The 2010 Healthcare IT Survey is a study carried out by Zoomerang,  an online services provider on behalf of Imprivata, a company that develops enterprise authentication and access management solutions and is based in Lexington, Mass. The survey was conducted amongst 600 decision-makers across hospitals in the U.S. and Canada.

80% of respondents said that securing patient information from unauthorized access and data breaches is a top priority in their organization and 76 percent claim breach of confidential HIPAA protected information or unauthorized access to various clinical applications as their greatest security concerns. A full 97% of those surveyed said their organizations planned on spending more on IT security in 2010 than they did in 2009.

And the HITECH act it seems is only complicating things for those in healthcare IT.

Challenges cited by respondents for complying with the HITECH Act included employee education (46 percent), costly updates (43 percent) and meeting deadlines (37 percent). Nineteen percent of respondents said they themselves do not understand the HITECH Act.

Read the full survey report here

Healthcare HIPPA / EDI Systems Analyst

Company:           Regence

Base Pay:             N/A

Location:              Tacoma, Washington

Employee Type:               Full-Time

Industry:              Managed Care

Are you an innovative and motivated Systems Analyst looking for an opportunity to be part of a forward thinking company working to change the health care system? If you can embrace being part of this change then we want you to take a look at Regence.

We’re looking for a Systems Analyst who is able to work in a team environment for the development, maintenance and delivery of applications systems. You’ll have the opportunity to use your business, design, analytical and interpersonal skills in your daily work to develop solutions.

Read more about this position here

Compliance & Privacy Manager

Company:           University of Louisville Hospital

Job Type:             Management

QA – Quality Control

Location:              US-KY-Louisville

Employee Type:               Full-Time

The Compliance/Privacy Manager oversees the development and implementation of and adherence to corporate-wide privacy principles, policies and practices. The Compliance/Privacy Manager is responsible for coordinating all corporate activities with privacy implications, as well as monitoring all of the organization’s services and systems to assure meaningful privacy practices. The Compliance/Privacy Manager also advocates and protects patient privacy by serving as a key privacy advisor for patients, handling disputes or complaints relating to privacy issues.

Read more about this opportunity here

Clinical Documentation Specialist

Location:              San Antonio Community Hospital

999 San Bernardino Road

Upland, CA 91786

Shift/Schedule: FT- 7a-3:30p

Education: Bachelor’s Degree in related field required. License/Certifications: Current CA RN license. CDS certification is encouraged but not required. Experience: Five years of recent experience in a clinical healthcare setting.

Knowledge and Skills: Must possess a high level of clinical knowledge regarding the patient population served in order to participate collaboratively with all members of the care team. Works with minimal supervision. Must be able to communicate verbally and written to individuals of varying educational levels.

Position Summary: Assists with improving the overall quality and completeness of physicians clinical documentation of diagnosis and procedures using terminology integral to HIPAA related transaction sets, primarily in inpatient and observation admissions.

Read more about this position here

South Carolina Sales Consultant

Company: Medsecurepro

Location: Columbia, SC

Rapidly growing company seeks experienced sales representatives for medical sales in South Carolina territories. Sales activity involves sales of web-based HIPAA secure patient management and communication systems, EMR/EHR programs,HR online training programs as well as media campaign programs. Consultants will cover all medical practices in territory including family practice and any medical specialty practice, dental, optometrists, veterinarian, and chiropractic practices.

Read more about this opportunity here

Health Information Exchange Architect

Company: IBM

Location: Topeka, KS

BM is looking for a Health Information Exchange Architect. Incumbent will: 1) Provide architectural and development expertise to cross-disciplinary team of IBM functional and technical Consultants, IT Architects and IT Specialists working with client for its HIPAA ASC X12 5010 initiative. 2) Lead technical team in working with client to identify, architecting, design and develop its HIPAA ASC X12 5010 solution Harvest metrics, lessons learned and otherwise help to refine a repeatable approach that can be applied to other IBM clients. 3) Work with Project Manager to carry out project management tasks. 4) Experience with products and technologies commonly encountered in the Healthcare industry, particularly for Claims, such as EDI, ESB, COBOL, Websphere products, and BI, EAI and ETL tools.

Read more about this HIPAA job here

Healthcare IT Auditors HIPAA, HITRUST, HITECH

Location Dallas, TX

FULLTIME

Pay Rate: 90,000 – 120,000

Our client is consulting firm specializing Healthcare risk advisory services, which encompasses IT Audit for the healthcare industry. They help their Healthcare clients with information security and the increasing risks and liabilities facing the Healthcare Industry. They do HITRUST Common Security Framework (CSF) assessment and gap analyses, and are experts in protecting their clients’ healthcare information while managing risks and compliance with other regulations such as HIPPA, the HITECH act and PCI. We are looking for a few solid Senior Level IT Audit Consultants, and Manager Level Consultants with a strong background in Audit for the Healthcare industry.

Learn more about these positions here

HIPAA System Analyst Leader

City: MENANDS

State: New York

Country: USA

Company Name: CSC

This candidate will work on HIPAA implementation, issues remediation, and will assist in the development of the Privacy and Security Policies and Procedures. Understanding of the HIPAA Privacy Regulation is key for this position. In addition, the candidate will follow various organizational listserv, such as NCPDP, X12N, DISA, NMEH, Wedi-SNIP and others. Some travel will be required to work with the industry groups and standards development organizations in the development of HIPAA Implementation Guides and technical reports, as well as to attend HIPAA Privacy and Security forums.

Read more about this position here

Director of Privacy & Records Mgmt

Healthcare Services – Fortune 500

Houston, TX

We are representing a Healthcare Services provider experiencing one year revenue growth of 10% and cumulative seven year revenue growth of 220%.

Responsibilities of Director of Privacy:

Responsible for administrating, monitoring, and testing Health Insurance Portability Accountability Act (HIPAA), record management, and research compliance programs. Monitors record management policies and procedures to evaluate their effectiveness.  Supports and adheres to the Code of Ethics and Business Standards.

Learn more about this opportunity here

Electronic Health Record Analyst

Location: Cleveland, Ohio, United States

Under the direction of the Supervisor of HIM Services, the EHR Analyst analyzes patient care information in the Electronic Health Record (EHR) and interacts with Providers, Administrators and other CCF personnel regarding EHR corrections and provides reliable tracking mechanics for changes to the EHR. Works with ITD to resolve identified problems and make corrections to the EHR, coordinates resolutions of patient amendment requests under HIPAA, prepares statistical reports for Medical Records Committee and other Administrative Committees. Provides end-user training and develops end -user documentation in the HIM Section. Provides implementation and project management assistance through all phases of the development cycle. Ensures EHR compliance with JCAHO and all levels of regulatory guidelines. Makes recommendations as appropriate in regard to impact on patient care, patient safety, and physician and patient satisfaction.

