420 Assignment 8.docx - Understanding the Future of HIS...

This preview shows page 1 - 4 out of 11 pages.

Understanding the Future of HIS Technology Understanding the Future of HIS Technology HS420-01 Kaplan University Dawn Hebbert Prof. Edgerton May 13, 2017 1
Understanding the Future of HIS Technology Part Competency Assessed Instructions 1 Awareness Make sure all employees are competent. Incorporate data security training within the context of larger employee education efforts. Create role-based training courses. Include breach detection and increase in training. Incorporate data security messages in all employee communications channels. Initiate a culture of security in the organization. Employees have insufficient knowledge of security awareness may be largest overall risk and the most difficult to resolve Involve employees in building a philosophy of security Regular and engaging security knowledge. Comprehends individual role and penalties. Situational training Social engineering assessments such as phishing, pre-text telephone calls Usage of results of training as models. Hotlines Pictorial reminders Systematic training HIPAA Requirement Remove the “it couldn’t happen to me” approach No security measure is operational if the users are reluctant or not capable to implement them. Costs 2 An effective HIE is contingent on trust linking the patient, the provider, and the HIE. In order to develop trust, HIEs must develop and incorporate policies and procedures leading their operations, including how they will preserve and secure protected health information (PHI). Regulate access to patient records to providers involved in the patient's care. Limit disclosures outside the treatment team on a case-by-case basis, as Basic elements of quality control in the managing of requests for ROI include substantiating the completeness and accuracy of the request, the authority of the requester, the identity of the patient, and the appropriateness of the information requested. Check the content. Personnel must validate that requests for information check all data required by internal policy and state and federal guidelines. With the exclusion of medical emergencies, this must contain an option for a written request for release of medical information . Check the legal authority of the requester. The patient or third party requesting information must have a legitimate standing to receive the 2
Understanding the Future of HIS Technology governed by their inclusion under the Notice of Privacy Practices or as an Authorized Disclosure under the law. Safeguard that institutional policies and practices with regard to confidentiality, security and release of information are constant with guidelines and laws. Educate healthcare personnel on confidentiality and data security guidelines, take steps to guarantee all healthcare personnel are aware of and comprehend their tasks to keep patient information confidential and secure, and enforce sanctions for violations.

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture