This document outlines the requirements for HIPAA compliance training for UCLA staff. It states that staff must be trained on maintaining patient privacy, protecting health information, and reporting any violations. Training must be provided upon hiring, annually, and whenever policies are updated. It also details specific topics to cover including HIPAA rules, safeguarding oral, written and electronic protected health information, and consequences for non-compliance. Documentation of all training is required.
Call Girls Secunderabad 7001305949 all area service COD available Any Time
HIPAA Compliance Staff Training
1.
2. Ensure that the right health information is
flowing to the right people at the right
time.
Ensure staff know the importance of
keeping patients’ protected health
information (PHI) private & secure at all
times.
Provide appropriate workforce training
to build & maintain a culture of
compliance with HIPAA Rules
3. HIPAA Education
UCLA Policies & Procedures (HIPAA)
Staff Training
HITECH Act of 2009 & Enforcement
Safeguarding Information: What can you
do?
Protecting Electronic Information
Report any violations you witness
4. HIPAA Education
Privacy Rule Provisions
Use and disclosure
Minimum Necessary Rule
Patient authorization
Notification of Privacy Practices
Who are business associates?
Each staff member must be given a copy
of the privacy & security policies
Each & every staff member must sign for their
copy as proof they received the policies
Each staff member must understand his or her
privacy & security responsibilities
5. Consequences for non-compliance
Actions will range from further training to
dismissal/termination
How HIPAA affects you
Managers must establish importance of health
information privacy
Everyone at UCLA should see themselves as
responsible for privacy & security of health
information
Make privacy part of the daily operation
Create a culture of compliance
Treat PHI as you would treat the patient
6. Training Sessions staff must attend &
complete
Upon hiring
Training based on job requirements
As policies are updated or changed – UCLA
& state & federal
Annual compliance training
Document all training
Who received training?
When?
What did the training include?
7. HITECH Act of 2009
Health Information Technology for Economic
and Clinical Health Act (HITECH) gave
Department of Health and Human Services
(HHS) greater authority when imposing civil
money penalties for HIPAA violations
Penalties
$1.5 million: maximum penalty per year per
violation
States may also pursue civil actions
8. All UCLA staff members & volunteers are
obligated to maintain a patient’s privacy &
safeguard protected health information
Safeguards to use in your daily activity:
Oral communication – discussions on need-to-
know basis
Photocopiers – do not leave copier when making
copies
Fax machines – only fax information if absolutely
necessary
Disposal of confidential information – only in
appropriate designated containers
9. Staff must take actions to ensure that health
information that is stored electronically is secured
against unauthorized access.
Create complex passwords & protect your
password
Protect your computer from viruses – do not open
attachments from unknown sources
Appropriate use of email – proper use will prevent
accidental disclosures of PHI
Take precautions to protect confidential
information when printing
Only use the Internet in a way that does not violate
UCLA policies
Only store confidential information & PHI on
network shared drives
10. Immediately report inappropriate use of
patient information.
If you fee that a patient’s privacy or
confidentiality has been violated, you are
obligated, as an employee of UCLA, to
report it to your manager or the privacy
officer.
If you wish to remain anonymous, you
can call:
UCLA HIPAA Program Office
Compliance Helpline
11. Barten, L. (2013). HIPAA employee training requirements.
Retrieved from http://smallbusiness.chron.com/hipaa-
employee-training-requirements-2013.html
Department of Health and Human Services (HHS). (2013,
January 25). Federal register, 78(17). Retrieved from
http://www.gpo.gov/fdsys/pkg/FR-2013-01-25/pdf/2013-
01073.pdf
McKay, M. (2013). Employee HIPAA training. Retrieved from
http://smallbusiness.chron.com/employee-hipaa-training-
696.html
Rodriguez, L. & Pitts, J. (2013, June 23). HIPAA and you:
Building a culture of compliance [Powerpoint
presentation]. Retrieved from
http://www.medscape.org/viewarticle/762170_transcript
UPMC Horizon. (2010, February). HIPAA privacy & security
awareness training for students. Retrieved from
http://www.upmc.com/locations/hospitals/horizon/career
s/Documents/hippa-training.pdf