Description of this paper

homework 3 part 1




Hands-On Steps;1. From your computer workstation, create a new text document called HIPAA Lab #3.;2. Review the following scenario;Your manager has asked you to identify information and resources in the health care industry that;address what laws, rules, and guidelines your health care organization needs to follow. Your health;care organization is to have an audit so you need to gather information for the upcoming audit;which will be more stringent than any that have been done before. The health care organization;that employs you believes it is necessary to conduct a review of its HIPAA compliance (or lack of;compliance) and put the gathered information into a report to show all the requirements the organization;faces. Your manager has asked you to perform this function knowing that your work has been;above reproach. He expects a summary of the HIPAA requirements the organization needs to comply;with and any financial regulatory acts for which it might also be held liable. With your previous;experience researching the financial sector and Sarbanes-Oxley, you will need to dig deeper into the;Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule and Security Rule.;You can use resources from, the U.S. Department of Health and Human Services? website, to;evaluate the HIPAA Privacy and Security rules.;3. Launch your Web browser. Type the Web address This is the;Healthcare Information and Management Systems Society (HIMSS) website. Review the website.;4. On the left side of the HIMSS website, click the Healthcare Reform link. Review some of the documents.;Then, in the upper right corner, type the words Health Information Technology in the Search box.;Review the information you find. In your text document, note what you learn about the HIMSS;website and how it helps companies and organizations address health care issues.;5. In your browser address bar, type the following Web address:;news_events/HIPAA-May2010_workshop/presentations/2-3-logging-auditing-mcmillan-cynergistek.pdf.;Review the following sections;a. Logging & Audit Requirements;b. Privacy vs. Security;c. Challenges & Barriers;In your text document, note the information you can gather from these sections of the document.;6. In your Web browser, type the following Web address:;2&objID=1147&parentname=CommunityPage&parentid=8&mode=2&in_hi_userid=11673&cached=true.;Browse the Privacy and Security section of The Office of the National Coordinator for Health;Information Technology and review the available information and resources provided. In your text;document, note the types of information you can gather from The Office of the National Coordinator;for Health Information Technology.;7. In your Web browser, type the Web address Review HIPAA?s main points and requirements.;In your text document, discuss these requirements.;8. Review the website?s information on the HIPAA Security Rule and Privacy Rule. First, review;the HIPAA Security Rule at the following address:;/hipaa/understanding/srsummary.html. In your text document, discuss these topics;a. Who is covered by the Security Rule?;i. Health plans;ii. Health care clearinghouses;iii. Any health care provider who transmits health information in electronic form in connection;with a transaction for which the secretary of HHS has adopted standards under HIPAA;b. What information is protected?;i. Protected health information (PHI);ii. De-identified health information;c. General rules;d. Risk analysis and management;e. Administrative, physical, and technical safeguards;i. Security management process;ii. Facility access and control;iii. Access, audit, and integrity controls;iv. Transmission security;f. Policies, documentation, and penalty enforcements;9. Review the HIPAA Privacy Rule at the following address:;summary/index.html. In your text document, discuss these topics;a. General principle for uses and disclosures;b. Permitted vs. authorized uses and disclosures to the individual;i. Treatment, payment, health care operations;ii. Opportunity to agree or object;iii. Incidental use and disclosure;iv. Public interest;c. Limiting disclosure and notifications;d. Policies, documentation, and penalty enforcements;i. For violations occurring prior to 2/18/2009;ii. Penalty amount: Up to $100 per violation;iii. For violations occurring on or after 2/18/2009;iv. Calendar year cap respectively: $25,000 and $1,500,000;10. In your text document, write an executive summary that defines a process for obtaining and;documenting information needed to perform a HIPAA compliancy audit.;11. Submit the text document to your instructor as a deliverable for this lab.;20 Lab #3 | Define a Process for Gathering Information Pertaining to a HIPAA Compliance Audit


Paper#64729 | Written in 18-Jul-2015

Price : $22