HIPAA Pros is committed to the education of the healthcare workforce about the HIPAA regulations throughout the multi-levels of an organization; thus, has developed a program knows as TEA-Training, Education, and Awareness. The “Administrative Simplification” aspect of the law requires the United States Department of Health Services (DHHS) to develop standards and requirements for maintenance and transmission of health information that identifies individual patients. These standards are designed to improve the efficiency and effectiveness of the healthcare system by standardizing the interchange of electronic data for specified administrative and financial transactions, and to protect the security and confidentiality of electronic health information.
HIPAA Pros has developed a training program that covers the entire organization on three levels related to the relevance and detail of the positions within the department. The objectives of TEA are:
Level One: General Awareness
The purpose of this training is to provide awareness training to all members of the workforce as well as outside vendors such as billing companies, transcription companies and call centers. This training is done through the use of a training video or a CD-ROM. The attendees will be certified upon completion of the awareness training relative to compliance with the privacy and security regulations. The General Awareness sessions will define HIPAA, cover the policies and procedures pertinent to ensuring patient information, and define Protected Health Information and penalties for lack of compliance. The following topics will be addressed and defined:
- What is HIPAA and why/how does it apply to our organization
- Policies and procedures regarding personal access, visitor procedures, and facility security to ensure the best possible patient care in a confidential and secure environment
- Accountability/penalties for non-compliance
- What is Protected Health Information
- Where does the data hide
Level Two: Education
This training utilizes a computer based training program developed by our partner, Health Care Compliance Strategies (HCCS). This adult learning program allows covered entities to train specific positions that have pre-determined requirements, on how to handle the Protected Health Information in their daily operations. Employees involved in the handling of Protected Health Information will be able to proceed through the training based on their specific job description, and pre-determined position requirements. The introduction and discussion of Administrative Simplification is included. Integrated into this program are the auditing and documentation requirements indented through the Administrative Requirements of the Privacy and Security Regulations.
The Education training topics cover each of the following:
- Overview of the Compliance Program
- What is Protected Health Information
- Specific Policies and Procedures regarding handling medical records
- Security requirements including honoring access controls and PHI
- Handling of medical records
- Communication with patients
- Referrals to other physicians
- Interaction with hospital systems
- Sending of a fax containing information between and among facilities
- Preparing and disseminating compliance reports
- Evaluation of “HIPAA Hot Spots:” a detailed test of the HIPAA requirements and violations on workforce specified levels
Level Three: Technical Training
This training assures that all employees, whose jobs are affected by changes in policies and procedures, access controls, and management of Protected Health Information, are trained to the specifications required for their position. This level will involve hands on training related to the use of computer systems and is most beneficial in a classroom setting with either in house or outside training assistance. Train the trainer programs and teaching materials are also available.
The overall goal of the training service offerings is to ensure the highest quality of care is offered to all patients while ensuring the privacy and security of their Protected Health Information. The ability to provide the best possible patient care is the cornerstone of all policies and procedures, whether it is on the business or clinical side as covered by HIPAA.