Learn more about this position here

IT Compliance, Controls Integration Project Manager

Kaiser Permanente Information Technology (KPIT)

Oakland, CA

At the Program Management Consultant Specialist level within Controls Integration you will be responsible for providing advanced compliance program management for IT Compliance. In addition, you will provide analytical, feasibility, business case and executive summary skills needed to form highly reliable risk management strategies to meet various compliance requirements.

Learn more about this job here

HIPAA privacy regulations have always given individuals the right to request restrictions on how health care providers use or disclose their information, but until recently, health care providers have always had the discretionary power to say “no” to these requests if they felt it would impair their ability to properly treat their patient or to get paid by the insurance companies.

However the HITECH amendments recently proposed to supplement the HIPAA laws change that, to a certain degree at least.

Now, when a patient is paying for their own treatment out of their own pocket, or another private individual is footing the bill and they request that you share none of their information you must comply with their wishes.

The patient will also have the right to make their request on a visit by visit basis. For instance if you (or the medical practitioner you work for) regularly sees a patient for a certain complaint that is covered by his or her insurance but then opts to pay out pocket for a non-covered treatment they have the right to request that you share none of the details of the treatment they paid for themselves with anyone, including their health insurance company.

More headaches? Maybe. Tracking which patient procedures can be shared and which cannot may prove cumbersome. But the extra effort will be worth it in the long run to ensure your diligent efforts to remain HIPAA complaint are not derailed.

Like many Michigan residents she was upset when a local policeman was shot to death pursuing a suspect. She actually treated the killer as a part of her duties as a nurse at Oakwood Hospital in Detroit. Problem was she then posted that fact on her Facebook status – sort of.

Her first message revealed that she came face-to-face with a cop killer and hoped he rotted in hell. She also posted another one that her now former employers won’t discuss. They let her go from her job citing that she had violated HIPPA regulations by disseminating protected health information about a patient on a public forum (ie Facebook)

The nurse plans to fight her termination as she feels she did no such thing. According to her “ I am familiar with HIPPA. I did not give out any of his information. I did not give out his name. I did not mention the hospital. I did not give out his condition,” James said. “I did not violate HIPAA”

Who do you think is in the right here? Click here to watch Ms. James ‘interview with Fox 2 Detroit

HIPAA EDI Technical Lead

Company: CNSI

Status: Full Time, Employee

Job Category: IT/Software Development

Gaithersburg, MD

Job Duties/Responsibilities:

1. Be the Technical and Functional Lead for the HIPAA/EDI loading sub system that primarily deals with loading of X12 HIPAA transactions and generation of appropriate X12 responses.

2. Assign and monitor tasks to the team. This includes defect fixes and enhancements.

3. Be the functional point of contact for the client

4. Monitor daily operational cycles

5. Update and get approval on Design Documents

6. Conduct code review of changes

Learn more about this job here

VistA (EDI, HIPAA) Technical Analyst

Company:           Robert Half Technology

Location:              US-CO-AURORA

Base Pay:             $40.00 – $42.00 /Hour

Employee Type: Contractor

Industry: Computer Hardware/Computer Software

Robert Half Technology’s client in Aurora, CO is looking for a VistA (VA-specific EMR tool) analyst for a 6+ month contract. Robert Half Technology’s client in Aurora, CO is looking for a VistA (VA-specific EMR tool) for a 6+ month contract. All positions require direct, hands on experience with analysis of and documentation of technical and functional requirements for enhancement of VA VistA software.

Read more about this job here

Associate Director of Regulatory Compliance

Location: Dayton, OH (map it!Map it! )

Base Pay:$130,000 /Year

Other Pay:25% Bonus + Relocation

Employee Type: Full-Time

Industry: Pharmaceutical

This position is located in Dayton, OH with a leading healthcare firm.  Salary will be 130K with 25% bonus and relocation.  Position reports to the Sr. Dir of Reg. Affairs.

Job Summary: Provide leadership for a comprehensive corporate compliance program to ensure organizational compliance with federal and state regulatory and accreditation requirements to include relationship management and program advocacy with CMS and state regulatory agencies, incorporation of new requirements into plan operations and monitoring plan performance against requirements.  Serve as the XXX HIPAA Privacy Compliance Officer.

Learn more about this job here

Part Time Client Service Rep for Medical Records-ROI

iod incorporated

Location Jacksonville, NC 28541

Employee Type: Part-Time

Industry: Healthcare – Health Services

iod incorporated, a leader in release of information for medical records, is seeking a PART TIME Client Service Rep to process medical records at a hospital facility.

Responsibilities will include but are not limited to answering phones, faxing request, verifying authorizations for HIPAA compliance on release of information requests, scanning medical records and data entry.

Ideal candidates will have previous experience working in a hospital medical record department or medical office. Familiarity with HIPAA guidelines or ability to learn and apply the guidelines is essential. Strong clerical skills in office setting is a must. They will also have excellent communication skills, as well as be organized, professional and service oriented.

Read more about this job here

Medical Records Site Supervisor / Team Lead

Universata, Inc.

Location: Ann Arbor, MI

Employee Type: Full-Time

Industry: Computer Software,Consulting

The Medical Records Site Supervisor will oversee the Release of Information team at local hospitals and clinics as well as the following:

*Supervise site and up to 15 employees with duties such as time management, hiring, training and quality assessment

*Interact with and handle requests submitted by a variety of entities such as individuals, Doctors, Attorneys and insurance companies

*Provide support to all company operations including preparing, scanning and uploading by computer medical requests, authorizations and medical records in accordance with HIPAA

*Provide the hospital and customers with complete professionalism and customer service support daily

Learn more about this position here

Information Security Specialist

St. Mary’s Hospital

Location: Baltimore, MD

Employee Type: Full-Time

Industry: Healthcare – Health Services

St. Mary’s Hospital is working very hard to become the premier healthcare employer in Southern Maryland by creating an environment with only the best in mind. We strive to maintain and develop the best facility, services, and employees. At SMH, our employees are treated as individuals and we maintain an open door policy welcoming.

We are actively looking to hire a qualified Information Security Specialist (ISS) to join our team in Leonardtown, MD.

The Information Security Specialist (ISS) is responsible for determining appropriate security measures and creating and updating policies and procedures that monitor and control access to system resources and data as well as protect the confidentiality, integrity, and availability of critical information and systems. The ISS is responsible for providing significant technical expertise and experience, standards development, program development, risk assessment, reporting, and awareness education related to information security.

Read more about this job here

Compliance Auditor-HIPAA

Company:           Loma Linda University Medical Center, Loma Linda CA

Base Pay:             N/A

Employee Type:               Full-Time

Industry:              Healthcare – Health Services

The Compliance Auditor is primarily responsible for monitoring and auditing established mechanisms and controls to ensure compliance with HIPAA/Compliance requirements. Conducts routine audits that include site audits and walkthroughs; system reviews with the assistance of the Information Systems department, as well as process reviews for the hospital, ancillary services and satellite clinics. Audits against state and federal regulations and guidelines, industry standards, benchmarking data obtained from other academic medical institutions, and internal policies and procedures.

