Add to collection(s) Add to saved
  1. Business
  2. Management

HIPAA Collaborative of Wisconsin

advertisement 
HIPAA Collaborative of Wisconsin
2015 ANNUAL REPORT
DECEMBER 2015
A Note From the President
Board of Directors
 Greg Margrett





















President
Passport/Experian Health Services
Holly Schlenvogt, MSH, CPM
Executive Vice President
HRT Consulting, LLC
Bethany Seeboth, JD
Vice President of Programs
Froedtert Health
Richard Donkle, CPA
Vice President of Communications
Rural WI Health Cooperative
Sarah Coyne, JD
Secretary
Quarles & Brady LLP
Brian Potter, CPA
Treasurer
Wisconsin Hospital Association
Cathy Boerner, JD, CHC
Boerner Consulting. LLC
Amy Bradshaw, MA, JD, CHC
Mercy Rockford Health System
Laurie Burckhardt
WPS Insurance
Nancy Davis, MS, RHIA, CHPS
Ministry Health Care
Heather Fields, JD, CHC, CCEP
Reinhart Boerner Van Deuren s.c.
Todd Fitzgerald, CISSP, CISA,
CISM, CIPP/E, CIPP/US, PMP,
ISO27000, ITILv3f
Grant Thornton International Ltd.
Suzanne Geske
Passport/Experian Health Services
Kathy Johnson
WI Department of Health Services
Lee Kadel, EMBA, MMOT,
GHSC
Wheaton Franciscan Healthcare
Mary Koehler
ProHealth Care
Chrisann Lemery, MS, RHIA,
CHPS, FAHIMA
WHIMA Representative
Susan Manning, JD, RHIA, CPC
Physician Practice Consultant
Jennifer Martin
Aurora Health Care
Thomas Shorter, JD
Godfrey & Kahn, s.c.
Janet Van Barriger
Marshfield Clinic
Marilyn Windschiegl
PharmaSeek
As I write this the weather is getting colder, the holiday season is fast approaching, and the
end of the year will be here in no time. It is hard to believe that another year will soon be
over, but in looking back over the past twelve months, I am extremely proud of all that
HIPAA COW has accomplished:
 The very successful Spring and Fall conferences had a combined total of over 480 attendees.
 Sponsorship goals were exceeded by 40%.
 HIPAA COW continued to expand its impact beyond the borders of Wisconsin, with
website metrics showing visits from states all over the country and from some international visitors.
 A new Security Technology Networking Group was started and began its regular calls.
 The Security networking group updated key documents and deliverables.
 The Privacy networking group also updated several documents and coordinated a
Healthcare Breaches webinar in April.
 The Security and Privacy networking groups collaborated on updating HIPAA COW’s
Privacy and Security training template and review questions document.
 The Risk Management networking group continued its work on the Risk Analysis and
Risk Management toolkit, making it even better.
 The EDI networking group facilitated key communication at conferences, on its conference calls, and on an ad-hoc basis regarding key industry initiatives such as ICD10 and
attachments.
This great work would not have been possible without the commitment and dedication of a
vast number of volunteers. As you can see from the “Goals” section in this annual report, all
of the networking groups have plans to continue their important work in 2016.
I was reminded of the importance of HIPAA COW as a focal point of HIPAA education and
communication many times throughout the past year. After speaking at a national conference
in September, I had multiple individuals approach me from a variety of states and countries
(CA, NY, and India) expressing their thanks for what HIPAA COW is doing and how helpful
they find the tools and deliverables posted on our website.
I am completing my fifth year as president of HIPAA COW, and have decided that it is time
for me to step back and let someone else take over “the big chair.” It has been a privilege and
an honor to serve in this role, and leave it with my thanks to the Board, Executive Committee,
Networking Co-Chairs, and those who have participated in the networking groups and conferences. A special thank you to Wendy Ellwein, who has gently kept me well-focused over the
past five years.
Best wishes for a wonderful 2016!
Greg Margrett
HIPAA COW President
The Mission of HIPAA COW is to:
