Professional Documents
Culture Documents
Group 3 PPT Take2 Final
Group 3 PPT Take2 Final
Group 3 PPT Take2 Final
Agenda
n Chief
Privacy Officer-Jaimie n Chief Security Officer-Kerry n Chief Quality Officer-Jen n Chief Compliance Officer-Suzi n Investigation Lead -Suzi
Open Investigation
n Privacy
and Security Breach n Hospital Associated Infection n Additional Compliance and Communication Actions
Privacy Breach
Patients grandmother identified source Neighbor gave her information on a patient Learned of patients hospitalization
Investigation of Breach
n n
Opened investigation Audit & Access logs Uncovered employee who accessed data inappropriately Access report revealed download of 510 records
Investigation of Breach
n
n n
Breach Notification
n n
HIPAA Requirements Illinois State Law Requirements Alternatives: #1 - Notify just the patients #2 - Notify the patients and media #3 - Notify all parties (patients, media, HHS, IL General Assembly) Recommend: alternative #3
Mitigation of Harm
Steps taken to mitigate harm:
Investigation
n Determined
extent of disclosure n Return of paper copies n Follow-up with other patients in neighborhood n 1-year subscription for credit monitoring
Monitoring Training
of system
of workforce
Proactive monitoring Joint effort between IT and Compliance Office Options: Alternative #1 Alternative #2 Alternative #3 Recommendation alternative #3
Hospital Associated Infection Inappropriate release of internal information Nurse Business Associate (BA) Potential Public Relations Nightmare HAI problem identified 1 year ago No follow-up communication/therefore perceived negligence
Investigation
Hospital
Scorecard
n Ensured
hospital scorecard includes the procedures in place for surveillance, detection, reporting of HAI
Patient
susceptibility to HAI
n Investigated
patient chart for pre-existing conditions, and found patient is a smoker and is diabetic higher risk patients for HAI
Mitigation
Set
n Share
n Discuss
n Billing
Because patient is not Medicare/Medicaid they will be billed for care given while in hospital
Recommendations
Pull
n Hire
an additional communications expert, specifically for HIT dept n Improve frequency of staff communications
Clinical Managers
Education/Training
n Professional
for Staff
Recommendations
Organize
n Utilize
Investigation Findings
Training
n
Review and update guidance documents for: Verifying the information can be released Providing information over the telephone Providing information to law enforcement officials Responding to inquiries about hospital performance Update our training requirements for all independent contractors prior to signing a Business Associate Agreement
Select, approve, and implement audit technology tool Develop criteria for the audit reports and for review of the reports Create communicate plan for announcing to management and staff Train Compliance Office staff on reading the Audit Logs Implement the program
Documentation
n
n n
The Compliance Office documents: The inquiry call from the nurse that triggered the investigation The investigation The Privacy Breach The Complaint to the CEO from patients wife Human Resources will update the personnel record of the now-former employee The Compliance Office and Health Information will track the unauthorized disclosures
of Care n Ethics and Disclosures n Financial Integrity n Accurate Records n Confidentiality n Duty to Report Violations n Protections
Action Items
Recognition n Breach Notification n Audit Program n Meeting with patient and patients wife n HAI research n Infection prevention communication plan n Training and Awareness