A Real-Life Project Experience: Consulting Thielen

advertisement

A Real-Life Project Experience: Consulting Thielen

Student Helath Center (TSCH) Online HIPAA Training

Yasemin Demiraslan

Farrah Dina Yusop

CI 603 Advanced Instructional Systems Design

Iowa State University of Science and Technology

05/03/2007

Table of Contents

1. Project description

2. Situation/context of the project

2.1 Problem description

2.2 The current HIPAA and ISU policies training

3. Problem(s) addressed

3.1 Needs analysis

3.2 Findings from the interview

4. Proposal

5. Course of actions

6. Reflections

7. Future Recommendations

Appendixes

Project contract

Interview questions

Final compilation of case studies for TSHC

Acknowledgement Letter

Closing letter

10

10

11

11

4

5

8

9

13

14

15

16

3

3

4

3

3

2

1. Project description

This project is about developing an online training on Health Insurance Portability and Accountability Act (HIPAA) and ISU Health Information Privacy and Security Policy for the new employees at the Thomas B. Thielen Student

Health Center (TSHC), Iowa State University, Ames, IA.

The main purpose of the training is to provide the employees, especially the new employees at the Center, with the necessary information to protect patients’ personal health care and financial information according to HIPAA and

ISU policies.

2. Situation/context of the project

2.1 Problem description

Previously, the Health Insurance Portability and Accountability Act (HIPAA) and ISU Health Information Privacy and

Security Policy training were conducted by our primary contact, Ms. PMC on one-to-one and face-to-face basis with the Center’s new employees as part of 3 series of training (The other 2 trainings are Safety Issues in

Healthcare Environment and Handling Patients’ Complaints). Each of these training sessions takes between 30 to

50 minutes depending on the employees’ previous background working in healthcare environment, their work needs and positions in the center. The training must be conducted within the first 5 days of employment date and before the employees have direct contact with the patients.

2.2 The current HIPAA and ISU policies training

The HIPAA and ISU policies training, which is the main focus of this project, is the most important and most challenging training experienced by the client due to several reasons:

1.

frequent changes in HIPAA policies

Under the law, every person working in the healthcare environment needs to follow and apply the HIPAA policies in their everyday task. Since the HIPAA requirements changes frequently, it is difficult to keep pace of the current HIPAA policies. In addition, there is no standardized content on HIPAA policies, which made it difficult to be explained for employees who work at different sections in the Center.

2.

no specialized HIPAA training

Since there is no standardized content of the HIPAA policies, the client had difficulties to train each new employee at the Center according to their specific sections. For instance, HIPAA training for clerical tasks will be different from the medical record people. Thus the client ended up with applying general HIPAA policies that will apply to all of the sections in the Center.

3.

employees’ prior knowledge on HIPAA

Employees’ prior knowledge on HIPAA is another challenge for the client. An employee with prior knowledge on HIPAA and has experience working in healthcare environment will not need to be trained so much on

HIPAA policies, thus the client will concentrate more on training him/her in ISU policies compliant with the

HIPAA policies. However, for an employee who has no prior knowledge on HIPAA and does not has prior experience working in healthcare environment, the training will take more time as the client needs to explain

3

both HIPAA and ISU policies.

4.

no further references

Our needs analysis with the new employees on HIPAA and ISU policies also revealed that there are lack opportunities for them to refresh their HIPAA and ISU policies after the training. Even though printed manuals are provided in the Center for references, they seldom use it. Instead, most prefer to update their knowledge on HIPAA based on mouth-to-mouth approach, i.e. asking from someone who has more experienced in the section for guidance if they need help on something related to patients’ privacy issues.

3. Problem(s) addressed

3.1 Needs analysis

To better understand the client’s and her employees’ needs, we have conducted 2 types of needs assessment: a.

Client’s needs assessment

2 meetings were arranged between us and the client. The first meeting was to explore the scope of the project which was also attended by Vanessa Preast, our primary instructor of this project. During the second meeting, we attended and recorded an actual HIPAA and ISU policies training session conducted by our client with one of the Center’s new employees. The second meeting was really helpful to help understand the not only the scope of the project but also the challenges that the client face in her everyday training. b.