Learn more about this job here

Senior Systems Analyst – HIPAA Transactions

Lewis and Fowler

Location: Denver, CO

Lewis & Fowler has an immediate need for a Systems Analyst with experience in system requirements documents for various EDI HIPAA transactions.  Background requirements also include experience with system mapping documents and analysis specifications.  The successsful candidate should be skilled in using HIPAA implementation guides and setting up 4010 requirements or assisting with the conversion to 5010 requirements.

Learn more about this job here

Sr. Business Systems Analyst

Seagull Global Solutions

Providence, RI

Description:

Experience: 8+ years

1. HIPAA 5010 knowledge

2. HIPAA 4010A experience

3. National Council of Prescription Drugs (NCPDP) version D0 knowledge

4. Prior experience with National Council of Prescription Drug Program (NCPDP) for Retail Pharmacy transactions

5. Prior experience with NCPDP Medicaid Subrogation for Pharmacy Claims

6. HIPAA EDI transactions experience

7. System implementation experience

8. Testing methodology experience * development of plan, schedule, test scenarios, results documentation (System, User, Global Certification)

9. Business Analysis * ability to gather, clarify, and document requirements of project, as well as assist in implementation of requirements

Learn more about this job here

Hipaa Consultant

SysZen

Job Location:  Warren,  New Jersey

Looking for strong Healthcare candidates who are expert in Hipaa Looking for senior level Consultant with Project Management experience performing assessments and managing implementation of the HIPAA Transaction and Code Set requirements.

Leran more about this job here

On Tuesday July 27^th, 2010 it was announced that drugstore giant Rite Aid had agreed to a $1 million settlement to atone for their HIPAA transgressions. The settlements apply to all of Rite Aid’s nearly 4,800 retail pharmacies and follow an extensive joint investigation by the HHS Office for Civil Rights (OCR) and the FTC.

The problems began for Rite Aid and its 40 affiliated entities – collectively known as RAC – when the television news media began producing video footage of various RAC employees in several cities across the country disposing of prescription bottles containing individuals’ identifiable information in industrial dumpsters that were accessible by the public – a huge HIPAA violation that one would have assumed a giant corporation would have known better than to ever risk.

In addition to the fines Rite Aid has had to forge agreements with both the OCR (Office for Civil Rights) and the FTC (Federal Trade Commission) who conducted the joint investigation as to the steps they have to take to ensure that such violations never occur again.

You can read the full press statement announcing the settlement here

HIPAA / EDI Healthcare QA Tester

Company:           TEKsystems

Location:              Chicago, IL

Salary:   $42.00 – $0.00 /hour

Position Type:   Full Time, Temporary/Contract/Project

Job Category:    Quality Assurance/Safety

This position is responsible for evaluating requirements for testing new or modified products and documentation prior to production release; designing, developing, creating, and executing test plans and cases based on software requirements and technical understanding of product architecture; executing various system, performance, integration, and ad-hoc tests according to approved test plans and testing schedule; troubleshooting, in conjunction with end users and development teams, on issues of reproducing, investigating and debugging software; generating defect reports for issues found during testing, and providing accurate testing status to project stakeholders; focusing on project quality issues, but also makes contributions beyond immediate assignments; possessing broad overall knowledge of business applications; working independently; managing multiple testing projects concurrently.

Read more about this position here

SENIOR BUSINESS ANALYST – HIPAA 5010 PROJECT

Location: New York, NY 10011

Employment Type: Full Time, Temporary/Contract/Project

Experience Required : 5+ to 7 Years

Strong Senior Business Analyst to begin work on our HIPAA 5010 implementation. The scope of work in the beginning of the engagement will be a GAP analysis of our current/future state for planning purposes, prior to beginning work on the actual requirements for the implementation itself.

Learn more about this job here

HIPAA RELEASE OF INFORMATION SPECIALIST

Verisma Systems, Inc.​

Rochester, NY 14642

Industries Healthcare Services

Job Type Full Time

Years of Experience 2+​ to 5 Years

Education Level  High School or equivalent

The ROIS is a vital position in our growing company (we have Distribution Centers in Colorado and New York serving customers in 16 states and the District of Columbia).

A great personality, tenacious concern for quality and detail are critical. You will use a computer and scanning equipment and our proprietary software to process requests for release of confidential patient information and will work onsite at our customer facility in Rochester, NY.  You will be part of a team tasked to provide superior service to this very important customer.

Read more about this position here

BUSINESS ANALYST (Medicaid and HIPAA)

Company: Infokons

Location: Nebraska

Position: Business Analyst (Medicaid and HIPAA)

Location: Nebraska

Duration: Long Term

This is with State of Nebraska. Candidates with prior experience working with State Clients would be preferred.

Job Description:Required:-Bachelor’s degree.-Three years experience (current within the last year) working with a Medicaid agency or commercial health/casualty insurance organization.-Must have five- (5) or more years experience in working with business clients and technical staff.-Must have five- (5) or more years experience working independently within guidelines and documenting program policy.-Must have experience conducting complex regulatory analysis.-Must have experience developing Medicaid business and organizational impact analysis.-Experience with Medicaid business processes.

Read more about this opportunity here

CLINICAL ADMINSTRIATIVE COORDINATOR

Company: UnitedHealth Group

Location: Wausau, WI

Position Description: * Assist with benefit and eligibility verifications * Appropriate referrals to Case Management staff * Perform data collection and quality monitoring activities as applicable * Document case information completely, accurately and in a timely manner * Demonstrate sensitivity to issues and show pro-active behavior in addressing customer needs * Enabling and supporting responsibilities include all activities associated with supporting processes within Utilization Management; this includes all non clinical functions * Provide ongoing support and education to team members * Optimize customer satisfaction, and positively impact productivity * Clinical Support Specialist will not conduct any evaluation or interpretation of clinical data and will be supervised by licensed physicians.

To learn more click here

Medical Record Technician

Company: United States Department of Veterans Affairs

Location: California

DUTIES: Assigns codes utilizing International Classification of Diseases, Clinical Modification (ICD-9-CM), Diagnostic and Statistical Manuel of Mental Disorders (DSM), Current Procedural Terminology (CPT) and Healthcare Common Procedure Coding System (HCPCS) to each diagnosis/procedure/operation listed in the encounter. Assists staff and reviews each recorded diagnosis and operation/procedure for accuracy, completeness and supportive documentation. Identifies diagnosis and procedures to determine proper Diagnostic Related Group (DRG) through proper sequencing of secondary diagnoses according to their impact on resource usage and provides correct code assignment for all outpatient visits/procedures to ensure proper reimbursement to the facility.

