Dashboards to improve efficiency
 
Optimizing the it and business environment through dashboards
Optimizing the it and business environment through dashboardsOptimizing the it and business environment through dashboards
Optimizing the it and business environment through dashboards
 
Dcag training on VMware DR Process
Dcag training on VMware DR ProcessDcag training on VMware DR Process
Dcag training on VMware DR Process
 
Achieving enterprise resiliency and corporate certification through the use o...
Achieving enterprise resiliency and corporate certification through the use o...Achieving enterprise resiliency and corporate certification through the use o...
Achieving enterprise resiliency and corporate certification through the use o...
 
Enterprise resiliency and world-wide compliance, in-depth article.
Enterprise resiliency and world-wide compliance, in-depth article.Enterprise resiliency and world-wide compliance, in-depth article.
Enterprise resiliency and world-wide compliance, in-depth article.
 
Optimizing the IT and Business Environment
Optimizing the IT and Business EnvironmentOptimizing the IT and Business Environment
Optimizing the IT and Business Environment
 
Dcag service optimization offering01
Dcag service optimization offering01Dcag service optimization offering01
Dcag service optimization offering01
 
Recovery and Compliance Services provided by Tom Bronack
Recovery and Compliance Services provided by Tom BronackRecovery and Compliance Services provided by Tom Bronack
Recovery and Compliance Services provided by Tom Bronack
 
Auditing contingency Plans
Auditing contingency PlansAuditing contingency Plans
Auditing contingency Plans
 
Equipment Redeployment and Termination Procedures
Equipment Redeployment and Termination ProceduresEquipment Redeployment and Termination Procedures
Equipment Redeployment and Termination Procedures
 
Article on Emergency Management and Corporate Certification
Article on Emergency Management and Corporate CertificationArticle on Emergency Management and Corporate Certification
Article on Emergency Management and Corporate Certification
 
Smaller Presentation on Enterprise Resiliency and Corporate Certification
Smaller Presentation on Enterprise Resiliency and Corporate CertificationSmaller Presentation on Enterprise Resiliency and Corporate Certification
Smaller Presentation on Enterprise Resiliency and Corporate Certification
 
Exec Presentation on Achieving Enterprise Resiliency and Corporate Certification
Exec Presentation on Achieving Enterprise Resiliency and Corporate CertificationExec Presentation on Achieving Enterprise Resiliency and Corporate Certification
Exec Presentation on Achieving Enterprise Resiliency and Corporate Certification
 
Personnel Productivity System - Updated 6-6-2013
Personnel Productivity System - Updated 6-6-2013Personnel Productivity System - Updated 6-6-2013
Personnel Productivity System - Updated 6-6-2013
 
Achieving Enterprise Resiliency and Corporate Certification
Achieving Enterprise Resiliency and Corporate CertificationAchieving Enterprise Resiliency and Corporate Certification
Achieving Enterprise Resiliency and Corporate Certification
 
Asset Management (Acquisition, Redeployment, and Termination)(
Asset Management (Acquisition, Redeployment, and Termination)(Asset Management (Acquisition, Redeployment, and Termination)(
Asset Management (Acquisition, Redeployment, and Termination)(
 
Application migration guideline document
Application migration guideline documentApplication migration guideline document
Application migration guideline document
 
Tape vaulting audit and encryption usage analysis
Tape vaulting audit and encryption usage analysisTape vaulting audit and encryption usage analysis
Tape vaulting audit and encryption usage analysis
 
Achieving Enterprise Resiliency and Corporate Certification
Achieving Enterprise Resiliency and Corporate CertificationAchieving Enterprise Resiliency and Corporate Certification
Achieving Enterprise Resiliency and Corporate Certification
 

Dernier

Male Infertility Panel Discussion by Dr Sujoy Dasgupta
Male Infertility Panel Discussion by Dr Sujoy DasguptaMale Infertility Panel Discussion by Dr Sujoy Dasgupta
Male Infertility Panel Discussion by Dr Sujoy DasguptaSujoy Dasgupta
 
Pregnacny, Parturition, and Lactation.pdf
Pregnacny, Parturition, and Lactation.pdfPregnacny, Parturition, and Lactation.pdf
Pregnacny, Parturition, and Lactation.pdfMedicoseAcademics
 