Employees’ needs assessment

Based on our client’s suggestions, we contacted 6 newly employed employees who had gone through the training on HIPAA and ISU policies conducted by our client. 4 of the interviewees are in the administrative positions at various sections of the Center, 1 is a clerk working with the Center’s Directors and 1 is a

10-hour working student who is assigned to work at the Medical Records section. All of them have prior knowledge on HIPAA policies and had previous experience working in healthcare environment.

2 focus group and 1 individual interview sessions were conducted with the center’s new employees on Feb.

23 rd , 26 th and 27 th at the Center. The purpose of these interviews was to understand the effectiveness of the training conducted by our client from the employees’ perspectives and to solicit feedback on how we can better address their needs. The interview questions are attached.

Focus group methods was selected to conduct the interviews with the employees due to the fact that this method triggers opinions of each participant as we saw in our interview sessions, thus lead more effective and valuable information regarding with the needs and interests of different people in the sessions. In addition, the way of interviewing 2 or 3 people together helped both us and the employees save time.

3.2 Findings from the interview

The initial findings revealed valuable information and suggestions that are critical in helping us to develop the online training as stated in the Proposal section. Table 1 shows some key points acquired from the analysis of interview sessions with the employees.

4

Current job and roles

Table 1: Interview sessions

Previous training on

HIPAA &ISU privacy policy

Suggestions to improve online training

Learning preferences

Session 1 : Marlene, Pat and Mary

Date : Friday Feb 23, 2007 at TSHC

Marlene

Started to work one month ago

Medical records supervisor

Applying HIPAA guidelines for medical records

Transcribing health history and immunization information of the patients

Interviewing, hiring the team of medical records

Enforcing safety and HIPAA guidelines in medical records

Do not have a direct contact with the patients

Worked 3 years in a physician office

Worked with

HIPAA regulations and ISU privacy policy

(student ID,

Social security number etc.)

Remembered more things about the training because of taking the training a few weeks ago

Training was appropriate her work needs

Learned most of the things about HIPAA and ISU policy by experience

Training expectations were met (the training was very through)

Questions-an swers (FAQ)

Brief quiz at the end of the training to show what and how you understand

Bring additional questions to the current trainer can be helpful

(blended approach)

Comfortable with using computer

Have internet access at home

Checking out

CD takes more time, online is preferable

Online tour on the web site can be interesting

5

Pat

Mary

Started to work 9 months ago

Administrative assistant

Being the front desk for the administer, taking care of his calendar

Hiring a new employee

(human resources functions)

Doing paper work for the advertising press

Do not have a direct contact with patients (do not handle students’ records)

Started to work 6 weeks ago (early

January)

Worked 3 years as a clerk in an emergency hospital

Well know about HIPAA because of her experience in

ISU for ten years

Did not get a comprehensiv e training due to her position in the center

(training was specific to the position of the people in the center)

Could not recall anything specific about the previous training

Different policies and procedures should be available online in case you forget the information

Found current training very clear, got a good understanding

Can ask another person if she does not remember a policy or procedure

Not linear but provide a flexible navigation

Online checklist showing what you done

Printing the sign form

Audio+visual can be really helpful

10 question post test

Printing the certification at the end of the training

Comfortable with using computer

Have internet access at home

Do not know the benefits of using which system

The online training should be towards employees

(temporary passwords to access the training)

Session 2 : Ray Rodriguez & Lori

Date : Monday Feb 26, 2007 at TSHC

6

Ray

Started: 7 month ago

Health co-coordinator

(administrative)

Conduct workshops and training

(education) eg.

Stress management, drug, fitness etc

Lori

Session 3 : Megan

Date : Tuesday Feb 27, 2007 at TSHC

Megan

4. Proposal

To help overcome the problems presented above, we proposed the development of an online training module specifically for the Health Insurance Portability and Accountability Act (HIPAA) and ISU Health Information Privacy and Security Policy for the new employees.

The proposed online training will have specific features that will eliminate, or at least to minimize, the current problems that the client is experiencing. The suggested features are: c.

Online-based training – our needs analysis revealed that online module is more preferable than any other types of training, for instance, print-based materials and CD. The interviewees stressed that online module will enable them to access the training at anytime at anywhere at their own convenient. It will also provide the employees with an effective way to recall the information they forget or need later.

d.