Click here to view the full job description

Compliance Officer

Company: Eastern Maine Healthcare System

Location: Brewer, ME

Compliance Officer Department: Compliance & Internal Audit Schedule: Regular Full-time Shift: Day Hours: 8-5 Hours per Week: 40 Job Details: * Under the direction of the Director of Compliance & Internal Audit, the selected candidate will help develop, implement, and maintain the EMHS Compliance Program to assure compliance with EMHS policies and procedures and all applicable federal and state health care laws and regulations, with a particular emphasis on HIPAA issues. The selected candidate will help prevent, detect, and resolve instances of conduct that do not conform to EMHS policies or federal and state laws and regulations. The selected candidate will provide service, assistance, and guidance to all departments within EMHS and all affiliates on compliance and HIPAA related issues

For more details about this job click here

HIPAA Security Compliance Expert

QSSI, Inc. Columbia MD

This is an opportunity to work as a full time employee delivering innovative solutions to key Healthcare organizations in managing HIPAA Privacy and Security Compliance.The candidate will lead the practice, develop processes and standards, manage operations and interface with the customers supervising the delivery of solutions to them.

Develop the process and procedures for HIPAA Privacy and Security assessment, Gap analyses and Corrective action plan (CAP).

Document and present CAP and create a detailed implementation plan

Interface with the clients during the various phases. This will involve interactions with Executive team, IT staff and others

Manage the active implementation of suggested recommendations by working with Technical teams

Learn more about this position here

X12 HIPAA Business Analysts

Diversified Services Network Springfield, IL 62706

We need a X12 hippa business analyst to fill a position in Springfield, IL. If qualified we will work with you on a w-2. The Job starts end of July.

The correct qualified person will refine requirements and document user requirements for the programming consultants working on HIPAA 2.

Read the full job description here

Technical Lead Application Development

Beacon Health Strategies – Boston, MA

The TLAD (Technical Lead Application Development) is responsible for analyzing, developing, and deploying software applications to meet Company and client requirements in a Visual basic, SQL server multi-tier environment.  This individual will analyze requirements for the design, development and implementation of application development projects, front-end applications used to support web, client/server and data warehousing requirements.  This individual will play an integral role within the development team, providing hands-on development, maintenance and implementation of EDI systems utilizing HIPAA transactions and other application development projects involving client-server, Internet and Intranet functionality.  This individual will have a high level of technical ability, good project management skills, and a full understanding of development lifecycles and formal methodologies.  This individual will lead application design and development activities for enterprise scale multi-tier applications using open industry standard technologies and participate in enterprise architecture strategy development and the implementation plan development and execution.  This individual will lead Web application design and development activities for enterprise scale multi-tier applications using open industry standard technologies and participate in enterprise architecture strategy development and the implementation plan development and execution.

Read more about this job here

The suit came about as a result of  Health Net’s loss of a hard drive containing over 500,000 individuals’ records including clinical data, social security numbers, addresses, and other financial information. According to Blumenthal, Healthnet then compounded the gaffe (which they chalked up to theft) by failing to inform those affected about what had occurred for over six months after the incident occurred.

Under the terms of the settlement Healthnet will be ordered to pay $250,000 directly to the state of Connecticut representing statutory damages (and to serve as a warning to other health insurance companies as well no doubt) They will also have to put aside a further $500,000 to cover damages should it eventually be found that the missing hard drive was accessed and that members personal information was ever used in an illegal manner. Guessing that there are still a lot of crossed fingers at Healthnet on that issue..

You can view the full settlement details here

Link: http://www.youtube.com/watch?v=6wRDorQ73Ng

HIPAA Christmas poem – Santa in the ER:

A Visit to the ER from St. Nick

Twas the night before surgery, and all ‘cross the floor

The patients were buzzing ’bout the guy in Room Four.

His chart was hung on his door with great care

To make sure his name was not shown anywhere.

The patients were nestled all snug in their beds

While telemetry monitors beeped overhead.

And I in my gown, with its crack in the back,

Had just settled down for my clear liquid snack.

When down the hall there arose such a clatter,

I sprang from my bed to see what was the matter.

I pulled off my leads and flew out the door,

With my IV pole dragging behind on the floor.

Away to Room Four I hurriedly dashed

Unaware of my gown and the nurses I flashed.

As I slid to a halt and leaned to peek in

I heard the nurse say, “Sir, you mustn’t go in!”

And what did I see when I looked in Bed A

But ole Mr. Claus; on his belly he lay.

Covered in gauze and stuck high in the air

Oh what a sight, ’twas St. Nick’s derriere!

He was yelling at Doris, the nurse at his side

To be tied to this bed, he just could not abide.

He moaned and he bellowed about his ill luck

But there was just nothing for it; the old man was stuck.

“What happened to Santa?” to Doris I said,

“Why’s he on his belly in this hospital bed?”

With a grin she whispered, “He did something stupid.

He injured his butt when he backed into Cupid.”

But the old man’s ears were sharp as tack.

He heard what she said there behind his back.

“You had no right to speak, and that is a fact!

Don’t you know about HIPAA, the privacy act?”

“You’re out of compliance, Doris, my dear.

You had no right to tell him ’bout my injured rear!

I’ll sue you for breach, and this hospital, too!

You won’t have a job when I’m through with you!”

“When I check my list and then check it twice,

You’ll be in the column labeled ‘Not Nice.’

The HIPAA patrol will likewise drop by

To find out why you, Doris, did not comply!”

“They’ll want to know why you opened your yap,

A big, hefty fine on your butt they will slap.

And from me every Christmas you will now see

Nothing but switches and coal ‘neath your tree.”

Merry Christmas and HIPAA New Year!

Once again we’ve brought you the best of the best.  From Monster.com, SimplyHired.com, MedicalWorkers.com and Dice.com, here are the top 10 HIPAA jobs as of October 29, 2009 nationwide.

1. Chief Privacy Administrator

2. HIPAA Specialist

3. HIPAA Business Analyst

4. Corporate HIPAA Compliance Manager

5. EDI Lead Developer

6. HIPAA Privacy Manager

7. Manager, Patient Relations

8. Lead Correspondence Clerk

9. HIPAA Auditor

10. Privacy Specialist

Here are the brief summaries and details of the jobs we’ve found for you:

Job Title: Chief Privacy Administrator

Company: Catholic Healthcare West (CHW)

Location: San Francisco, CA

Job description: The Chief Privacy Administrator is appointed by the CHW Board to direct the organization’s activities related to development, implementation, maintenance of, and adherence to policies and procedures covering the privacy of, access to, and protection of patient, provider, employee, and business information in compliance with CHW policies and procedures, and as required by the HIPAA privacy rule, the FTC Red Flag Rule, and other applicable regulations and laws.

