Compliance Webinar Presentation for LearnShare April 17, 2003

1. ComplianceWebinar Presentation forLearnShareApril 17, 2003 Presented by Martha A. George

2. Leadership Support of Initiative Planning and Development Implement Assess Be Proactive Ensuring Compliance

3. Do I have to worry about HIPAA? HIPAA

4. Penalties for Non-Compliance • Civil • $100 per violation • up to $25,000 per person, per year for each violation • Criminal • Up to $50,000 and 1 year in prison for obtaining or disclosing PHI • Up to $100,000 and up to 5 years in prison for obtaining or disclosing PHI under false pretenses • Up to $250,000 and up to 10 years in prison for obtaining or disclosing PHI with the intent to sell, transfer or use it for advantage, personal gain or malicious harm

5. The only entities directly regulated by the HIPAA Administrative Simplification Act are health plans, health care providers and clearinghouses. Who Must Comply with HIPAA

6. Do you sponsor any health plans? For each plan do you have more than 50 participants? Are you fully-insured? Self-insured? Do you have access to protected health information (PHI)? Litmus Test

7. If you answered “yes” to these – you are subject to HIPAA requirements. Litmus Test

8. Plan amendment or authorization Certification to insurance company or HMO if amended Insurance company or HMO must fully comply with HIPAA Fully Insuredand subject to HIPAA

9. Plan amendment or authorization Certification of plan if amended Company must fully comply with HIPAA as a group health plan Self-Insured

10. Often responsible for performing the plan sponsor functions of the group health plan (whether self-insured or fully-insured) and may receive protected health information in the course of performing these functions. HR Departments

11. May be responsible for other functions that require access to PHI. Drug testing – coordination with lab, center or physician TB skin tests FMLA processing Health plan applications or enrollment Physicals as condition of employment HR Functions

12. Develop and implement a HIPAA compliant Authorization Form. Ask the employee to complete prior to requesting information from health care provider. Send the authorization with the request for medical information. Best Practice

13. Make sure that there is adequate separation between employment-related functions and the group health plan functions to ensure that information from the group health plan is not used for making employment related decisions. (Or the appearance thereof). HR Tip

14. Determine the law and how it applies to you Identify the gaps Prioritize risk factors Assign responsibility Set your goals Evaluate your budget Developing your Training Strategy

15. ASP models CD Rom Books and manuals Videos Audio tapes Seminars Self-study packets Classroom work Webinars Blended Learning

16. Adults learn in different ways Provide more opportunities for the learner to absorb and understand the information Provides variety Is flexible Holds interest Cost Why Blended?

17. Decide if your education can be improved through the addition of technology ASP models Computer based learning E-mail Voice mail Getting Started

18. Surveys and evaluations Checklists Post-tests Posters and signs Use Tools

19. This website has comprehensive instructions for taking control of your blended learning educational program development – http://www.usdla.org/html/journal/MAY02_Issue/article03.html Bulletproof – A Model of Blended Learning

20. Leadership support and unequivocal “buy-in” Foster open environment Reinforce education Reinforce learning objectives Reinforce goals of program Successful Implementationof Compliance Program