The Importance of Mental Health: Why is Mental Health Important?
The Importance of Mental Health: Why is Mental Health Important?The Importance of Mental Health: Why is Mental Health Important?
The Importance of Mental Health: Why is Mental Health Important?Ryan Addison
 
Clinical Research Informatics Year-in-Review 2024
Clinical Research Informatics Year-in-Review 2024Clinical Research Informatics Year-in-Review 2024
Clinical Research Informatics Year-in-Review 2024Peter Embi
 
AUTONOMIC NERVOUS SYSTEM organization and functions
AUTONOMIC NERVOUS SYSTEM organization and functionsAUTONOMIC NERVOUS SYSTEM organization and functions
AUTONOMIC NERVOUS SYSTEM organization and functionsMedicoseAcademics
 
MedMatch: Your Health, Our Mission. Pitch deck.
MedMatch: Your Health, Our Mission. Pitch deck.MedMatch: Your Health, Our Mission. Pitch deck.
MedMatch: Your Health, Our Mission. Pitch deck.whalesdesign
 
"Radical excision of DIE in subferile women with deep infiltrating endometrio...
"Radical excision of DIE in subferile women with deep infiltrating endometrio..."Radical excision of DIE in subferile women with deep infiltrating endometrio...
"Radical excision of DIE in subferile women with deep infiltrating endometrio...Sujoy Dasgupta
 
Neurological history taking (2024) .
Neurological  history  taking  (2024)  .Neurological  history  taking  (2024)  .
Neurological history taking (2024) .Mohamed Rizk Khodair
 
Unit I herbs as raw materials, biodynamic agriculture.ppt
Unit I herbs as raw materials, biodynamic agriculture.pptUnit I herbs as raw materials, biodynamic agriculture.ppt
Unit I herbs as raw materials, biodynamic agriculture.pptPradnya Wadekar
 
Moving Forward After Uterine Cancer Treatment: Surveillance Strategies, Testi...
Moving Forward After Uterine Cancer Treatment: Surveillance Strategies, Testi...Moving Forward After Uterine Cancer Treatment: Surveillance Strategies, Testi...
Moving Forward After Uterine Cancer Treatment: Surveillance Strategies, Testi...bkling
 
Microbiology lecture presentation-1.pptx
Microbiology lecture presentation-1.pptxMicrobiology lecture presentation-1.pptx
Microbiology lecture presentation-1.pptxkitati1
 
Male Infertility, Antioxidants and Beyond
Male Infertility, Antioxidants and BeyondMale Infertility, Antioxidants and Beyond
Male Infertility, Antioxidants and BeyondSujoy Dasgupta
 
historyofpsychiatryinindia. Senthil Thirusangu
historyofpsychiatryinindia. Senthil Thirusanguhistoryofpsychiatryinindia. Senthil Thirusangu
historyofpsychiatryinindia. Senthil Thirusangu Medical University
 
Generative AI in Health Care a scoping review and a persoanl experience.
Generative AI in Health Care a scoping review and a persoanl experience.Generative AI in Health Care a scoping review and a persoanl experience.
Generative AI in Health Care a scoping review and a persoanl experience.Vaikunthan Rajaratnam
 
BENIGN BREAST DISEASE
BENIGN BREAST DISEASE BENIGN BREAST DISEASE
BENIGN BREAST DISEASE Mamatha Lakka
 
World-TB-Day-2023_Presentation_English.pptx
World-TB-Day-2023_Presentation_English.pptxWorld-TB-Day-2023_Presentation_English.pptx
World-TB-Day-2023_Presentation_English.pptxsumanchaulagain3
 
SGK RỐI LOẠN KALI MÁU CỰC KỲ QUAN TRỌNG.pdf
SGK RỐI LOẠN KALI MÁU CỰC KỲ QUAN TRỌNG.pdfSGK RỐI LOẠN KALI MÁU CỰC KỲ QUAN TRỌNG.pdf
SGK RỐI LOẠN KALI MÁU CỰC KỲ QUAN TRỌNG.pdfHongBiThi1
 