The Chief Privacy Administrator collaborates with CHW legal counsel to monitor or interpret the requirements of HIPAA and other applicable federal and state privacy laws and regulations. The Chief Privacy Administrator receives complaints and requests for further information regarding CHW privacy policies and notices; in collaboration with CHW legal counsel, oversees investigations and required state and federal reporting and notification involving breaches of confidentiality; coordinates all activities with privacy implications; and monitors systems and services to assure meaningful privacy practices. The Chief Privacy Administrator also monitors and coordinates all requests for information from federal and state regulators investigating privacy.

Click  here to read more about this position.

Job Title: HIPAA Specialist

Company: AETEA Information Technology

Location: Olympia, WA

Job description: Our Olympia, WA customer needs a Consultant with strong HIPAA experience and knowledge to help with getting through HIPAA/EDI testing. We are looking for someone who knows the Federal HIPAA transaction implementation guides well and can understand the companion guide and help providers troubleshoot why their files are failing.

Click  here to read more about this position.

Job Title: HIPAA Business Analyst

Company: CATS

Location: Washington, DISTRICT OF COLUMBIA

Job description: This initiative requires the resource to evaluate the existing District agencies requiring HIPAA Security measures and to offer a comprehensive and logical approach in providing HIPAA Security for those agencies.

Meets with customer and reads designs and uses software tools to gather requirements, analyze needs, identify risks, propose designs, wrote documentation, remediate and carry out analysis. This initiative requires the resource to evaluate the existing District agencies requiring HIPAA Security measures and to offer a comprehensive and logical approach in providing HIPAA Security for those agencies. Any HIPAA IT security assessment experience is a plus. Conduct risk analysis of various agencies here after referred to as a covered entity, to identifying deficiencies in standards, to resolving problems where applicable, to develop and amend HIPAA associated Policies, Plans, and Procedures. Implement preventive compliance measures as it relates to Part 164 of the HIPAA Security Rule described in the Work Plan.

Click  here to read more about this position.

Job Title: Corporate HIPAA Compliance Manager

Company: HMA – Corporate (Health Management Associates)

Location: Naples, FL

Job description: Assists with all ongoing activities related to the development, implementation, training, maintenance of, and adherence to the organization’s policies and procedures covering the privacy of, and access to, patient health information in compliance with federal and state laws and the healthcare organization’s information privacy and security practices…

Click  here to read more about this position.

Job Title: EDI Lead Developer

Company: CATS 

Location: San Francisco, CA

Job description: The tech lead for the EDI Program is responsible for building and implementing the technology solutions which are part of EDI Roadmap. Responsibilities include analyzing the requirements, detailed system design, development, testing and support of technical solutions…. The candidate should experience in architecting and implementing EDI in healthcare industry with knowledge of HIPAA standards…

Click  here to read more about this position.

Job Title: HIPAA Privacy Manager

Company: Cedars-Sinai Medical Center

Location: Los Angeles, CA

Job description: Works with the CCO/Privacy Officer in implementing and administering federal and state regulatory requirements on patient privacy and the confidentiality of patient information. Primary customers include physicians and CSHS employees…

Click  here to read more about this position.

Job Title: Manager, Patient Relations

Company: MetroWest Medical Center

Location: Framingham, MA

Job description: Under the general supervision of the Director of Quality and Patient Safety, is responsible for managing patient relations and complaint activity. Serves as liaison between the patients, their families, and the organization’s departments, administration, and physicians for thorough and timely resolution of issues, concerns, and complaints. Acts as the organization’s HIPAA / Privacy Officer assuring adherence to all HIPAA and privacy of information regulations and standards.

Click  here to read more about this position.

Job Title: Lead Correspondence Clerk

Company: UCSF Medical Center

Location: San Francisco, CA

Job description: The Lead Correspondence Clerk is responsible for processing requests for medical records. This individual must have general overall knowledge of The HIPAA Privacy Rule (Federal Registry, Title I, Health Care Access) along with laws governing State and Local Release of Information and Patient Access…

Click  here to read more about this position.

Job Title: HIPAA Auditor

Company: COMSYS

Location: Boise, ID

Job description: The Internal Auditor for Information Security is responsible for the auditing and testing of IT controls for HIPAA, PCI, and other regulatory based auditing and testing. This person will audit routine information systems and the most complex of new and existing systems to ensure that appropriate controls exist, and that system procedures are in compliance standards. Provides timely periodic reports on findings and identifies controls needing improvement.

Click  here to read more about this position.

Job Title: Privacy Specialist

Company: St. Luke’s Hospital

Location: Houston, TX

Job description: Provide input on the development, implementation, and on-going review of privacy policies and procedures.  Provide information about matters covered by the System’s Notice of Privacy Practices, Receive, respond to, and document privacy complaints from patients, employees, business associates, and others. Coordinate correction, mitigation, and disciplinary action as requested.  Prepare, as directed, periodic privacy reports to the Governing Board and management regarding the status of implementing and maintaining the privacy program.  Oversee, direct, deliver or ensure delivery of initial HIPAA/privacy training on applicable policies to all employees, volunteers, medical and professional staff.  Initiate, facilitate, and promote activities to foster HIPAA/privacy awareness.  Work with the Privacy Officer to establish a process for receiving, documenting, tracking, investigating, and taking corrective action on all complaints concerning the organization’s HIPAA/privacy matters. Implement corrective action to mitigate effects of inappropriate use or disclosure of PHI and document such actions.  In collaboration with legal counsel, identify business associates that receive PHI and review existing contracts with these entities for compliance with HIPAA. Assist regulatory bodies and organization officers in compliance reviews or investigations.  Work in conjunction with the Privacy Officer to address such reviews or investigations.  Set and track potential HIPAA/privacy compliance performance measures, which may include: Breach of confidentiality/privacy related complaints; Determine number of internal incidents involving violations of privacy policies;Determine and improve compliance with HIPAA training;Act as a liaison to St. Luke’s IM Department to review all system-related information security plans to ensure compliance;Respond to other compliance matters as appropriate or as assigned by the Compliance Officer.

Click  here to read more about this position.

There’s a new solution on the market to make HIPAA and HITECH compliance faster and easier, and the real draw is that it makes it easier for physicians to qualify for the stimulus incentives and bonuses from the ARRA, PQRI and E-Prescribing initiatives.  In a business wire issued on October 22^nd Reuters highlights the new “Surveillance Program” offered by Doctations.

The Surveillance Program allows physicians to meet requirements for the E-prescribing initiative for a 2% bonus, the Physicians Quality Reporting Initiative (PQRI) for a 2% bonus as well as to qualify for up to $44,000 in incentives from the ARRA via the High-Tech bonus. Doctations’ COO Jerry Kolosky highlights the benefits: “By implementing the Surveillance functionality, we are providing online tools that make it simple for doctors to meet new government requirements, help ensure positive patient outcomes and receive the associated financial benefits.”

