Add to collection(s) Add to saved
  1. Social Science
  2. Psychology
  3. Conformity

HIPAA Collaborative of Wisconsin

advertisement 
HIPAA Collaborative of Wisconsin
2014 ANNUAL REPORT
DECEMBER 2014
A Note From the President
Board of Directors
 Greg Margrett




















President
Passport/Experian Health Services
Holly Schlenvogt, MSH, CPM
Executive Vice President
HRT Consulting, LLC
Bethany Seeboth, JD
Vice President of Programs
Froedtert Health
Richard Donkle, CPA
Vice President of Communications
Rural WI Health Cooperative
Sarah Coyne, JD
Secretary
Quarles & Brady LLP
Brian Potter, CPA
Treasurer
Wisconsin Hospital Association
Cathy Boerner, JD, CHC
Boerner Consulting. LLC
Amy Bradshaw, MA, JD, CHC
Mercy Health System
Laurie Burckhardt
WPS Insurance
Nancy Davis, MS, RHIA, CHPS
Ministry Health Care
Heather Fields, JD, CHC, CCEP
Reinhart Boerner Van Deuren s.c.
Todd Fitzgerald, CISSP, CISA,
CISM, CIPP/E, CIPP/US, PMP,
ISO27000, ITILv3f
Grant Thornton International Ltd.
Suzanne Geske
Passport/Experian Health Services
Kathy Johnson
WI Department of Health Services
Lee Kadel, EMBA, MMOT,
GHSC
Wheaton Franciscan Healthcare
Mary Koehler
ProHealth Care
Chrisann Lemery, MS, RHIA,
CHPS, FAHIMA
WHIMA Representative
Susan Manning, JD, RHIA, CPC
Physician Practice Consultant
Thomas Shorter, JD
Godfrey & Kahn, s.c.
Janet Van Barriger
Marshfield Clinic
Marilyn Windschiegl
Dean Health Plan, Inc.
It is hard to believe, but yet another year has passed! We have seen continued change in the
healthcare arena over this past year, and “the COW” has continued to serve as a beacon of
education and resources for those impacted by HIPAA.
HIPAA COW held two successful conferences in 2014, with total attendance of over 410.
These conferences serve as a vital educational tool for those who are touched by HIPAA.
They also facilitate communication and networking that is vital for all of us to successfully
meet the challenges presented by HIPAA.
In addition to the twice-yearly conferences, HIPAA COW continues to offer its networking
groups, which are an excellent opportunity to network with others in the industry. No matter
if your specific area of interest is Privacy, Security, EDI, Risk Management, or Health Information Technology (HIT), HIPAA COW gives you the opportunity to come together with
other professionals with the same interests.
We are very excited to have the new Health Information Technology (HIT) networking group
getting started. This group will focus on the technical aspects of HIPAA compliance from a
Security (and Privacy) standpoint. Be it discussions on data encryption, how to ensure proper
security with mobile devices in your environment, or specific hardware that can help you to
mitigate security risks, the new HIT networking group will allow those in technical roles to
share their best practices.
Note that all of this comes at either no charge or a very low cost. HIPAA COW does not
charge membership fees. There is no cost to take part in any of the networking groups, nor is
there a cost to utilize any of the resources found on the HIPAA COW website
(www.hipaacow.org). HIPAA COW’s sole sources of revenue are sponsorship fees and conference fees. We work very hard to produce relevant, informational conferences at a very low
cost, and we thank our sponsors for their continued support of HIPAA COW.
HIPAA COW would not be the outstanding resource that it is without the dedication of many
volunteers. My personal thanks goes out to the HIPAA COW Board of Directors, the networking group co-chairs, and to you, those who take part in the conferences and networking
groups. A tremendous amount of time is donated throughout the year to plan the conferences,
hold the networking group calls, and produce/update the various deliverables from the networking groups. That time and knowledge is greatly appreciated!
Lastly, I offer my thanks to Wendy Ellwein, HIPAA COW’s administrative assistant and conference planner extraordinaire. She is truly the glue that holds “the COW” together…thanks,
Wendy!
Greg Margrett
HIPAA COW President
The Mission of HIPAA COW is to:
 Assist HIPAA Covered Entities, Business Associates, and other interested parties in implementing HIPAA's Privacy, Security and EDI Standard Transaction provisions, as