Bulimia nervosa ( Eating Disorders) Mental Health Nursing.
Bulimia nervosa ( Eating Disorders) Mental Health Nursing.Bulimia nervosa ( Eating Disorders) Mental Health Nursing.
Bulimia nervosa ( Eating Disorders) Mental Health Nursing.aarjukhadka22
 
Red Blood Cells_anemia & polycythemia.pdf
Red Blood Cells_anemia & polycythemia.pdfRed Blood Cells_anemia & polycythemia.pdf
Red Blood Cells_anemia & polycythemia.pdfMedicoseAcademics
 
ayurvedic formulations herbal drug technologyppt
ayurvedic formulations herbal drug technologypptayurvedic formulations herbal drug technologyppt
ayurvedic formulations herbal drug technologypptPradnya Wadekar
 

Dernier (20)

Male Infertility Panel Discussion by Dr Sujoy Dasgupta
Male Infertility Panel Discussion by Dr Sujoy DasguptaMale Infertility Panel Discussion by Dr Sujoy Dasgupta
Male Infertility Panel Discussion by Dr Sujoy Dasgupta
 
Pregnacny, Parturition, and Lactation.pdf
Pregnacny, Parturition, and Lactation.pdfPregnacny, Parturition, and Lactation.pdf
Pregnacny, Parturition, and Lactation.pdf
 
The Importance of Mental Health: Why is Mental Health Important?
The Importance of Mental Health: Why is Mental Health Important?The Importance of Mental Health: Why is Mental Health Important?
The Importance of Mental Health: Why is Mental Health Important?
 
Clinical Research Informatics Year-in-Review 2024
Clinical Research Informatics Year-in-Review 2024Clinical Research Informatics Year-in-Review 2024
Clinical Research Informatics Year-in-Review 2024
 
AUTONOMIC NERVOUS SYSTEM organization and functions
AUTONOMIC NERVOUS SYSTEM organization and functionsAUTONOMIC NERVOUS SYSTEM organization and functions
AUTONOMIC NERVOUS SYSTEM organization and functions
 
MedMatch: Your Health, Our Mission. Pitch deck.
MedMatch: Your Health, Our Mission. Pitch deck.MedMatch: Your Health, Our Mission. Pitch deck.
MedMatch: Your Health, Our Mission. Pitch deck.
 
"Radical excision of DIE in subferile women with deep infiltrating endometrio...
"Radical excision of DIE in subferile women with deep infiltrating endometrio..."Radical excision of DIE in subferile women with deep infiltrating endometrio...
"Radical excision of DIE in subferile women with deep infiltrating endometrio...
 
Neurological history taking (2024) .
Neurological  history  taking  (2024)  .Neurological  history  taking  (2024)  .
Neurological history taking (2024) .
 
Unit I herbs as raw materials, biodynamic agriculture.ppt
Unit I herbs as raw materials, biodynamic agriculture.pptUnit I herbs as raw materials, biodynamic agriculture.ppt
Unit I herbs as raw materials, biodynamic agriculture.ppt
 
Moving Forward After Uterine Cancer Treatment: Surveillance Strategies, Testi...
Moving Forward After Uterine Cancer Treatment: Surveillance Strategies, Testi...Moving Forward After Uterine Cancer Treatment: Surveillance Strategies, Testi...
Moving Forward After Uterine Cancer Treatment: Surveillance Strategies, Testi...
 
Microbiology lecture presentation-1.pptx
Microbiology lecture presentation-1.pptxMicrobiology lecture presentation-1.pptx
Microbiology lecture presentation-1.pptx
 
Male Infertility, Antioxidants and Beyond
Male Infertility, Antioxidants and BeyondMale Infertility, Antioxidants and Beyond
Male Infertility, Antioxidants and Beyond
 
historyofpsychiatryinindia. Senthil Thirusangu
historyofpsychiatryinindia. Senthil Thirusanguhistoryofpsychiatryinindia. Senthil Thirusangu
historyofpsychiatryinindia. Senthil Thirusangu
 
Generative AI in Health Care a scoping review and a persoanl experience.
Generative AI in Health Care a scoping review and a persoanl experience.Generative AI in Health Care a scoping review and a persoanl experience.
Generative AI in Health Care a scoping review and a persoanl experience.
 
