HIPAA Compliance for Remote Employees - PowerPoint PPT Presentation

About This Presentation
Title:

HIPAA Compliance for Remote Employees

Description:

This webinar draws on remote work lessons learned during the pandemic to provide HIPAA compliance guidance for Covered Entities and Business Associates that continue with workforce members working remotely at least part of the time. Make it a priority to protect PHI maintained, transmitted, created, and received by staff at remote workplaces. – PowerPoint PPT presentation

Number of Views:2
Slides: 15
Provided by: confpanel5
Category:
Tags:

less

Transcript and Presenter's Notes

Title: HIPAA Compliance for Remote Employees


1
HIPAA COMPLIANCE FOR REMOTE WORKERS
PRESENTED BY PAUL R. HALES, J.D.
EDUCATIONAL WEBINAR
www.thehipaaetool.com
2
HIPAA Compliance for Remote Workers
PAUL R. HALES ATTORNEY AT LAW
Health Information HIPAA Protecting Patient
Privacy is Our Job Legal Education Not Legal
Advice AttorneyHales.com _at_hipaaetool 314-534-3534
PaulHales_at_AttorneyHales.com
www.thehipaaetool.com
3
HIPAA Compliance for Remote Workers
What Are We Going to Cover? Impact of the
Pandemic Remote Work the New Normal Why
Protecting PHI Privacy is Essential HIPAA Rules
and Remote Work Protocols Privacy Rule Security
Rule Breach Notification Rule Remote Work
Checklist Guidance Manage Risks Conclusion,
Discussion, Questions, Comments
www.thehipaaetool.com
4
HIPAA Compliance for Remote Workers
Proposed Privacy Rule Modifications Proposed
Modifications to the HIPAA Privacy Rule Proposed
Privacy Rule Modifications - Reproductive Health
Privacy January 27, 2023 Blog Updated
Changes delayed to 2024 Prepare for HIPAA Changes
Ahead February 27, 2023 HHS Announcement HHS
Announces New Divisions Within the Office for
Civil Rights to Better Address Growing Need of
Enforcement in Recent Years
www.thehipaaetool.com
5
HIPAA Compliance for Remote Workers
Only two things are needed for Medical Identity
Theft Identity of a Patient Identity of a
Provider
Identifying Information Health Care
  • The 18 Identifiers
  • Fax number
  • Email address
  • Social Security Number
  • Medical record number
  • Health Plan beneficiary
  1. Name
  2. Address
  3. Dates directly related to an Individual,
    including birth date, admission date, discharge
    date, date of death and all ages over 89 and
    all elements of dates (including year)
    indicating an Individuals age, except elements
    indicating age 90 or older may be combined into
    a single category age 90 or older
  4. Telephone number
  1. Web Universal Resource Locators (URLs)
  2. Internet Protocol (IP) address number
  3. Biometric Identifiers, including finger and
    voice prints
  4. Full face photographic images and any comparable
    images
  5. Any other unique identifying number,
    characteristic, or code capable of identifying
    the Individual and not used for any other
    purpose

number
  • Account Number
  • Certificate/license number
  • Vehicle Identifiers and serial numbers,
    including license plate numbers
  • Device Identifiers and serial numbers
  • 45 CFR 164.514(b)(2)(i)

www.thehipaaetool.com
6
HIPAA Compliance for Remote Workers
Only two things are needed for Medical Identity
Theft Identity of a Patient Identity of a
Provider Guidance Regarding Methods for
De-identification of Protected Health
Information in Accordance with the Health
Insurance Portability and Accountability Act
(HIPAA) Privacy Rule In developing this guidance,
the Office for Civil Rights (OCR) solicited
input from stakeholders with practical, technical
and policy experience in de-identification. OCR
convened stakeholders at a workshop consisting of
multiple panel sessions held March 8-9, 2010, in
Washington, DC. PDF Guidance on
De-identification of Protected Health Information
November 26, 2012
www.thehipaaetool.com
7
HIPAA Compliance for Remote Workers
  • Only two things are needed for Medical Identity
    Theft Identity of a Patient Identity of a
    Provider
  • Protected Health Information
  • Protected health information (PHI) is
    information, including demographic information,
    which relates to
  • the individuals past, present, or future
    physical or mental health or
  • condition,
  • the provision of health care to the individual,
    or
  • the past, present, or future payment for the
    provision of health care to the individual,
  • and that identifies the individual or for which
    there is a reasonable basis to
  • believe can be used to identify the individual.
  • 45 CFR 160.103

www.thehipaaetool.com
8
HIPAA Compliance for Remote Workers
Health Insurance Portability and Accountability
Act of 1996
www.thehipaaetool.com
9
HIPAA Compliance for Remote Workers
Health Insurance Portability and Accountability
Act of 1996
The HIPAA Rules
  1. Privacy Rule
  2. Security Rule
  3. Breach Notification Rule
  4. Enforcement Rule

The Fundamental Rule
www.thehipaaetool.com
10
HIPAA Compliance for Remote Workers
  • HIPAA Rules
  • Privacy Rule the Fundamental Rule All PHI
  • Administrative Requirements
  • Uses and Disclosures of Protected Health
    Information (PHI)
  • PHI Privacy Rights of an Individual
  • Security Rule ePHI PHI transmitted or
    maintained Electronically
  • Administrative, Physical and Technical Safeguards
    to prevent Uses and Disclosures of ePHI that
    violate the Privacy Rule
  • Breach Notification Rule
  • Defines Breach Access, Acquisition, Use or
    Disclosure of PHI that violates the Privacy Rule
  • Steps to identify a Breach
  • Steps to make Required Notifications of a Breach

www.thehipaaetool.com
11
HIPAA Compliance for Remote Workers
  • Remote Work Checklist
  • Risk Analysis PHI at Remote Location
  • Where do you work remotely with PHI
  • Who has access to your remote workspace(s)
  • How do you receive and transmit PHI
  • In what form or format do you create and maintain
    PHI
  • How do you protect Privacy and Security of PHI at
    a remote workplace
  • How do you protect the Privacy and Security of
    PHI during transmission
  • How do you dispose of PHI when it is no
    longer needed

www.thehipaaetool.com
12
HIPAA Compliance for Remote Workers
  • Remote Work Checklist
  • Risk Management Safeguards PHI at Remote
    Location
  • Home Office
  • Private Workspace
  • Locked and used File Cabinet for Paper
    Records
  • Encrypted Single Use Single User Computer
  • Virtual Private Network (VPN)
  • Encrypted Single Use Portable Devices Thumb
    Backup
  • Encrypted Single Use Single User Mobile Devices
  • Encrypt Emails and Text Messages
  • Crosscut Shredder Sanitize Electronic Devices
    before Disposal

www.thehipaaetool.com
13
HIPAA Compliance for Remote Workers
We have reviewed Impact of the Pandemic Remote
Work the New Normal Why Protecting PHI Privacy
is Essential HIPAA Rules and Remote Work
Protocols Privacy Rule Security Rule Breach
Notification Rule Remote Work Checklist Guidance
Manage Risks Conclusion, Discussion,
Questions, Comments
www.thehipaaetool.com
14
HIPAA Compliance for Remote Workers
Thank You Paul Hales, J. D.
PaulHales_at_AttorneyHales.com 314-534-3534
Register Now
www.thehipaaetool.com
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "HIPAA Compliance for Remote Employees" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!