Interactive elements – Our needs analysis also suggested that the online training to include interactive elements such as videos, audios and animations to be included, not only to motivate the employees to take the training but also to help them better understand how HIPAA and ISU policies looks like in real life situations.

For instance, the employee needs to they can not leave the patients’ files on their desks at anytime during the working hours to avoid other patients and staff looking at it, even accidentally. e.

Online quizzes – Since learning about policies and regulations could be long and tiresome, we decided to include short quizzes in the online training. This element is needed not only to test the employees’ understanding on the content, but also to ‘wake them up’. f.

Breaking down the modules – Based on the needs analysis, we plan to break down the training modules into sub-modules. Each sub-module will take only 20 to 30 minutes time for motivational

7

and easiness purposes, especially for employees who would like to take the training during their lunch break.

5. Course of actions

We plan to conduct the needs assessment, design and development works, and usability testing within this timeline:

Activity Start Date End Date

1.

2.

identify client’s needs (Needs assessment) conduct needs analysis (Needs assessment)

3.

design content and online module

(Design and development)

4.

develop the prototype of the online module

(Design and development)

5.

pilot test and revise the module (usability testing)

6.

disseminate the online module

29 Jan 2007

5 Feb 2007

26 Feb 2007

19 March 2007 9 April 2007

9 April 2007

23 April 2007

5 Feb 2007

26 Feb 2007

19 March 2007

23 April 2007

3 May 2007

6. Reflections

Based on our experience working with the client in specific and with the Center in general, we found out that they are cooperative and attended to our needs as much as they can. Thus, our relationship with the client was smooth.

The client was helpful and cooperative, shared materials and eager to help.

there was a time when we did not get response from the client.. it turned out that she was sick at the time

we learned that we need to employ other methods of communication other than e-mails including phone calls

In addition, it is clear to see that many employees in the center has positive thoughts about online training and find it effective in learning. They also mentioned a special need and interest to take the training online in order to get necessary information and skills to combat such an important issue in their workplaces.

7. Future Recommendations

Accompanying these findings is a set of recommendations to improve the effectiveness of the online training.

1.

An online quiz can be added not only to test the employees’ understanding on the content, but also to ‘wake them up’.

2.

The development of “Test” and “FAQs” sections can be another mini-project by itself.

3.

Site navigation:

I.

An presentation to orient the employees (can also be put on TSHC website)

II.

A help button can be added with some text explaining the structure of the website with suggestions

8

about navigation through the website.

9

APPENDIXES

1.

Contract with the client

PROJECT CONTRACT

Overview

The Thomas B. Thielen Student Health Center (TSHC) wants to implement online training on Health Insurance

Portability and Accountability Act (HIPAA) and ISU Health Information Privacy and Security Policy for the new employees. This training is intended to educate the employees on their responsibilities to protect patients’ personal health care and financial information according to HIPAA and ISU policies and will be carried out within five working days of their first day of employment.

This contract constitutes an agreement between Ms Penni McKinley and Ms Yasemin Demiraslan and Farrah

Yusop regarding the development of the ‘Handling Patients’ Privacy and Security Issues’ module of this training program. This document will serve as a reference point for discussion about the project and will set forth the expectations of both the client and the consultant. The contract is meant to be a continuously negotiated document that sets the groundwork for the project, and not a rigid set of guidelines that cannot be modified.

Personnel

The client for the project is Penni McKinley, the Quality Improvement Coordinator for the Thomas B. Thielen

Student Health Center. She is currently the trainer of the face-to-face orientation for the ‘Handling Patients’ Privacy and Security’ training program.

The consultanst are Yasemin Demiraslan and Farrah Yusop, PhD students from Curriculum and Instructional

Technology Department of Iowa State University. This project is undertaken by the consultants to fulfill the requirements of the CI 603 – Advanced Instructional Systems Design course. Yasemin and Farrah will work with

Penni during the course duration spanning 29 January 2007 to April 26.

Goal

To develop an online training module on the ‘Handling Patients’ Privacy and Security Issues’ for the TSHC new employees.

Objectives

1.

To identify learners’ needs

2.

