1 / 26

Nebraska Statewide Telehealth Network Privacy and Security

Nebraska Statewide Telehealth Network Privacy and Security. Reta Studnicka RStudnic@alegent.org Laura Meyers laurameyers@charter.net. Mission of the Nebraska Statewide Telehealth Network (NSTN).

adamdaniel
Download Presentation

Nebraska Statewide Telehealth Network Privacy and Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Nebraska Statewide Telehealth Network Privacy and Security Reta Studnicka RStudnic@alegent.org Laura Meyers laurameyers@charter.net

  2. Mission of the Nebraska Statewide Telehealth Network (NSTN) • To increase the quality, availability and accessibility of health care throughout the state of Nebraska, particularly as it impacts the rural population within the state. • To create video-conferencing capability allowing the rural areas of the State to have access to other health providers and information without the need for extensive travel within a Private Network.

  3. Patient Benefits • Decreases travel time • Lowers job absenteeism • Cost savings • Provides earlier disease intervention: Screening opportunities • Increased availability of local follow-up care may decrease ALOS in tertiary center

  4. Community Benefits • Improves Quality of Medical Services • Strengthens Ties to Specialty Care • Increases Confidence in Local Providers • Alleviates Isolation of Rural Providers • Increases Diagnostic Resources

  5. Provider Benefits • Potential for decreasing outmigration • Enhances clinical support • Increased referral opportunities • Provides the opportunity to enhance and supplement the services provided at existing outreach clinics

  6. Provider Benefits • Easy access to continuing education • Opportunities to consult with other professionals, even internationally

  7. Connection Status Today • Hub Sites: • UNMC (Omaha) • St. Elizabeth’s Regional Medical Center (Lincoln) • BryanLGH Medical Center (Lincoln) • St. Francis Medical Center (Grand Island) • Good Samaritan Hospital (Kearney) • Great Plains Regional Medical Center (North Platte) • Faith Regional Health Services (Norfolk) • Regional West Medical Center (Scottsbluff)

  8. Connection Status Today • Sixty-seven rural hospitals are connected to these hubs. • Nineteen public health departments will be connected (15-17 are connected at this time) • Also have connections to all but one bioterrorism lab • Omaha hospitals: Immanuel, Bergan Mercy, Creighton, Childrens, Methodist, Midlands, The Nebraska Medical Center • Other connections on the horizon: Winnebago Indian Hospital and Tecumseh State Correctional Institution

  9. Network Uses: Clinical • Clinical Consults • Rehabilitation Therapy • Disease Management • Emergent Care: Trauma, EPC, Mental Health • Family Advocacy Network: abuse and sexual abuse • Deaf and Hard of Hearing • On the horizon: Telepharmacy and Teledentistry

  10. Services Approved for Reimbursement • Consultations (CPT Codes 99241-99275) • Office or Other Outpatient Visits (99201-99215) • Individual Psychotherapy (90804-90809) • Pharmacologic Management (90862) • Psychiatric Diagnostic Interview Exams (90801) • End Stage Renal Disease (HCPCS codes G0308, G0309, G0311, G0312, G0314, G0317, G0318)

  11. Sites Approved for Reimbursement • Hospitals (inpatient/outpatient) • Critical Access Hospitals • Physician/Practitioner Offices • Rural Health Clinics • Federally Qualified Health Centers

  12. Network Uses: Education • Education • CMEs and CEUs • Grand Rounds • EMS Continuing Training/Considering Initial Training • RN/Allied Health Professional Degree Programs • Community Education/Support Groups • www.netelehealth.org

  13. Network Uses: Other • Administrative Meetings • Health Alert Network • Routine Testing • Lung Surgery “Scared Straight” • Language Interpretation

  14. Network Uses at This Time • Telehealth Education and Training • On-Going • Conducting Clinical Consults for Practitioners • Peripheral Devices • Creating a Telehealth Business Plan • Privacy and Security • Community Mental Health and Telehealth • Electronic Health Records

  15. The NSTN: Current Decision Making Structure, Priorities, Committees • Network Advisory Committee • Network Operations Group • NSTN Education Committee • Scheduling • Website • Evaluation • Privacy & Security Subcommittee

  16. HIPAA PRIVACY, SECURITY, and TELEHEALTH Covered Entities that must comply with the HIPAA Privacy and Security Standards • Health Care Providers • Health Plans • Health Care Clearinghouses

  17. A Reminder…. The HIPAA Privacy Regulation ensures that covered entities will comply with the HIPAA Privacy standards to protect patient’s health information from non-permitted uses and disclosures. For many covered entities, this required the development and implementation of over 50 new policies and procedures with related forms!

  18. Adding Telehealth Policies:Telehealth Encounters Must Protect Patient Health Information • Proper patient admission/registration • Notice of Privacy Rights and Practices • Acknowledgement • Telehealth Visit Consent Form • Providing a Private and Secure Telehealth Transmission • Providing a Private and Secure physical location for the telehealth encounter • Authorized personnel in attendance for telehealth medical visit

  19. ...couple of more requirements • Properly credentialed healthcare providers (Recommendation to credential as you would all “in person” healthcare providers) • Organized Healthcare arrangements “OHCA” – with the properly credentialed healthcare providers

  20. HIPAA SECURITY REGULATION • Ensures that covered entities will comply with the HIPAA standards to protect the confidentiality, integrity and availability of Electronic Protected Health Information (EPHI). • In the final rule, CMS divides security into three categories – these implementation specifications may be Required or Addressable: • Administrative safeguards (164.308) • Physical safeguards (164.310) • Technical safeguards (164.312)

  21. Required vs. Addressable Required • Must implement the specification in order to successfully implement the standard Addressable • Consider the specification, and implement if reasonable and appropriate • If not, document why it would not be reasonable and appropriate to implement the specification; and • Implement an equivalent alternative measure if reasonable and appropriate

  22. Security Standards • Protect against any reasonably anticipated threats or hazards to the security or integrity of such information • Protect against any reasonably anticipated uses or disclosures of such information that are not permitted or required under the security standards • Ensure compliance with the security standards by the workforce • Ensure confidentiality, integrity and availability of all EPHI the covered entity creates, receives, maintains, or transmits

  23. Next Steps • Coordination between Privacy and Security Officer within the organization • Include Telehealth when performing the required HIPAA Security Risk Analysis • Include Telehealth when considering Risk Management • Include Telehealth when developing and implementing Policies and Procedures

  24. Nebraska Statewide Telehealth Network Privacy and Security Subcommittee Goals: • Conduct the HIPAA Security Risk Analysis for the NSTN • Develop policy and procedure templates for Privacy and Security that are applicable to telehealth for the NSTN • Gather input from NSTN providers for best practices regarding privacy and security

  25. Questions?

More Related