The document discusses corporate compliance programs and their goals of preventing illegal, unethical, and fraudulent behavior. It explains that compliance programs aim to create a philosophy that encourages adherence to laws and standards through implementing checks and balances. It also discusses the Health Insurance Portability and Accountability Act (HIPAA) and how HIPAA focuses on protecting patient privacy by setting standards for electronic health records and monitoring access. The document advises that any unauthorized access to patient medical records should be addressed and provides examples of training that could be implemented, such as compliance and HIPAA trainings, to educate employees on patient confidentiality.

1. Katie Maney
MHA 690
Health Care Capstone
Hwang-Ji Lu
June 6, 2015

2.  “Corporate Compliance” is a system of
effective internal controls that promote
adherence to federal and state law; program
requirements of federal, state, and provide
health plans; and ethical behavior.

3. GOAL OF CORPORATE
COMPLIANCE PROGRAMS:
PURPOSE OF CORPORATE
COMPLIANCE PROGRAM:
 Create Philosophy that
encourages, prevents
and resolves:
 Illegal conduct
 That does not comply
with standards and laws
 Administration’s ethical
and corporate policies
 Implement checks and
balances to discourage,
identify and stop:
 Fraud
 Abuse
 Mistakes

4. Health Insurance Portability and Accountability Act of 1996 (HIPAA)
HIPAA is enforced by the Office for Civil Rights and focuses on the
protect of privacy for health information.
The organization is responsible for:
 Setting national standards for electronic health records
 Monitoring the training of health care personal for patient
confidentiality
 Monitoring proper use of access to patient medical records
 Fining facilities that fail to meet all rules and regulations

5. If a patient is seen by either management or other employees abusing
their access to a patient’s records this should be addressed
immediately, if seen by management or reported to either the
compliance office or a supervisor if witnessed by a fellow coworker.
Abusing access privileges could consist of viewing the follow medical
records:
Personal
Family
Friends
Patients that are not being treated by the employee

6. What training could you as a manager put into place to
avoid this situation?
A training that could be put in place are compliance trainings and HIPPA
trainings. The staff should be trained on the importance of patient
confidentiality and the reproductions of not following the rules and
regulations. Continuous trainings on an annual basis would express the
severity of the issue at hand and remind the employees that accessing a
patient’s medical records for unlawful and unethical purposes is not
tolerated.

7. How can this training on confidentiality be effective for
the employees?
Mandatory trainings on confidentiality would require that the employees
stay compliant and up to date with policy and procedures. Completing
these trainings and signing off that they have done so, would express that
they have a full understanding of their patient privacy responsibilities. If at
any point an employee take actions that are against the patient privacy
rules and regulations, it could result in repercussion as severe as
termination. These trainings would make employees more aware of how to
handle patient privacy, which would limit the possibility of error.