MIS 567 Week 5 You Decide HIPAA Privacy Planning Implementation

MIS 567 Week 5 You Decide HIPAA Privacy Planning Implementation

Barbara Silva is the CIO for Peachtree Community Hospital in Atlanta, Georgia. As the chief information officer, it has been her duty to assemble a team of healthcare information professionals to prepare for the implementation of HIPAA Privacy Rules.

How did Barbara and her team orchestrate moving forward toward HIPAA Privacy compliance? First, she established a steering committee responsible for HIPAA Privacy planning. The committee focused on three broad areas of development, including:

  • education;
  • assessment; and
  • development of policies and procedures.

The steering committee recognizes that the scope of this project is quite vast and that it encompasses many different areas of the facility. The scope involves not just hospital information systems, but the operations of many departments and manual processes. These varied items are included in the scope of assessment and are found to be the biggest challenge. Developing HIPAA compliant policies and procedures is not a one-time activity as changes are constant. Development and continuous updating will mean that this project is one that will be an ongoing effort.

Part of Peachtree Community Hospital’s key to success has been pulling together the right combination of professionals. The result is a multidisciplinary team which will include the HIM services director and the CCO (chief compliance officer).

Barbara has garnered the following information from experts in the area of HIPAA Privacy Rules who have suggested that healthcare organizations consider the following steps to become compliant:

  • Inventory the organization’s data as the first step in policy implementation.
  • Read the Federal Register information on HIPAA.
  • Focus on HIPAA as a business process issue.
  • Secure the support of top management and the active involvement and participation of staff in all affected areas.
  • Thoroughly review outside vendor contracts to ensure compliance with business associate agreements.
  • Appoint a dedicated staff to the HIPAA privacy initiative.

Preparing for HIPAA compliance will require a complex and thorough evaluation and realignment of business and operational processes.

Your Role/Assignment

You have been consulted by CIO Barbara Silva as the healthcare information systems expert. You will be working directly with the director of HIM services. As a consultant, you have vast experience with HIPAA implementations. Your expertise will be required in several areas.