Reuters states that “By implementing the medical practice management and digital documentation solutions as web-native tools, Doctations provides doctors and patients with advanced, secure, HIPAA compliant, comprehensive solutions that are substantially less expensive than any other options currently available.”

And yes, the Certification Commission for Health Information Technology (CCHIT) has certified this application.  Doctations has committed to updating this program for immediate compliance with HIPAA and HITECH rules as well as other regulations.

Once again we are in the midst of hurricane season.  I thought this would be a good time to review a few points about HIPAA and natural disasters – always helpful reminders, since “the big one” could be here soon (earthquake, tornado or hurricane…you just never know).

When hurricane Katrina struck the US, time was of the essence in providing care to those injured.  The Department of Health and Human Services issued a bulletin titled Hurricane Katrina Bulletin: HIPAA Privacy and Disclosures in Emergency Situations to succinctly address the issue of patient information while responding to an emergency.  It covers treatment, notification, imminent danger and facility directories.

In short, “the HIPAA Privacy Rule allows patient information to be shared to assist in disaster relief efforts, and to assist patients in receiving the care they need.”  The Red Cross is also mentioned specifically: “Of course, the HIPAA Privacy Rule does not apply to disclosures if they are not made by entities covered by the Privacy Rule.  Thus, for instance, the HIPAA Privacy Rule does not restrict the American Red Cross from sharing patient information.”

For a more in-depth analysis of hurricane Katrina and HIPAA Privacy, you can access the CRS Report for Congress on Hurricane Katrina: HIPAA Privacy and Electronic Health Records of Evacuees.

For hurricane updates from the National Weather Service, click here.

What do you call a provider if he/she is found to have violated patient confidentiality?

HIPAAcrit

What do you call a theory for HIPAA success?

HIPAAthesis

What does one experience once they’ve grown cold to HIPAA compliance threats?

HIPAAthermia

What do you call someone who complains incessantly about HIPAA?

HIPAAchondriac

What do you call urgent HIPAA issues?

HIPAAcritical

What do you call the uphill slope toward HIPAA compliance?

HIPAAtenuse

What do you call someone who thinks HIPAA is sweet?

HIPAAglycemic

What is the disease you get from too much HIPAA?

HIPAAtitis

What do you call someone who is delighted with HIPAA?

HIPAA-go-lucky

These were originally posted here by D. Hager, Paramedic.

The World Health Care Congress Leadership Summit on HITECH and HIPAA Compliance Management is designed to provide solutions for exposing risks and maintaining compliance with new HIT requirements from the ARRA, HIPAA and health reform. The summit will be held on November 9 – 10 in Arlington, VA. Read on for 10 compelling reasons to attend along with interesting facts about the upcoming conference.

10.  Resources and Checklists are included so you can reduce exposure and risk.  Make HIPAA and HITECH work for you, not against you.

9.  Network in the Exhibit lounge with other executives and HIPAA know-it-alls.

8.  Torpedo Factory Art Center is not part of the conference, but it is one of the free things to do before or after the conference.  Click here for a list of more free things to do in Alexandria.

7. Meet 17 speakers and learn from their experiences.  They’re here to help you, after all.

6. Data Breaches pose a huge liability.  Find out how to identify, track, fix and report a HIT data breach, as well as best practices for organizational recovery.

5.  27 Red Flags of medical ID theft…learn what you need to do to protect yourself and your clients from data breaches and medical ID theft.

4.  Get money from the Recovery Act, Medicaid and Medicare by learning the security frameworks required by these programs.

3.  Save money by registering by October 30: enter code QFZ483 on the registration page for an extra $100 off the current rate.

2.  Bill Clinton is providing the closing keynote address: “Embracing our Common Humanity”.  How often do you get to see the former President up close and personal?

1. Be proactive on your HIPAA and HITECH implementation so that you can make the right strategic and tactical HIT management decisions…learn how to avoid security breaches in the first place!

For more information about the conference, click here.

Clinical trials and medical studies are fundamental to the advancement of medicine. But how does HIPAA impact the research and what personal health information can be shared? The National Institutes of Health has put together a 38-question FAQ addressing this: HIPAA Privacy Rule for Researchers.

The good news is that “patients and health plan members should be more willing to authorize disclosures of their information for research and to participate in research when they know their information is protected…The Privacy Rule both permits important research and, at the same time, encourages patients to participate in research by providing much needed assurances about the privacy of their health information.”

What does the Privacy Rule cover when it comes to research? In short, it regulates the documentation needed (i.e. the waiver that patients sign to release their information for the study).

Who else might see your information? “The Office for Human Research Protections (OHRP) is a public health authority under the HIPAA Privacy Rule. Therefore, covered entities can continue to disclose protected health information to report adverse events to the OHRP either with patient authorization as provided at 45 CFR 164.508, or without patient authorization for public health activities…”

Are you a patient involved in a clinical research study? Learn more about the protections for your personal health information by clicking here to read the lowdown at the National Institues of Health.

If you’re new to the healthcare industry and HIPAA compliance, or just need a reminder, all the acronyms can be a bit intimidating… here’s a cheat sheet of a few important acronyms and what they refer to.

ACRONYMS:

AHIMA – American Health Information Management Association
AHRQ – Agency for Healthcare Research and Quality
CFR – Code of Federal Regulations (A compilation of the general and permanent rules of the executive departments and agencies of the Federal Government as published in the Federal Register. The code is divided into 50 titles that represent broad areas subject to Federal regulation.)
CHP – Certification in Healthcare Privacy
CHPS – Certification in Healthcare Privacy and Security
CMP –Civil Money Penalty
EHR – Electronic Health Record
EMR – Electronic Medical Records Systems
HHS – U.S. Department of Health and Human Services
HIPAA – Health Insurance Portability and Accountability Act of 1996
OCR – Office for Civil Rights (within the U.S. Department of Health and Human Services)
PSO – patient safety organizations
PSQIA — Patient Safety and Quality Improvement Rule (PSQIA establishes a voluntary reporting system to enhance the data available to assess and resolve patient safety and health care quality issues. To encourage the reporting and analysis of medical errors, PSQIA provides Federal privilege and confidentiality protections for patient safety information called patient safety work product. Patient safety work product includes information collected and created during the reporting and analysis of patient safety events.)
PSWP – patient safety work product

Don’t see what you’re looking for in the short list above? Check out this list for more healthcare acronyms.

We’ve scoured the top job sites including Monster.com, Dice.com as well as other specialized healthcare and compliance sites to bring you ten interesting HIPAA jobs that you’ll want to check out.  How would you like to work at a hospital for children as the Director of Medical Records in Brighton, MA?  Or perhaps working for Kaiser in Denver might be of more interest.  Either way, read on to see some of the most interesting HIPAA jobs nationwide.  We’re going to try to make this a regular feature of HIPAAnews.net so be sure to subscribe to our RSS feed so you don’t miss out!