 Assist HIPAA Covered Entities, Business Associates, and other interested parties in implementing HIPAA's Privacy, Security and EDI Standard Transaction provisions, as
amended over time.
 Foster public education about HIPAA.
 Facilitate and streamline HIPAA implementation through identification of best practices.
 Reduce duplicate efforts among entities obligated to comply with HIPAA.
 Offer opportunities for partnering and collaborating between entities implementing
HIPAA.
 Identify and evaluate new or difficult HIPAA interpretation issues.
2015 Annual Report
Page 2
Security Networking Group
2015 Goals
Status Update
Evaluate the need for and update HIPAA COW Security documents already posted. The priorities are the Auditing
Policy, Portable Media Whitepaper, and Facility Access Policy.
Auditing - Complete
Portable Media - Policy
In Progress.
Facility Access - Not
yet addressed.
Not addressed.
If additional guidance is released by the OCR regarding auditing guidelines to assist in implementing this portion
of the HIPAA Security Rule, the Security Networking Group will focus its attention on this guidance for HIPAA
COW members.
Evaluate the impact of various “devices” (e.g. infusion pumps, monitoring devices, other physiological monitoring, diagnostic/treatment equipment) on the LAN and also write a white paper on BYOD in the health care environment.
Continue to help identify Security topics for Spring and Fall conferences. Continue the on-going
“Security Panel: Security Technology Roundtable Discussion” as at prior conferences or similar to the last conference (Three Minute Security Issues: Cow Pie or Cow Tale?).
Continue to respond to Security related industry inquiries, news updates, technology updates, etc. as they are submitted to the Security Networking Group.
Collaborate with Privacy Group to update the example Privacy and Security Training session and review questions
documents.
No guidance document
released.
Completed.
Completed.
Completed.
Privacy Networking Group
2015 Goals
Status Update
Update second tier deliverables for HIPAA/HITECH Omnibus Rule – Charging for Copies; Authorizations,
HIPAA and Law Enforcement, Minors and Access, Psychotherapy Notes, Preemption 146-add 146.816, Business
Associates.
Update Employee Health White Paper.
Completed by
12/31/15.
Identify and deliver privacy topic for HIPAA COW Webinar (e.g., Minors and HIPAA).
Continue quarterly Privacy Networking Group calls.
Provide topic support for HIPAA COW Spring and Fall Conferences.
Continue to respond to privacy inquiries made to HIPAA COW.
Collaborate with Security Group to update the example Privacy and Security Training session and review questions documents.
Lack of Volunteers defer to 2016.
Completed - Healthcare
Breaches Webinar 4/15
Completed.
Completed.
Completed.
Completed.
Risk Management Networking Group
2015 Goals
Status Update
Continue to maintain, update, and improve the Risk Analysis & Risk Management Toolkit:
 Continue incorporating the NIST HIPAA Security Toolkit questions into the HIPAA COW risk assess-
In Progress.
ment toolkit.
 Finish developing a gap analysis tool to evaluate security controls based upon data classification and
In progress.
criticality levels for new systems and hardware as well as those being upgraded.
EDI Networking Group
2015 Goals
Status Update
Provide education sessions at spring / fall conferences on HPID, operating rules, and any new mandates/initiatives
relating to EDI.
Hold quarterly EDI networking phone calls as a forum for ongoing discussion and education.
Consider new initiatives and develop tools for use by group and community, i.e. payer readiness relating to implementation of ICD-10.
Recruit additional participants for workgroup.
Outreach to outside organizations to collaborate on new initiatives to further education efforts on HIPAA and
EDI.
Resource in resolution of issues related to HIPAA Transaction Code Sets.
Participate in forums/discussions regarding industry standards adoption/revisions.
Completed.
Completed.
No new initiatives this
year.
Completed.
Completed. CAQG
CORE speakers.
Completed.
Incomplete.
2015 Annual Report
Page 3
Security Networking Group