To identify learning objectives of the training

3.

To analyze and scope the content of the training

4.

To develop the online training

5.

To pilot test the online training

Expectations and tasks

The client expects the consultants to: a.

Provide expert advice regarding the use of instructional methods and strategies b.

Manage the instructional product development process c.

Share problems and concerns about the project with the client d.

Adhere to agreed project deadlines, unless negotiated otherwise

The consultants expect the client to: a.

Work collaboratively with the consultants for the project b.

Share problems and concerns about the project with the consultants c.

Provide content expertise and appropriate learning materials for the project d.

Locate resources (inclusive of human, financial, material) necessary for the project e.

Adhere to agreed project deadlines, unless negotiated otherwise

Resources

10

The client will provide:

 materials for the online training

 resources for data collection and disseminating the online training

The consultants will provide:

 data on the requirements of the online training

 expertise in the instructional design of the online training

Work Schedule

Activity

7.

identify client’s needs

8.

conduct needs analysis

9.

design content and online module

10.

develop the prototype of the online module

11.

pilot test and revise the module

12.

disseminate the online module

Start Date

29 Jan 2007

5 Feb 2007

26 Feb 2007

End Date

5 Feb 2007

26 Feb 2007

19 March 2007

19 March 2007 9 April 2007

9 April 2007 23 April 2007

23 April 2007 3 May 2007

Renegotiation

Any part of this agreement may be revised at any time by mutual consent.

11

2. Interview questions

1.

Demographic background a.

Can you briefly describe your current job and roles in this center? b.

previous knowledge on HIPAA & ISU privacy policy

Did you ever heard about Health Insurance Portability and Accountability Act (HIPAA)?

What do you know about it?

How does it relate to your job?

2.

Training a.

previous training on HIPAA & ISU privacy policy

• have you taken the training? Where and when?

b.

Training expectations

What were your expectations? Did the training meet your expectations?

What do you know now about protecting privacy of health information that you wish you knew at the time of training?

What was particularly helpful about the training you received?

3. Suggestion to improve training

We are developing new online training about protecting privacy of health information.

What advice would you give us to make this training more effective and enjoyable for trainees?

4.

Learning preferences

Are you comfortable using computers?

Do you have access to computer and internet?

If you were given options to take the training online, print-based, CD which one would you prefer? Why?

5. Could you write one or two questions about protecting privacy of health information that you really want to learn the answers?

12

3. Final Compilation of case studies for TSHC

Module Case

2.2

PHI basics

I work in the TSHC Medical Record section. A friend of mine who works in the Yellow Pod section told me that she just saw her

ISU Teaching Assistant get on to the TSHC. My friend is curious about this person. She read in the Iowa State Daily paper that the

TA has cancer. My friend asked me if I could find out the TA’s medical records and show it to her.

2.3

PHI use and disclosure

2.2.c

Disclosing

PHI to family & friends

(Adapted from University of California, San Diego’s Department of Psychiatry at http://psychiatry.ucsd.edu/forms/HIPAA%20Mandatory%20Trainin g.pdf

)

Passing through a check-in area, Nurse Betty overhears Adam, the clinic check-in clerk telling a patient on the phone that he needs a follow-up appointment because his HIV test just came back positive. She notices waiting patients are listening intently to the phone conversation.

(Adapted from UNC School of Medicine at http://www.med.unc.edu/ois/hipaa/training/genprivacy_mod1/slide

15.html

)

Joe McCleod, who is a junior, was seen by a doctor at the TSHC for treatment of a broken leg. He is 19 years old.

Unable to learn what is happening with their son, Mr. & Mrs.

McCleod ask their friend, Betty, who works in the Business

Office, to review Joe's records. Betty reviews the records and informs Joe's parents that Joe broke his leg in two places after he fell over the curb coming out of the bars.