BENIGN BREAST DISEASE
BENIGN BREAST DISEASE BENIGN BREAST DISEASE
BENIGN BREAST DISEASE
 
World-TB-Day-2023_Presentation_English.pptx
World-TB-Day-2023_Presentation_English.pptxWorld-TB-Day-2023_Presentation_English.pptx
World-TB-Day-2023_Presentation_English.pptx
 
SGK RỐI LOẠN KALI MÁU CỰC KỲ QUAN TRỌNG.pdf
SGK RỐI LOẠN KALI MÁU CỰC KỲ QUAN TRỌNG.pdfSGK RỐI LOẠN KALI MÁU CỰC KỲ QUAN TRỌNG.pdf
SGK RỐI LOẠN KALI MÁU CỰC KỲ QUAN TRỌNG.pdf
 
Bulimia nervosa ( Eating Disorders) Mental Health Nursing.
Bulimia nervosa ( Eating Disorders) Mental Health Nursing.Bulimia nervosa ( Eating Disorders) Mental Health Nursing.
Bulimia nervosa ( Eating Disorders) Mental Health Nursing.
 
Red Blood Cells_anemia & polycythemia.pdf
Red Blood Cells_anemia & polycythemia.pdfRed Blood Cells_anemia & polycythemia.pdf
Red Blood Cells_anemia & polycythemia.pdf
 
ayurvedic formulations herbal drug technologyppt
ayurvedic formulations herbal drug technologypptayurvedic formulations herbal drug technologyppt
ayurvedic formulations herbal drug technologyppt
 