Evaluate the need for and update HIPAA COW Security documents already posted.
Develop a Cloud-Based Services Policy.
Develop a Social Media Policy.
With the OCR moving toward a permanent audit program, to reportedly begin in January 2016, the Security Networking Group will focus its attention on this guidance for HIPAA COW members.
 Identify Security topics for Spring and Fall conferences. Continue the on-going “Security Panel: Security Technology Roundtable Discussion” as at prior conferences
 Increase the number of active participants. In 2016 develop a Survey Monkey related to participation, review results, and identify opportunities to increase participation.
 Continue to respond to Security related industry inquiries, news updates, technology updates, etc. as they are submitted to the Security Networking Group.
Privacy Networking Group







Update second tier deliverables for HIPAA Omnibus Rule Deliverables to be Determined (minimum of 4).
Update Employee Health White Paper – Seek Volunteers (2nd Year).
Identify and deliver privacy topic for HIPAA COW Webinar – Topic to be Determined (e.g., Law Enforcement).
Continue quarterly Privacy Networking Group calls.
Provide topic support for HIPAA COW Spring and Fall Conferences.
As requested, continue participation by external health information exchanges and health information projects.
Continue to respond to privacy inquiries made to HIPAA COW.
Risk Management Networking Group
 Continue to maintain, update, and improve the Risk Analysis & Risk Management Toolkit:
 Continue incorporating the NIST HIPAA Security Toolkit questions into the HIPAA COW risk assessment
toolkit.
 Create a Risk Scorecard template and supporting documents.
EDI Networking Group






Conduct a webinar on a relevant EDI topic.
Provide education sessions at spring / fall conferences.
Hold quarterly EDI networking phone calls as a forum for ongoing discussion and education.
Consider new initiatives and develop tools for use by the group and communities.
Recruit additional participants for the workgroup.
Outreach to outside organizations to collaborate on new initiatives to further education efforts on HIPAA and
EDI.
 Serve as a Resource for issues related to HIPAA Transaction, Code Set and Operating Rule Questions.
 Participate in forums / discussions regarding industry standards adoption / revisions.
Healthcare IT Networking Group




Conduct monthly meetings.
Create an “offline” message board that allows participants to continue conversations outside of scheduled calls.
Create a Healthcare IT track at conference.
Solicit participants for the Healthcare IT Networking Group.
2015 Annual Report
Page 4
Website News
HIPAA COW
P.O. Box 25413
Woodbury, MN 55125
Attn: Wendy Ellwein
(651)340-6426 Phone & Fax
admin2@hipaacow.org
The HIPAA COW website, hipaacow.org, has been a resource to thousands of users. For the
12 months ended September 30, 2015, there were over 23,000 users of the site, making over
36,000 visits. Of those 36,000 visits, 12,000 originated from Wisconsin users, 20,000 from
other states, and the rest came from throughout the world. The site provides a wealth of information about HIPAA and free access to HIPAA COW deliverables. Users of the website
can find information on HIPAA COW and sponsored events, numerous documents related to
Privacy and Security issues, presentations on HIPAA, a job board, links to other related
websites, and other useful information. Many of these visitors download documents and other resources that are available on the website. HIPAA COW does not charge any fees for
using the resources available on the website.
Check us out at: hipaacow.org
Looking Ahead

Get Involved:
To join a
HIPAA COW
Networking Group,
please go to the
Resources
page on our website
and view the
“Why should I join
a
Networking Group?”
brochure.
Contact a
Networking Group
co-chair for details.
Social Media:
Upcoming Conference Dates:
January 20-22, 2016 - Mega Conference, Kalahari Resort, WI Dells
April 29, 2016 - Spring Conference: Best Western, Oshkosh
October 28, 2016 - Fall Conference: Sheraton, Brookfield

Webinars:
HIPAA COW offers webinars as a way to present current “hot topics” and
to reach out to the those in the outlying areas of the state. Watch for
emails and check the website for upcoming webinar dates and topics, as
they become available.

Sponsorship Program:
To view the HIPAA COW Sponsorship program or to become a 2016
sponsor, please go to our website at www.hipaacow.org and click on the
sponsorship link. Sponsorship is greatly appreciated as it helps to keep
our conferences available at a lower cost.
Special Thanks to our 2015 Sponsors
GOLD:
Like Us on Facebook!
Follow us on Linked-In!
Go to our website
hipaacow.org
and click on the logos in
the “Connect with Us”.
SILVER:
BRONZE:
Related documents
CARDIOLOGY ASSOCIATES OF PRINCETON, PA
CARDIOLOGY ASSOCIATES OF PRINCETON, PA
“You have the Right”
“You have the Right”
HIPAA Steering Committee - East Carolina University
HIPAA Steering Committee - East Carolina University
Communication, Teamwork, and Compliance
Communication, Teamwork, and Compliance
Presentation Slides
Presentation Slides
the HIPAA quiz
the HIPAA quiz
Workers Comp Policy Doc
Workers Comp Policy Doc
Download
advertisement