amended over time.
 Foster public education about HIPAA.
 Facilitate and streamline HIPAA implementation through identification of best practices.
 Reduce duplicate efforts among entities obligated to comply with HIPAA.
 Offer opportunities for partnering and collaborating between entities implementing
HIPAA.
 Identify and evaluate new or difficult HIPAA interpretation issues.
2014 Annual Report
Page 2
Security Networking Group
2014 Goals
Status Update
Evaluate the need for and update HIPAA COW Security documents already posted. The priorities are "Data Management and Backup”, "Facility Maintenance" and “HIPAA Oversight”.
Consider developing or adapting a standard list of abbreviations relevant to HIPAA security and privacy.
Completed
If additional guidance is released by the OCR regarding auditing guidelines to assist in implementing this portion
of the HIPAA Security Rule, the Security Networking Group will focus its attention on this guidance for HIPAA
COW members.
Evaluate the impact of various “devices” (e.g. infusion pumps, monitoring devices, other physiological monitoring, diagnostic/treatment equipment) on the LAN and also writing a white paper on BYOD in the health care environment.
Continue to help identify Security topics for Spring and Fall conferences including consideration of on-going
“Security Panel: Security Technology Roundtable Discussion” from Fall Conference.
Continue to respond to Security related industry inquiries, news updates, technology updates, etc. as they are submitted to the Security Networking Group.
Evaluated—decided not
necessary (other list
available here: http://
hipaacow.org/resources/
Continue to Monitor
and react as appropriate
Tabled to 2015
On-going
On-going
Privacy Networking Group
2014 Goals
Status Update
Update second tier deliverables for HIPAA/HITECH Omnibus Rule – Marketing, Fundraising.
Completed Marketing,
Fundraising, and
Restrictions
On Hold – Lack of
Volunteers/Leaders
Completed – Law Enforcement
Completed
Completed
Completed
Update Employee Health White Paper.
Identify and deliver privacy topic for HIPAA COW Webinar (e.g., Reporting and Disclosing Patient PHI to Law
Enforcement Officials or other current issue).
Provide topic support for HIPAA COW Spring and Fall Conferences.
Continued participation as requested by external health information exchanges and health information projects.
Continue to respond to privacy inquiries made to HIPAA COW.
Risk Management Networking Group
2014 Goals
Status Update
Continue to maintain, update, and improve the Risk Analysis & Risk Management Toolkit:
 Finish incorporating the NIST HIPAA Security Toolkit questions into the HIPAA COW risk assessment
In Progress
toolkit.
 Evaluate the need to update the Risk Toolkit to include new likelihood, impact, and risk level scoring.
Completed
 Develop a gap analysis tool to evaluate security controls based upon data classification and criticality
In Progress
levels for new systems and hardware as well as those being upgraded.
EDI Networking Group
2014 Goals
Status Update
Conduct a webinar on relevant EDI topic, i.e. HPID (Health Plan ID)
Provide education sessions at spring / fall conferences on HPID, operating rules, HCC -Hierarchical Condition
Coding for ICD10
Hold monthly EDI networking phone calls as a forum for ongoing discussion and education
In discussion
Completed
Consider new initiatives and develop tools for use by group and community
Recruit additional participants for workgroup
Outreach to outside organizations to collaborate on new initiatives to further education efforts on HIPAA and EDI
Resource in resolution of issues related to HIPAA Transaction Code Sets
Participate in forums / discussions regarding industry standards adoption / revisions
Ongoing—Changed to
Quarterly Calls
Delayed due to lack of
group participation
In progress
Delayed due to lack of
group participation
Ongoing
Ongoing
2014 Annual Report
Page 3
Security Networking Group
 Evaluate the need for and update HIPAA COW Security documents already posted. The priorities
are the Auditing Policy, Portable Media Whitepaper, and Facility Access Policy.
 If additional guidance is released by the OCR regarding auditing guidelines to assist in implement-




ing this portion of the HIPAA Security Rule, the Security Networking Group will focus its attention
on this guidance for HIPAA COW members.
Evaluate the impact of various “devices” (e.g. infusion pumps, monitoring devices, other physiological monitoring, diagnostic/treatment equipment) on the LAN and also write a white paper on BYOD
in the health care environment.
Continue to help identify Security topics for Spring and Fall conferences. Continue the on-going
“Security Panel: Security Technology Roundtable Discussion” as at prior conferences or similar to
the last conference (Three Minute Security Issues: Cow Pie or Cow Tale?).
Continue to respond to Security related industry inquiries, news updates, technology updates, etc. as
they are submitted to the Security Networking Group.
Collaborate with Privacy Group to update the example Privacy and Security Training session and
review questions documents.
Privacy Networking Group
 Update second tier deliverables for HIPAA/HITECH Omnibus Rule – Charging for Copies; Author-







izations, HIPAA and Law Enforcement, Minors and Access, Psychotherapy Notes, Preemption 146add 146.816, Business Associates.
Update Employee Health White Paper.
Identify and deliver privacy topic for HIPAA COW Webinar (e.g., Minors and HIPAA).
Continue quarterly Privacy Networking Group calls.
Provide topic support for HIPAA COW Spring and Fall Conferences.
As requested, continue participation by external health information exchanges and health information projects.
Continue to respond to privacy inquiries made to HIPAA COW.
Collaborate with Security Group to update the example Privacy and Security Training session and
review questions documents.
Risk Management Networking Group
 Continue to maintain, update, and improve the Risk Analysis & Risk Management Toolkit:
 Continue incorporating the NIST HIPAA Security Toolkit questions into the HIPAA COW risk
assessment toolkit.
 Finish developing a gap analysis tool to evaluate security controls based upon data classification
and criticality levels for new systems and hardware as well as those being upgraded.
EDI Networking Group
 Provide education sessions at spring / fall conferences on HPID, operating rules, and any new man-
dates/initiatives relating to EDI.
 Hold quarterly EDI networking phone calls as a forum for ongoing discussion and education.
 Consider new initiatives and develop tools for use by group and community, i.e. payer readiness re-
lating to implementation of ICD-10.
 Recruit additional participants for workgroup.
 Outreach to outside organizations to collaborate on new initiatives to further education efforts on
HIPAA and EDI.
 Resource in resolution of issues related to HIPAA Transaction Code Sets.
 Participate in forums/discussions regarding industry standards adoption/revisions.
2014 Annual Report
Page 4
Website News
HIPAA COW
P.O. Box 25413
Woodbury, MN 55125
Attn: Wendy Ellwein
(651)340-6426 Phone & Fax
admin2@hipaacow.org
Get Involved:
To join a
HIPAA COW
Networking Group,
please go to the
Resources page on our
website and view the
“Why should I join a
Networking Group?”
brochure.
Contact a
Networking Group
co-chair for details.
Social Media:
The HIPAA COW website, hipaacow.org, has been a resource to thousands of users. For the 12 months ended September 30, 2014, there were
over 19,500 users of the site, making over 32,000 visits. The site provides
a wealth of information about HIPAA and free access to HIPAA COW
deliverables. Users of the website can find information on HIPAA COW
and sponsored events, numerous documents related to Privacy and Security issues, presentations on HIPAA, a job board, links to other related websites, and other useful information. Many of these visitors download documents and other resources that are available on the website. HIPAA COW
does not charge any fees for using the resources available on the website.
Check us out at: hipaacow.org
Looking Ahead

Upcoming Conference Dates:
April 10, 2015 - Spring Conference, Olympia Resort, Oconomowoc
October 23, 2015 - Fall Conference, Wilderness Resort, WI Dells
January 20-22, 2016 - Mega Conference, Kalahari Resort, WI Dells

Webinars:
HIPAA COW offers webinars as a way to present current “hot topics”
and to reach out to the those in the outlying areas of the state. Watch
for emails and check the website for upcoming webinar dates and topics, as they become available.

Sponsorship Program:
To view the HIPAA COW Sponsorship program or to become a 2015
sponsor, please go to our website at www.hipaacow.org and click on
the sponsorship link. Sponsorship is greatly appreciated as it helps to
keep our conferences available at a lower cost.
Special Thanks to our 2014 Sponsors
GOLD:
Like Us on Facebook!
Follow us on Linked-In!
Go to our website
hipaacow.org
and click on the logos in
the “Connect with Us” box.
SILVER:
BRONZE:
Related documents
CARDIOLOGY ASSOCIATES OF PRINCETON, PA
CARDIOLOGY ASSOCIATES OF PRINCETON, PA
“You have the Right”
“You have the Right”
HIPAA Steering Committee - East Carolina University
HIPAA Steering Committee - East Carolina University
Communication, Teamwork, and Compliance
Communication, Teamwork, and Compliance
Presentation Slides
Presentation Slides
Workers Comp Policy Doc
Workers Comp Policy Doc
the HIPAA quiz
the HIPAA quiz
Download
advertisement