Executive Presentation on adhering to Healthcare Industry compliance

  • 1. Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13 Healthcare Provider Proposal Page: 1 Adhering to Healthcare Industry Regulations Proposal to Healthcare Providers on: Adherence to Regulatory Requirements, Workplace Security and Threat Elimination, Workplace Violence Prevention, and Workflow Management. Proposed by: Thomas Bronack, President Data Center Assistance Group, Inc. 15180 20th Avenue Whitestone, New York 11357 Email: bronackt@dcag.com Cell Phone: (917) 673-6992 Audience Includes: • Hospitals, Clinics, Doctors Offices; and • Business Associates providing services to Healthcare Organizations.
  • 2. Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13 Healthcare Provider Proposal Page: 2 Adhering to Healthcare Industry Regulations Purpose of Presentation and Deliverables that can be achieved • Define healthcare industry New and Existing Compliance Regulations; • Discuss New Patient Freedoms related to patient information sharing; • Show how “Joint Commission Accrediting Healthcare Organization” (JCAHO) certification can be achieved and why it is a benefit; • Suggest methods to perform Risk Management, Auditing, and Incident Reporting; • Demonstrate how better utilization of Information Technology, Data Management, and Access Controls can create a safeguarded and efficient environment; • Determine Security and Emergency Response Planning needed to protect the Workplace, safeguard Patients Rights, and comply with regulatory requirements; • Creating project plan / road map to Implement Physical and Data Security; • Assist in the development and Implementation of Emergency Response Plans; • Document new Standards and Procedures needed to better protect patients, achieve a safeguarded environment, and improve efficiency; • Provide Employee Awareness and Training; and, • Provide Integration, Support, and Maintenance going forward.
  • 3. Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13 Healthcare Provider Proposal Page: 3 Adhering to Healthcare Industry Regulations Audience and Compliance Requirements Healthcare Industry Patient Security & Safety New Patient Freedoms Workplace Protection Penalties and Financial Losses Training and Awareness Risk Management Response Identification and Planning • Hospitals; Clinics; Doctors Offices; and, • Business Associates and Sub-Contractors. • HIPAA; HITECH; ePHI; and Final Omnibus Rule. • “Meaningful Use” reimbursement for electronic data ($40-60K) • Ability to have records transferred by request of patient or their authorized representative (Record Sharing). • Responsible for protecting employees, patients, and visitors; • OSHA, DHS, OEM, and NFPA 1600; • Workplace Violence Prevention; • Workplace Physical Security and Evidence Capturing; and, • Ability to evacuate patients in Emergency Mode. • Criminal and Civil penalties; fines up to $1.5 million per occurrence taking effect 9/23/2013. • Staff must be aware of requirements and trained on how to respond to a wide-range of disaster events. • Identification of Risks and potential Disaster Event obstacles. • Mitigate Gaps and Exceptions; Mediate obstacles blocking the ability to respond to Disaster events; insure the ability to respond to encountered incidents; have the ability to provide a safeguarded environment capable of providing enhanced protections and efficiency while achieving compliance. Integrate within the everyday functions and environment.
  • 4. Healthcare Provider Proposal Page: 4 Adhering to Healthcare Industry Regulations Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13 • Physical (Guards, CCTV, Card Keys, etc.) and Data Security Service Providers; • IT Equipment, Software, Consulting, and Support Vendors; • Lawyers, Accountants, and Auditors; • Leasing firms and other financial providers; • Telephone and Communications Vendors; • Shredding Vendors, Waste Disposal, and Transportation; • Primary and Secondary Data Centers; • Cloud Computing and Virtualization Service Providers; • Answering Services for Medical Offices; • Medical Billing Services; • Medical Transcriptions Services; • Medical Collection Agencies; and, • Cleaning, Disposal, and internal Service staff. The best protection is to perform a Risk Analysis to determine regulatory gaps and exceptions that must be mitigated, along with impeding obstacles that must be mediated. Then implement controls and procedures to create a safeguarded and compliant environment. Who is effected by these changes? Business Associates and Contractors including:
  • 5. Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13 Healthcare Provider Proposal Page: 5 Adhering to Healthcare Industry Regulations History and purpose of HIPAA rules and regulations, from original to current updates. • 1996 - Initially HIPAA was introduced to improve efficiency and effectiveness of the U.S. Healthcare System through guidelines and regulatory requirements. • 2/2009 – (HITECH) Health Information Technology for Economic and Clinical Health Act was introduced as part of the American Recovery and Reinvestment Act covering health records from paper based through all types of current and future electronic health records. • 1/25/2013 – The Final Omnibus Rule was published by the Federal Register to include more stringent privacy and security protection for patients (to be en-acted 9/23/13). • Rule also increased sanctions and penalties for failure to comply, including the right of States Attorneys General to bring lawsuits on behalf of private individuals for breach of the Privacy Rule. • The Security Rule concentrates on electronic media and electronic Personal Health Information (ePHI) covering paper, oral, and electronic media. • Although HITECH has been enforceable since 2/2010 many organizations have failed to take action to fully comply, thereby risking penalties, financial loss, patient services, and reputational loss that could damage the ability to continue serving the public’s medical needs. • HIPAA was developed to improve the education of hospital and medical record keepers on the rules and regulations that must be followed to safeguard patients. • The Final Omnibus Rule and Federal Registry provide a more detailed explanation of these safeguards and how best to protect the rights and privacy of patients.
