Committee Meetings and Minutes

Administrative Login

HIPAA Task Force Committee

Meeting Minutes

Current Status of Minutes: Final
Date	February 23, 2011
Time	11:30 AM - 2:15 PM
Location	EVC 8358

Members Present
Mary Ann Bridges, Rebecca Cole, Sanctions Officer, Renee Cornett, Security Officer, Jana Israel, Eileen Klein, Douglas Mitchell, Training Officer, Kellie Murphree, Marilyn Rehm-Skewis, Support Staff, Robyn Richter, Regina Swearengin, Nancy Walters, Privacy Officer
Guests Present
No guest attendance has been recorded.

Item # 1:	Approval of Agenda
Presenter	Patricia Recek
Discussion	Approval with addition of item III, C Subject Recommendation for review

Item # 2:	Approval of November 9, 2010 minutes
Presenter	Patricia Recek
Discussion	Approved by committee

Item # 3:	Old Business A. Compliance Reviews-review schedule is current-awaiting final reports from some committee members i. Maintaining documentation for 6 years ii. knowledge of state laws regarding privacy iii. DHY Business Associate iv. Fire Academy
Presenter	Patricia Recek
Discussion	A. Discussion: P. Recek: * thanked the committee members for their participation in the compliance reviews. * reported that she is awaiting the final compliance reports from some of the committee members. * reported that there are just a few reviews scheduled for the spring. * reported that the there is one outstanding visit from the fall. Patterns to Monitor Item i. Maintaining documentation for six years. Discussion: Documentation for faculty and employees was not consistently being maintained for six years by some programs. Departments to correct documentation of faculty and employees. Item: ii: Knowledge of state laws regarding privacy. Discussion: A link to HIPAA state law has been updated on the HIPAA website. Discussed tracking bills that are in the House of Representatives and in the Senate by going on line. Item: iii: DHY Business Associate Discussion: Dental Hygiene discussed software being used by the program. The software was from Patterson Dental Supply, Inc. A HIPAA Business Associate Agreement was signed. Discussed other department computer software that may be in use but not HIPAA compliant. Discussed Fortus Software used in other Health Science Programs. (See minutes for copy of Patterson Dental Supply, Inc. Sample HIPAA Authorization for Release of Protected Health Information for its Dental Practice customers April 1, 2010). Item iv: Fire Academy Discussion: Fire Academy students had been required to complete HIPAA; new DC provided documentation that the current curriculum does not include any exposure to PHI. B. Cole questioned what had changed from the time the committee recommended the HIPAA training; it was noted that when at Taylor, students were also in an EMT course –which is no longer part of the curriculum. Decisions/Actions: Item iv: Committee concluded that the Fire Academy students have no outside contact and therefore does not collect any information that would be considered HIPAA related. Motion was made to discontinue the requirement for HIPAA training for students in the Fire Academy but continue the staff and faculty training. Motion approved by committee Follow-up Items Check on HIPAA Business Agreement for Fortus Person Responsible: Mary Ann Bridges Deadline: March Make recommendations to Fire Academy to discontinue student HIPAA Training.Person responsible: Pat Recek Deadline None Agenda item: III. Old Business B. HIPAA Training Module Update Presenter: Discussion: HIPAA for Healthcare Providers - Students and Faculty Handouts/PowerPoint * Student HIPAA Community Standards by St. David's HealthCare (white paper handout) See revised ppt. in attachments) St. David's Healthcare/Seton Family of Hospitals collaborated to develop a HIPAA training module for students and faculty; they have given permission to add content, but cannot revise or remove any items. Discussed: Identify the training module as ACC training but giving credit to St. David's Healthcare/Seton Family of Hospital for the module. Making changes to the information, using examples and adding additional test questions. Adding examples of violation situations and referring to social networking: cell phone pictures, texting/talking about things you have seen heard or know about. This training would take the place of the ACC current training. Improve the definition of Covered Entity Move slides to reflect the order or remove slides that do not affect the ACC programs * HIPAA Overview (pink paper handout) (see revised ppt. in attachments) Discussed: Adding Information or making changes Eileen suggested a checklist in addition to compliance form. Employee handbooks updates Department syllabus updates Update HIPAA training acknowledgement on Department Chair evaluations Suggestions on storing certificates for HIPAA for staff and faculty within the department. * Letter to Mike requesting mandatory training for all with rationale Discussed: HIPAA Training Handout – two pages Training examples to be highlighted in letter: Things that can happen, example elevator talk, posting in facebook, self disclosure/disclosure of other student information Accounts Payable – Information on bills Scanning information by staff Self disclosure or FERPA OSD Information Texas Privacy Law FERPA Training and HIPAA training should be kept separate There was concern expressed some of areas identified as possible potential sources of HIPAA violations were not HIPAA as defined by law. Becky Cole discussed training modules that have been purchased by EHS that will link required training to job responsibilities. The cons ensus of the committee was that this would be a more appropriate way to identify those that needed HIPAA training. Pat Recek will be included on that committee. The recommendation to require all employees to be HIPAA trained has been tabled Pending the above recommendation. Follow-up Items Adding changes suggested by the committee to the Student HIPAA Community Standards and forward to committee for comments or approval Person Responsible Pat Recek, Deadline None Adding changes suggested by the committee to the HIPAA Overview and forward to committee for comments or approval Person Responsible:Pat Recek, Deadline: None Send out questions to committee for discussion for test: 1. Test example of situations that would cause a HIPAA violation with multiple choice answers. 2. Other questions with multiple choice answers. Person Responsible:Pat Recek, Deadline None Once committee agrees on the changes it will be posted to the Health Science Web page. Person Responsible:Pat Recek, Deadline: None Provide chart that shows "What is HIPAA" and "What is FERPA" for reference in perusing college wide HIPAA Training. Person Responsible:Becky Cole, Deadline: None Join the Environmental Health & Safety Committee & Contact David Watkins. Person Responsible: Pat Recek, Deadline: None Agenda item: Old Business: C. Recommendations for Compliance Reviews Presenter: Pat Recek Discussion: Check list for department chair Link to state laws on confidentiality Link to template for compliance review Retaining certificate of HIPAA Training by department chair within department for quick review Retaining certificate of HIPAA Training for six year for employees and staff Follow-up Items: Send checklist in addition to compliance form before department chair has compliance review. Person Responsible: Person Scheduled to perform review. Deadline: Each review time