Job list compiled on October 5, 2009.

Job Title: SEBMF- Director of Health Information & HIPAA Privacy Officer SEBMF- Director of Health Information & HIPAA Privacy Officer
Company: Sutter East Bay Medical Foundation
Location: California-San Francisco East Bay and Solano-Lafayette
Job description: Provides direction for the Health Information/Medical Records Departments of Sutter East Bay Medical Foundation, supports the strategic objectives of the organization, and ensures compliance to regulatory requirements/statutes.
Responsible for daily functions surrounding the medical record; creates policies and establishes workflow transition processes during and post EHR migration to include transcription services. Creates policies and procedures related to electronic data transmission, storage, and HIPAA regulations, manages electronic health record, and acts as system administrator for HIMS related IT systems. Establishes organizational structure and ensures implementation of “best practices” for Health Information Management. Responsible for staffing, budgeting, and facility development for Care Center Health Information/Medical Record Departments.
The Director of Health Information & HIPAA Privacy Officer reports directly to the Chief Operating Officer. Reporting to the incumbent are Care Center Medical Records Department leads and supporting staff with a dotted line to the Care Center Manager…
Click here to read more about this position.

Job Title: Corporate HIPAA Compliance Manager
Company: Health Management Associates, Inc
Location: Naples, FL
Job description: The Corporate HIPAA Compliance Manager assists in the development, implementation and training of the organization’s HIPAA policies and procedures to comply with federal and state laws regarding privacy and security practices. This organized leader will provide internal and external communications expertise for ongoing HIPAA efforts and serve as a resource for questions regarding application and interpretation of the HIPAA regulations. Builds awareness throughout the organization to educate and motivate employees and management — making HIPAA understandable to specific target audiences. Maintains critical communication pathways across entire corporation with all designated HIPAA Officers. Additionally, the Manager oversees progress reports to corporate Senior Management and develops training events to enhance compliance…
Click here to read more about this position.

Job Title: HIPAA Systems Development Support
Company: Computer Sciences Corporation
Location: Menands, NY
Job description: This candidate will work on HIPAA implementation, issues remediation, and will assist in the development of the Privacy and Security Policies and Procedures. Much of this work means being assigned to and following various listserv such as NCPDP, X12N, DISA, NMEH, Wedi-SNIP and others. Some travel will be required to work with the industry groups and standards development organizations in the development of HIPAA Implementation Guides and technical reports. This candidate will participate on weekly and biweekly teleconference meetings. This involvement is key to ensure CSC’s and DOH’s interests are addressed and taken into consideration whenever changes are requested for the various Implementation Guides or technical reports. This candidate will work with Trading Partners helping to bring them to HIPAA compliance and keeping them informed of how HIPAA requirements affect the Medicaid transactions and will travel to various sites to do HIPAA transaction training and teach the Trading Partners the tools necessary to assist them in submitting successful production HIPAA transactions…
Click here to read more about this position.

Job Title: Director of Medical Records
Company: Franciscan Hospital for Children
Location: Brighton, MA
Job description: Develops and implements policies and procedures for documenting, storing, and retrieving information, and for processing medical-legal documents, insurance data, and correspondence requests, in conformance with federal, state, and local statutes. Supervises staff, in preparing and analyzing medical documents. Participates in development and design of computer software for computerized health information system. Responsible for Inpatient, Psych, Outpatient, Dental, Home Health, and other program medical records. Duties include a significant amount of time assembling, analyzing and coding (diagnostic, procedural & E&M) medical records especially with Inpatient, Inpatient Psychiatry, Outpatient, Dental and other non-hospital program records. Coordinates medical care evaluation with medical staff and develops criteria and methods for such evaluation. Develops in-service educational materials and conducts instructional programs for health care personnel. Prepares department budget…
Click here to read more about this position.

Job Title: HIPAA Compliance Administrator
Company: Woodbury Technologies, Inc
Location: San Antonio, TX
Job description: HIPAA Privacy and Security Compliance Monitoring. The specialist shall assist Privacy and Security Officers with the planning and execution of periodic risk assessments and ongoing privacy and security compliance monitoring activities. …The specialist shall coordinate with government leadership and assigned Privacy and Security Officers to assist with, and support organizational activities related to the development, implementation, maintenance of, and compliance with the Privacy Act and HIPAA privacy and security requirements as mandated by Federal, DoD, and AFMS policies and procedures.
The specialist shall organize ongoing HIPAA compliance activities, noting requirements, milestones, timelines, and resources. This shall incorporate and address all overlapping organizational privacy and security issues, which affect the protection of health information…. The specialist shall provide an Education, Training, and HIPAA Awareness Plan which outlines specific efforts taken to meet educational and training needs to promote privacy and security awareness in order to protect health information and Privacy Act data…. Facilitate a map/gap analysis and evaluation of policies, processes, procedures and instructions as they relate to privacy, security and the protection of individually identifiable health information/protected health information…. Review/assess all locally maintained business associate agreements to ensure compliance with HIPAA and Privacy Act…
Click here to read more about this position.

Job Title: Data Specialist/SAS Programmer
Company: Kaiser Permanente – Colorado Region
Location: Denver, CO
Job description: The Data Specialist / SAS Programmer 2 works in conjunction with the Statistical Analysts and Programmers to manage all aspects of data manipulation, ensuring data quality and maintaining data integrity for one or more complex studies through the use of high level SAS programming. As part of the research team, the Data Specialist / SAS Programmer 2 is responsible for providing expertise on efficient and appropriate use of data. … Coordinates with the HIPAA compliance officer to make sure all data use, manipulations, storage, and transfers meet the required HIPAA guidelines….Starting salary range is $49,000 – $74,000 DOE plus excellent benefits package…
Click here to read more about this position.

Job Title: Meditech HIM (MRI) Client-Server Implementation Expert – Lead Analyst experience
Company: CyberCoders
Location: Los Angeles, CA; Seattle, WA
Job description: Due to continued growth, we need to add dedicated Implementation Specialist to our Meditech team. In this role, you would act as Lead Analyst on Meditech HIM (MRI) system installs within a client/server environment.

This is a travel job and you can be based from any city in the Western USA as long as you are willing to travel Monday thru Thursday. Travel will be within the south western USA… This is a full time gig working as a traveling consultant… We work hard but keep it manageable! We love our consultants and reward them generously with bonuses….Salary range is $85,000 – $110,000…Skills required: Meditech Client/Server, Team Leader, Nursing Informatics, Electronic Healthcare Systems, Electronic Medical Records, HIPAA, Meditech C/S 5.6 Platform…
Click here to read more about this position.