  • 6. Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13 Healthcare Provider Proposal Page: 6 Adhering to Healthcare Industry Regulations HIPAA Contingency Planning and Security Guidelines (newly updated) Administrative Safeguards include: • Security Management Process (for People, Physical Environments and Data); • Assigned Security Responsibility (Management through all levels of Personnel); • Workforce Security (Procedures governing personnel Screening through Termination); • Information Access Management (Data Sensitivity, Access Controls, Backup / Recovery, etc.) • Security Awareness and Training; • Security Incident Procedures (from identification through “Root Cause” analysis, resolution; Logging, Tracking, Reporting, and Repository Maintenance); • Contingency Plan (Disaster, Business, Emergency, and Crisis Management Responses); • Evaluation (Risk Analysis and Periodic Reviews, with Attestation by Executive Management); and, • Business Associate Contact and Other Arrangements (from definition to accreditation). Physical Safeguards include: • Facility Access Controls (Physical Security to produce a safe workplace); • Workstation Use; • Workstation Security; and, • Device and Media Controls. Technical Safeguards include: • Access Controls (Data Security and elimination of Data Corruption); • Audit Controls; • Integrity; • Person and Entity Authentications (User Entitlements); and, • Transmission Security (Local and Remote / Encryption).
  • 7. Violation Category Section 1176 (a) (1): A. Did Not Know B. Reasonable Cause C. 1. – Willful Neglect – Corrected C. 2. – Willful Neglect – Not Corrected Each Violation: $100 to Max of $5,000 $1,000 to Max of $50,000 $10,000 to Max of $50,000 $50,000 All such Violations of an identical provision in a calendar year: $1,500,000 $1,500,000 $1,500,000 $1,500,000 Penalties for non-Compliance CATEGORIES OF VIOLATIONS AND RESPECTIVE PENALTY AMOUNTS AVAILABLE As you can see, penalties and loss of reputation can grow rapidly through repeated violations Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13 Healthcare Provider Proposal Page: 7 Adhering to Healthcare Industry Regulations
  • 8. Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13 Healthcare Provider Proposal Page: 8 Adhering to Healthcare Industry Regulations Steps that lead to Achieving presentation Goals and Objectives • Perform a Risk Assessment, conduct a Physical / Data Security evaluation, and review Emergency Response Plans regarding compliance issues; • Conduct a Workflow Analysis; • Define Gaps, Exceptions, and Obstacles that must be Mitigated and Mediated; • Establish Direction / Project Plan to resolve issues and gain approval; • Implement Mitigations and Mediations, including: Compliance, Controls, Emergency Response Plans, and Incident Management procedures; • Provide Awareness and Training to employees and business associates; • Achieve compliance to HIPAA, ePHI, HITECH, and Final Omnibus Rule; • Achieve JCAHO certification, leading to improved business and profitability; and, • Provide Implementation, Support, and Maintenance going forward.
  • 9. Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13 Healthcare Provider Proposal Page: 9 Adhering to Healthcare Industry Regulations HIPAA Five Step Circle of Compliance Global Tracking: - Incidents Mediation; - Gaps & Exception Mitigation; - Training; - Authorizations and Disclosures; - Document Repository. Reporting and Visualization: - Audit Reports; - Tracking Reports; - Dashboard View; - Change Management. Compliance Management Tools: - Easy to Use (like MS Office based); - Regulation Look-Up; - Enterprise Level Access; - Third Party Data Integration. Account Management: - Member Management; - Vendor Management; - Business Associate; and, - Management and Technical Reporting. Auditing and Remediation: - Gap and Obstacle Collection; - Reported Problems & Incidents; - Remediation and Mitigation; - Audit Workflow Definition; - Audit Workflow Optimization.
  • 10. Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13 Healthcare Provider Proposal Page: 10 Adhering to Healthcare Industry Regulations Accounts: • Members (Staff and Affiliates); • Vendors and Business Associates: and, • Vendor Questionnaire Design and Completion. Auditing: • Audit Questionnaire; * Incidents; • Gaps and Exceptions; * Obstacles; and, • Remediation Planning and Execution. Tracking: • Training Sessions; • Authorization and Disclosures; • Document Manager (Version Control); and, • Employee Policy / Procedure Viewer. Reporting: • Gap & Exception Analysis; * Remediation Summary; • Questionnaire Results; * Incident Summary; • Training History; * Authorization Summary; • Disclosure Summary; * Member Breakdown; • Vendor Breakdown; and, * Employee Policy / Procedure Crosswalk. Administration: • Preferences; * Update Password; • Guard Users; * Custom Mandates; • Custom Regulations; * Custom Questions. Technical Glossary: • Technical Glossary; * Change Facilities; • Status Alerts; * Help; • Support; and * Logout. Healthcare Industry Workflow Management System Goals RDBMS Programs Data
