Health Information Management

Tip: Use these agenda items for office training

HIM-HIPAA Insider, January 26, 2009

Editor’s note: Last week, we discussed pitfalls that could lead to HIPAA privacy and security violations at a physician’s office. This week, Rebecca Herold, CISSP, CIPP, CISM, CISA, FLMI, a privacy, security, and compliance consultant with Rebecca Herold & Associates LLC in Van Meter, IA, outlines topics for office training.

Train physician office staff members on the following topics:

  • The importance of policies
    • Executive support of policies
    • Policy responsibilities
    • Policy ownership
  • Sanctions for policy noncompliance
    • Updates to policies
    • Exceptions to policies
    • Whom to contact for questions
    • Reference information
  • What PHI is
    • Defining PHI and the related regulations and laws
    • Describing other types of personal information
    • Reviewing controls necessary for personal information
    • Roles and responsibilities for protecting/safeguarding PHI



0 comments on “Tip: Use these agenda items for office training


Most Popular