What we need from TSHC

2 people from the

Medical record section:

Talking to each other

1 person will act thinking of something

1 person will looking at the camera and puzzle

1 person from the front desk (talking on the phone)

1 nurse (passing by the desk)

2-3 people waiting in the waiting areas

1 woman (as the mom)

1 man (as the dad)

1 doctor (reading the patient’s record to the couple)

(Adapted from UNC School of Medicine at http://www.med.unc.edu/ois/hipaa/training/genprivacy_mod1/slide

12.html

)

3.2

Securing

PHI on your computer workstation

A physician leaves his tablet which is open to a patient’s visit notes, on the counter of the back lobby. The laptop did not have a automatic screen saver set. As the physician is on the phone, looking away the patient intentionally looks at the information on the laptop.

(Adapted from UNC School of Medicine at http://www.med.unc.edu/ois/hipaa/training/gensecurity_mod2/slid e21.html

)

1 person (using his/her laptop at

TSHC)

Back lobby counter

4. Acknowledgement Letter

May 4, 2007

Farrah Dina Yusop

Yasemin Demiraslan

Center for Technology in Learning and Teaching

N031 Lagomarcino Hall

Iowa State University

Ames, Iowa 50010

13

Re: Online training on the Health Insurance Portability and Accountability Act (HIPAA) and Iowa State

University (ISU) Privacy Policy for Thielen Student Health Center (TSHC)

On behalf of Thielen Student Health Center (TSHC) at Iowa State University (ISU) I would like to thank both of you for designing and developing an online training on Health Insurance Portability and Accountability Act (HIPAA) and ISU

Privacy Policy for our new and current employees.

The online training you designed and developed is very helpful to introduce our new employees to the HIPAA Privacy

Policy, a federal law that requires every healthcare personnel to protect patients’ personal health information and how

TSHC acts in accordance with the law. At the same time it also functions as a refreshing reference for our current employees. This is the first time that an online training on HIPAA and ISU Privacy Policy has ever been developed specifically for TSHC employees. The online training was very well done and we compliment you on its professional presentation.

I appreciate the time and effort you spent assisting our organization. I also appreciated the opportunity to get to know both of you. We look forward to future collaborations.

Sincerely,

Penni McKinley, RN, BA

Quality Improvement Coordinator

Iowa State University

2260 Thielen Student Health Center

Ames, IA 50011-2260

515.294.1059 (Work)

515.294.5457 (Fax)

14

5. Closing Letter

04/03/2007

Yasemin Demiraslan

Farrah Dina Yusop

Center for Technology in Learning and Teaching

N031 Lagomarcino Hall

Iowa State University

Ames, Iowa 50010

Penni McKinley, RN, BA

Quality Improvement Coordinator

Iowa State University

2260 Thielen Student Health Center

Ames, IA 50011-2260

Phone:15152941059 (work)

Fax:15152945457 pmckinle@iastate.edu

Dear Ms. McKinley,

You have requested developing an online training on Health Insurance Portability and Accountability Act (HIPAA) and ISU

Health Information Privacy and Security Policy for the new employees at the Thomas B. Thielen Student Health Center

(TSHC). The main purpose of the training was to provide the employees, especially the new employees at the Center, with the necessary information to protect patients’ personal health care and financial information according to HIPAA and ISU policies.

The enclosed materials were designed and developed to meet the objectives of the project such as identifying learners’ needs, identifying learning objectives of the training, analyzing the scope and the content of the training, developing and pilot testing the online training.

The results of the interviews conducted with 6 newly employed employees revealed that online module is more preferable than any other types of training, for instance, print-based materials and CD. The interviewees stressed that online module will enable them to access the training at anytime at anywhere at their own convenient. Our needs analysis also suggested that the online training including interactive elements such as videos, audios and animations, not only to motivate the employees to take the training but also to help them better understand how HIPAA and ISU policies looks like in real life situations. In addition, based on the needs analysis, we planed to break down the training modules into sub-modules for motivational and easiness purposes.

These findings informed us in developing the online training which will eliminate, or at least to minimize, the current problems in HIPAA training that you are experiencing. Accompanying these findings is a set of recommendations to improve the effectiveness of the online training.

Please feel free to send us e-mail if you have any questions about these materials or if we can provide any additional information to assist you in the implementation process. You may reach us via e-mail. Our e-mail addresses are: yasemind@iastate.edu

, fdyusop@iastate.edu

Thank you for this opportunity and we will be looking forward to future collaborations.

15

Sincerely,

Yasemin Demiraslan Farrah Dina Yusop

16

Download