  • 11. 3. Service Transition • Change Management (Problems & Enhancements) • Project Management (Transition Planning and Support) • Release and Deployment Management (V & R Mgmt.) • Service Validation and Testing • Application Development and Customization • Service Asset and Configuration Management • Knowledge Management (Training & Awareness) 4. Service Operation • Event Management • Incident Management • Request Fulfillment • Access Management • Problem Management • IT Operations Management • Facilities Management 1. Service Strategy • Service Portfolio Management (available Services and Products) • Financial Management (PO, WO, A/R, A/P, G/L, Taxes, and Treasury) 2. Service Design • Service Catalogue Management • Service Level Management (SLA / SLR) • Risk Management (CERT / COSO) • Capacity / Performance Management • Availability Management (SLA / SLR) • IT Service Continuity Management (BCM) • Information Security Management (ISMS) • Compliance Management (Regulatory) • Architecture Management (AMS, CFM) • Supplier Management (Supply Chain) ITIL Available Modules ITIL Five Phase approach to IT Service Support 1. Service Strategy, 2. Service Design, 3. Service Transition, 4. Service Operation, and 5. Continual Service Improvement. Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13 Healthcare Provider Proposal Page: 11 Adhering to Healthcare Industry Regulations Example of existing Workflow Management System ITIL stands for: Information Technology Information Library
  • 12. Workflow Management / Training System Interfaces & Flow Work Request Workflow Analysis & Training System Analyze Workload and Type of Work Log, Assign And Track Work Workload Too High ? New Work / Tool ? Prioritize Work on “To-do” List (Date & Priority) Move Work To Designated Worker Automated Personnel System Automated Training System Completion & movement to last worker Audit Trail Analyze and Report Close Request New Tool, New Staff, New Procedure Staff Request Volume Workload Measurement Workload levels can accept new work, without personnel change. Y Y N N Newly Recruited Personnel Newly Trained Personnel Reports Audit Log Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13 Healthcare Provider Proposal Page: 12 Adhering to Healthcare Industry Regulations High Low Normal (Request through fulfillment, with staffing increase and training as deemed necessary) New Staff New Training Workflow Life Cycle Workload levels can accept new work, with new personnel updates /training changes. Workflow Forms Management System
  • 13. • Create and respond to a Needs Analysis Questionnaire to define Gaps & Exposures, Obstacles, and to define deliverables, time lines, and scope. • Review current forms, workflows and controls. • Identify personnel associated with forms processing. • Redesign Forms and Workflow associated with forms, as needed. • Develop Forms Data Base System. • Implement Forms Management System functions and flows. • Create User Interface to Forms Management System. • Produce Management, Technical, and User Analysis Reports. • Document Forms Management System. • Supply Awareness and Training to staff, employees and associates. • Roll-out Forms Management System. • Support and Maintain Forms Management System going forward. Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13 Healthcare Provider Proposal Page: 13 Adhering to Healthcare Industry Regulations Workflow Management Tasks to be Performed include:
  • 14. Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13 Healthcare Provider Proposal Page: 14 Adhering to Healthcare Industry Regulations Joint Commission on Accreditation of Healthcare Organizations (JCAHO) review • JCAHO is pro-active investigator, while HIPAA is exception driven investigator; • Covers Hospitals, Nursing Homes, Office-Based Surgery Practices, Home Care Providers and Laboratories, along with their Business Associates; • Most prestigious Healthcare Industry Accreditation Organization in industry; • Certification assures patients and providers that the healthcare organization has achieved the highest standards required by the industry; • To achieve certification both healthcare organizations and their staff members must be able to demonstrate proficiency across specific job competencies and compliance issues; • Both Healthcare Organizations and their Business Associates must adhere to regulatory requirements and competencies; • JCAHO Certification will help to achieve a competitive edge, educated staff, ability to retain and recruit staff and new business; higher level of safety; and compliance.