Item # 4:	New Business A. Dental Hygiene - Notice of Privacy for clinic - change to process
Presenter	Patricia Recek
Discussion	Discussion: Renee Cornett requested a review of proposed change to eliminate triplicate forms for Notice Privacy and having the form laminated and have patients sign that they received it. This request was based on concerns of administrative assistant related to the quantity of legal documents that Dental Hygiene is required to provide to patients, amount of paper used in copies provided in the required documents to each patient. Decisions/Actions: Maintain current process at this time. Provide the documents, but have a combined signature page that is triplicate form that addressed all required paperwork. Date all versions of forms. Committee will explore and continue the discussion at the next meeting.

Item # 5:	HIPAA Events
Presenter	Patricia Recek
Discussion	Decisions/Actions: No HIPAA Events to report

Item # 6:	Miscellaneous
Presenter	Patricia Recek
Discussion	Discussion: Media disclosure of copy machines recording paperwork copied and retaining on the machine for misuse by unauthorized individuals. Decisions/Actions: Check to make sure that all copy machines at ACC have an inscription on the machines so no personal information is disclosed to unauthorized personnel. Follow-up Items: Check on copy machines to make sure it has inscription. Person Responsible: Becky Cole Deadline: None

Item # 7:	Next meeting Date
Presenter
Discussion	Date, Time, Location: To be announced.

Austin Community College
5930 Middle Fiskville Rd.
Austin, Texas 78752-4390
512.223.4ACC (4222)