Job Title: Lead ETL/ Claims (HIPAA) Tester
Company: Mastech Inc
Location: Pleasanton, CA
Job description: We are currently seeking Lead ETL/ Claims (HIPAA) Testers for our client in the Healthcare domain. …Create Test Scripts in co-ordination with Business and verify data loaded from source to staging to Data warehouse. 
Work in conjunction with the Business Analysts, Solution Consultants, and ETL Team to create, modify, or update Test Scripts.
 Perform analysis, design, and create Test Cases, documentation, and execution of Test Scripts. 
Follow testing guidelines, standards, and procedures.
 Participate in requirements, design, and code reviews, and get the big picture.
 Lead the project independently and communicate with Business Analysts, ETL Developers, and Business Team…Compensation: $50 – $55/ Hourly on W2…
Click here to read more about this position.

Job Title: HIPAA Billing & Payment Associate
Company: CVS/Pharmacy
Location: Woonsocket, RI
Job description: Work closely with Third Party agencies to gather specifications and test materials required for conversion to HIPAA II mandated transaction standards. Assist Third Party business and IS personnel in mapping HIPAA transaction data, developing Third Party reporting requirements, performing agency data validation and project documentation requirements. Assist in successfully implementing NCPDP and HIPAA ASCX12 standard requirements for Third Party agencies…
Click here to read more about this position.

Job Title: BUSINESS PROCESS ANALYSTS – Health Care Insurance
Company: LOGIN Consulting Services
Location: Ventura County, CA
Job Description: Major health care insurance company has a 3+ month contract available for Business Process Analysts experienced with the insurance/Medicare operations. The Analysts should have HIPAA and EDI experience. Candidates cannot be considered unless they have health care insurance industry experience.

The Process Analysts must be able to facilitate meetings, collaborate with both business and IT organizations, have excellent documentation and communication skills and be self motivated.
The Analysts will obtain the business requirements and will communicate those requirements to the IT operation such that the detailed and technical requirements can be produced.
Click here to read more about this position.

For example, genetic information might include screenings for diseases such as Huntington’s Disease, early onset Alzheimer’s, or breast cancer just to name a few. In the past some women have declined breast cancer screenings for fear of the ability to get and keep health insurance. This just doesn’t make sense, and the new rule addresses this: “The proposed rule would modify the HIPAA Privacy Rule to clarify that genetic information is health information and to prohibit the use and disclosure of genetic information by health plans for underwriting purposes.”

The bottom line? Genetic information can’t be used to discriminate for employment or underwriting purposes. The proposed ruling is subject to a 60 day comment period.

You can read more here.

So what are the big changes?

- Business Associates are now covered under and subject to HIPAA Privacy and Security Rules. Prior to the ARRA being enacted, only health plans and health care providers (covered entities) were subject to HIPAA. Who is a business associate? “A business associate is any person or entity who performs or helps perform a function or activity on behalf of a covered entity that involves the use or disclosure of PHI. Third-party administrators, utilization reviewers and attorneys who represent covered entities are among the parties who are frequently treated as business associates.” This becomes effective February 17, 2010.

- Individuals must now be notified if there is a security breach of their PHI within 30 days; the local press must be notified if there are more than 500 privacy or security breaches within the same geographic area. Logs must be kept and reported to HHS annually.

- When a complaint is made, the ARRA requires HHS to formally investigate a covered entity or business associate; regular audits for HIPAA privacy and security compliance are now required as well.

- It’s now more expensive than ever to pay for violations. Under ARRA, for violations of an identical requirement during the same calendar year penalties can range, depending on the type of violation, from $100 to $50,000 per violation, with a cap of $25,000 to $1.5 million per year.

For additional information, you can read more at http://www.stradley.com/newsletters.php?action=view&id=439

All careers related to health data systems design, maintenance, and mining, including systems technicians and chief medical-information technology officers (CMI-TOs), are in a demand increase phase. This also includes, of course, HIPAA-related IT and compliance officer positions.

This fall, St. Louis University’s Doisey College of Health Sciences in St. Louis, MO will add a master’s degree program in informatics, says Jody Smith, chair of health informatics and information management at the school.

Nurses and physicians are migrating to HIT, according to Bonnie Siegal, a vice president with the health care recruiting firm Cejka Search Inc. Physicians are often found acting as CMI-TOs while continuing their medical practices. Nurses, on the other hand, tend to leave that profession to acts as chief nursing-information technology officers. Both professions can pay into the six figures, with CMI-TOs making upwards of $500,000.

Read more: Techies find niche in health care field

Smart I/X uses a probabilistic algorithm to identify, reconcile, and manage patient records is described by QuadraMed as “a valuable tool for organizations aiming for HIPAA compliance.”

Hagen said: “Smart I/X significantly improves an IDNs ability to deliver consistent and cost-effective high quality care by providing physicians immediate access to comprehensive patient information to help them make more informed and safe decisions at the point of care. In addition to efficiently unifying individual patient’s historical and most current information, Smart I/X enhances enterprise-wide care coordination and minimizes duplicate and overlapping records, all of which reduce unnecessary tests, treatments and medical errors.”

It is unclear at this time what information is available to whom on this system. Patients may want to inquire of their lawmakers how HIPPA laws are applicable to system-wide availability of private medical information across the medical-worker spectrum.

Read more: http://www.silobreaker.com/DocumentReader.aspx?Item=5_888804371 and

http://www.chron.com/disp/story.mpl/metropolitan/5931497.html.

In Electronic Healthcare Record (EHR) news: Aug. 1, University of California, San Francisco health economics professor Robert Miller estimates the cost of implementing a nationwide EHR at $150 billion. Hospitals, Miller says, will need to invest $35 billion of that to purchase and expand systems and $55 billion to maintain and operate them over eight years. Hospital IT spending is currently not in line with other industries, Millers says, and the increase for EHRs would put it closer.

Miller’s figures differ from earlier Rand Corporation and Congressional Budget Office (CBO) estimates, which themselves differ. Proponents assert that health IT systems, including EHRs, could shed light on best practices, effectiveness of treatments, disease trends, and save money over the long hail. However, in its June report, the CBO said, “By itself, the adoption of more health IT is generally not sufficient to produce cost savings,” adding that the future economic benefits of health IT systems are uncertain. Additionally, questions remain about maintaining HIPAA compliance.

Drawing numbers from a recent report in the New England Journal of Medicine, Miller said that fewer than 5 percent of US doctors are currently using EHRs. Equipping the other 96 percent would require $15 billion in initial cost, and another $24 billion increase to physicians’ operating costs.

Read more: http://www.govhealthit.com/online/news/350496-1.html

In order to protect the public from possible abuse of their personal genetic information, Congress has voted to ban genetic discrimination in the workplace. The new law addresses questions raised by advances in genetic testing that go beyond the scope of HIPAA.

The main thrust of this bill is to deny the opportunity to misuse the information. There are some privacy elements in here, as well. Much of that is covered by HIPAA, which was passed now a long time ago.

Read the whole article here