  • 15. Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13 Healthcare Provider Proposal Page: 15 Adhering to Healthcare Industry Regulations Sitting Area Admitting Area Financing Area Finance Waiting Area Emergency Room Guards Area Sliding Door 2 4 5 3 Patient Movement to gain entrance to Emergency Room: 1. Patients enter past Guards Desk (no verification or scan); 2. Patient waits for admittance in waiting area (unsupervised); 3. Patient is Admitted and Vital Signs Taken (ID Shown); 4. Patient goes to Finance where they are Identified and insurance papers validated (first true check of identity); 5. Patient waits to be called to go to Emergency Room where they are examined by staff; and 6. Patient is admitted to hospital, or treated and sent home. Signifies where card key doors can be installed to restrict access to hospital area by unauthorized personnel (low cost solution to high cost problem) Signifies patient movement General Hospital Area Initial Area Examined Problem Analysis: • Lack of security at ER area can lead to Threat: • Identification at Entrance; • Metal Scanner or Search for weapons; • Surveillance and Cameras for evidence; • Restrictive movement of patients. • Possible Weaknesses: • Unidentified people accompanying patients; • Unrestrictive movement can lead to terrorism; • Possible threat to people and hospital reputation. • Possible Threats include: • Terrorism and Active Shooter; • Deranged People acting out; • Disgruntled personnel; and • Civil Disorder. • Possible Repercussions include: • Bombs and Guns; • Deaths and Destruction or property; • Damage to facilities causing outage of service to community; • Loss of reputation; and • Loss of business and many law suits, with potential facility closing. Card Key access requirements can restrict movement at a low cost and CCTV can provide evidence to prosecute. Initial Physical Security Review from Admittance to ER acceptance (Real World). 6 1 5 Discharged Admitted
  • 16. Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13 Healthcare Provider Proposal Page: 16 Adhering to Healthcare Industry Regulations Benefits, Savings, and New Business possibilities • Learn existing and new Healthcare Industry compliance laws and regulations; • Identifying audience that must comply to Healthcare Industry regulations; • Risk Assessment to define current gaps, exceptions, and obstacles impeding compliance; • Formulate direction plan to achieve compliance and implement a Workflow Management System that improves efficiency and better safeguards patient information and services; • Achieve Physical and Data Security requirements; • Better utilize Information Technology to achieve goals and improve efficiency; • Adhere to compliance requirements; • Update Functional Responsibilities and Job Descriptions, as needed; • Fully Document upgraded environment in Standards and Procedures Manual and Usage Guides; • Implement Awareness and Training programs, as required; • Achieve JCAHO certification; and, • Utilize compliance upgrade and JCAHO certification to advertise the healthcare organization, attract new patient and insurance business, and retain and attract personnel who have a high morale.
  • 17. Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13 Healthcare Provider Proposal Page: 17 Adhering to Healthcare Industry Regulations Estimated Costs to perform work outlined within this presentation Goals and Objectives are: • This is a “Gateway” document describing new and existing compliance requirements; • JCHAO certification based on compliance; • Obtain reimbursement via “Meaningful Use” directive for electronic data conversion; • Safeguarded and efficient environment that complies with all laws and regulations for both the healthcare organization and its associates. Tasks to be performed are: • Presentation as a teaching tool and awareness vehicle for compliance issues; • Stakeholder identification and team formulation; • Team Awareness, Education, Work Plan, Assignments, and Reporting Schedule; • Risk Assessment to define Gaps, Exceptions, and Obstacles; • Repair / Control Plan to Mitigate Gaps & Exceptions, Mediate Obstacle & Impediments; • Project Plan including deliverable’s, schedule, resources, time line, and costs; • Perform tasks needed to gain compliance certification (JCHOA Compliant); • Perform tasks to certify Associates and Supply Chain; • Integrate Workflow Management, Compliance Procedures, and Response Plans; • Develop and publish all needed documentation; • Provide Awareness and Educational Training; • Integration within everyday functions performed by personnel; and, • Provide ongoing Support and Maintenance going forward.
  • 18. Healthcare Provider Proposal Page: 18 Adhering to Healthcare Industry Regulations Thomas Bronack © Data Center Assistance Group, Inc. Release Date; 4/27/13 I look forward to working with you to achieve the goals of this proposal. Points that should be remembered include: • The CEO is responsible for producing a safeguarded and efficient environment that is in compliance with HIPAA, OSHA, NFPA 1600, and DHS regulations (at a minimum); • Specific new healthcare regulatory requirements are identified in this presentation; • “Meaningful Use” reimbursement for converting Medicare / Medicaid file to electronic data can be as high as $40 - $60K per conversion • The CEO can not delegate his responsibility, only share some responsibilities with insurance companies; • Damages from lawsuits can run into the multiple millions and over all damages can exceed billions; • Loss of reputation can result in the closing of the facility; • Damages to the community can be extensive; • Criminal and Civil charges can result in jail time and extensive monetary penalties; and • Only you can take the initiative to implement a safeguarded environment that is in compliance with all regulatory requirements, while improving productivity and personnel morale. “It is better to set the example than to be the example”. I can be reached via the following contact information: Thomas Bronack, President Data Center Assistance Group, Inc. 15180 20th Avenue Cell Phone: (917) 673-6992 Whitestone, New York 11357 Email: bronackt@dcag.com Thank you