HITT 1353-Legal and Ethical Aspects of Health Information Management
Semester Project
For this project:
Scenario:
You have been hired as manager of an HIM department. Facility Privacy Officer (FPO) is included in the management position.
This is a new facility so it is up to you to make sure HIPAA privacy and security safe guards are put in place.
After you have developed your policies and procedures and have given all employees of the hospital HIPAA privacy and security training you will need to follow up to see if there are gaps in the processes.
As privacy officer you will be auditing all departments for gaps, including privacy and security violations.
Project assignment
For this project you will be developing a “tool” for auditing one department or technology process.
For the tool you will write a 200 to 300 introduction explaining the rational for the inspection, then the actual tool. The rational may include wording such as: With respect to HIPAA rule regarding PHI (Protected Health Information) the FPO will inspect (name the department) for the following violations. (Identify the targets of the inspection). The FPO will be focusing on PHI such as conversations at a level as to be overheard, computers, and paper documentation in public sight including employees not involved in the patient’s care.
You will need to research hospital security tools, but most of your best information will be in the text. Read the Privacy Rule: Part 1, Part II, and Chapter 12 before you begin. Cite all of your resources on a separate “Resource page”
To develop the actual tool see the example below. This is called a walkthrough tool where the Privacy Officer or a trained employee has to physically go to the department and inspect the area. You can choose any type of tool.
| Month of audit | |
| Audit date | |
| Audit completed by | |
| Name of facility | (make one up) |
| Department Audited | (Example) Pharmacy |
| Instructions | Examples only you will need more. 1. Physically inspect the area. 2. Audit to be completed by FPO or other trained HIM employee. 3. Document compliancy-if no is the remark enter comments on what the issue is and the action plan that will be used to correct the issue. 4. Be prepared to present the action plan to the Compliance Committee. |
| Verbal Communication (Column header) | Compliant Yes/No/NA | Comments (as needed) | Action (To be reported to compliance) | |
| 1. | Are the conversations regarding patient care conducted in a place and in a manner to reduce the potential for unintended disclosures? | Yes | ||
| 2. | Are doors to nonpublic areas kept closed and locked, where appropriate? | No | Will report to supervisor. Give HIPAA training and HIPAA test to staff for future compliance. | |
| 3. | PHI left where it can be seen by non-authorized people. (Nurses station, trash cans, fax machines, etc. | Yes | Patients EKG tracing left on table outside of patient’s room. | Will contact Cardio-Pulmonary manager and arrange HIPAA training for staff. Suggest to Director that a verbal warning to employee that left the EKG in public view. |
The above tool is far from complete it is just a small example.
Other column headers may be. You should have at least 3 different column headers.
Telephone Conversations
Bulletin Boards & White Boards
Patient Chart Areas
Some Department examples may be:
Med/Surgery floor
Nursery
ICU
Radiology (areas not restricted)
Lab (areas not restricted)
Patient Access
Security tool. This would be an audit collaborating with the IT Department to see if:
Employees are accessing patient charts without authorization
Passwords compromised
Encryption in place.
You can use one of these examples if you want.
Create your tool in Microsoft Word and submit under Course Content-Project-Submit Project.
Students must create an original tool. To copy from another person’s or entity is plagiarism or cheating and the grade is an automatic zero.
WARNING: I am providing an example for students to have a clear idea of the project. Any portion of the wording of the sample used will result in a 0 for the semester project grade.
To recap:
- Read Privacy and Security chapters in the text
- See the example provided.
- Research tools online for examples
- Choose the area you want to audit.
- Write 200-300 words for the rational for the tool.
Created: 09/10/2019
Revised 11/14/2019