This is a proposed training outline for privacy compliance in the healthcare industry, specifically using electronic medical records, HIPAA and HITECH compliance.
2. Training Needs Assessment (TNA)
• Healthcare rules and regulations are constantly changing and
updating; healthcare providers have to stay up to date with the
latest information, which means conducting training sessions to
keep the employees up to date, as well.
• This is also an info session for new employees that may not have a
firm grasp on what privacy compliance is, exactly (HIPAA, HITECH,
etc).
• Failure to comply with the set regulations and laws can result in
criminal and civil penalties (ama-assn.org). This means that we have
no room for excuses or ignorance on this topic, making training
essential.
• Knowledge of patients’ privacy rights affects every job in the
healthcare industry; all employees need to be informed and
routinely updated.
• On this subject, training is not optional.
3. Individual vs. Corporate Goal
• Individual
– Reviewing job specifications to compare knowledge and skills
possessed by employees to those needed by employees (Youssef-
Morgan & Stark, 2014)
– Assessing the learning styles of employees to match training
techniques
• Corporate
– Training throughout the entire company is necessary for everyone’s
job function and performance
4. “Creating HIPAA Compliance”
This program is intended to measure the
knowledge our employees already possess
about HIPAA, provide updated information
regarding any new regulations, and ensure
that everyone knows how to apply regulations
in real-life scenarios. This is a place to share
information and ask questions, to make sure
everyone understands HIPAA guidelines to the
best of their ability.
5. Program Description
Need for “Creating Patient Privacy Compliance”
In the medical field, maintaining regulatory and legal compliance is just
as important as following safety or protection guidelines. HIPAA
(Health Insurance Portability and Accountability Act) refers to
federal legislation passed that mandates national standards to
protect the privacy of patients’ medical records and personal health
information and the HITECH (Health Information Technology for
Economic and Clinical Health) Act helps support the development
of a nationwide health IT infrastructure (hhs.gov). Everyone in the
healthcare industry is bound by these regulations: physicians,
pharmacies, nurses, health insurance companies, and all clinical
and clerical staff have to follow these guidelines to the letter to
protect the privacy rights of patients and ensure they are complying
with the law. This training course is designed to educate and inform
everyone about what privacy compliance means, how we are all
affected, and the potential consequences of breaking these laws.
6. Training Methods
This program will use pamphlets, slideshows,
presentations, interactive scenarios and
discussions, and testing to deliver and determine
the knowledge each employee has about
compliance. By using a mixture of mediums, each
learning style will be reached by the information
presented.
7. Pre and Post Presentation Testing
• Baseline testing before the presentation will
determine who knows what about HIPAA
regulations
• Post presentation testing will test the
information retained against the baseline
knowledge to determine a. the efficacy of the
training and, b. the retention levels of the
participants
• The Hawthorne Effect has shown that
participants strive to do better when they know
they will be tested (Youssef-Morgan & Stark,
2014).
8. Proposed Instructors
• Department Managers: these managers have
more in depth knowledge about their employees
and the methods that best reach them; i.e.
learning and reward styles, knowledge base, etc.
• HR Managers: these administrators have an
overview of the knowledge necessary and can
work in tandem with department managers to
reach each employee, effectively and efficiently.
• The team of these two managers would create
the best program to ensure each employee
retains the necessary knowledge.
9. Training Outline
Pre-Presentation Quiz
Assess the Knowledge Prior to the Presentation
Introduction to HIPAA
When and why was HIPAA created?
Who manages HIPAA?
Who does HIPAA apply to?
Overview of HIPAA Regulations
Who is covered?
What information is protected?
How to legally disclose information
Individual vs. Administrative rights
10. Training Outline, cont’d
Why is HIPAA Important?
Personal Protection
Protection as an Entity
Right to Privacy
Penalties for Breaking HIPAA
Fines
Imprisonment
Tips for HIPAA Compliance
Knowing HIPAA Regulations
If You Don’t Know, Ask
Real-Life Scenarios and Applications
Know Who to Ask
11. Training Outline, cont’d
Reporting Suspected HIPAA Violations
What Constitutes a HIPAA violation?
Who do I report this to?
How do I report this?
Q&A Session
Ask Questions of the Presenters and Coworkers
Discuss Anything You Don’t Understand
Post Presentation Quiz
Determine the Knowledge Gained from the Training
12. Training Materials
Personnel
• HR Manager- devote time to develop the training
program and recruit department managers to help
• Department Managers- assess the employees and
determine the best way to present information to
reach everyone
• Outside speakers- possibly a HIPAA and/or HITECH
expert to help break down the more difficult
information into simpler and easier to understand
terms
• Volunteers to act out real-life scenarios
13. Follow Up Materials
HR Managers and Department Managers will be
responsible for following up with each employee
to:
1.Give the results of their quiz and…
2.Encourage additional training, ask that they be a
HIPAA liaison for the company and participate in
future training, or neither, depending on the
employee’s quiz scores.
Additional training will be the responsibility of
Department Managers, as it will be more focused
and specialized towards fewer people.
14. References
Health Information Privacy (n.d). Retrieved
from:http://www.hhs.gov/ocr/privacy/index.html
HIPPA Violations and Enforcements (n.d). Retrieved
frhttp://www.ama-assn.org/ama/pub/physician-
resources/solutions-managing-your-practice/coding-billing-
insurance/hipaahealth-insurance-portability-accountability-
act/hipaa-violations-enforcement.page?
Youssef-Morgan, C. M., & Stark. E. (2014). Strategic human
resource management: Concepts, controversies, and
evidence-based applications. San Diego, CA: Bridgepoint
Education, Inc.