1 / 21

Making a CHC EM Program Work— Tools, Tips & Strategies

Making a CHC EM Program Work— Tools, Tips & Strategies. Amelia Muccio Amuccio@njpca.org Director of Emergency Management NJPCA. Objectives. Tools, Tips and Strategies for Everyday Preparedness Accreditation Standards Planning, Training, Exercising Needs

justina-mccarthy
Download Presentation

Making a CHC EM Program Work— Tools, Tips & Strategies

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Making a CHC EM Program Work— Tools, Tips & Strategies Amelia Muccio Amuccio@njpca.org Director of Emergency Management NJPCA

  2. Objectives • Tools, Tips and Strategies for Everyday Preparedness • Accreditation Standards • Planning, Training, Exercising Needs • Health Information Technology and Future of Center’s IT • Instilling a Culture of Preparedness

  3. CHCs & Emergency Preparedness • NATIONALLY • 50 States and US Territories • 1,250 Centers • 20 million patients served annually • NEW JERSEY • 20 Centers with 100 sites • 425,000 patients served annually • Provide services to at risk populations • Triage, screen and treat lower acuity patients “walking wounded” • Provide surge capacity during emergency • Provide mass vaccination • Serve as Point of Dispensing • Decompress healthcare system • Serve as Alternate Care Site

  4. Accreditation • FQHC accreditation standards for emergency preparedness: • Bureau of Primary Health Care Policy Information Notice 2007-15 (PIN) • Joint Commission (JC) • Accreditation Association for Ambulatory Care (AAAHC) • National Committee for Quality Assurance (NCQA) • National Incident Management System (NIMS)

  5. Personal Preparedness • Do you have a family communications plan? • Do you have a go bag? • Do you have a pet go bag? • Have you made arrangements for childcare if you are needed at work? • What about your other family members including elderly and pets?

  6. HVA • Identifies potential emergencies and the direct/indirect effects these emergencies may have on CHC’s operation and demand for services • The risks identified should be prioritized based on likelihood of occurrence and severity

  7. Risk Management • Identifying and assessing risk, reducing it to an acceptable level and implementing mechanisms to maintain that level • Risk reduction (countermeasures, HVA) • Risk transference (insurance) • Risk acceptance (may happen) • Risk rejection (do nothing)

  8. What Threatens Information? • Misuse • Disasters • Data interception • Computer theft • Identify/Password theft • Malicious software • Data theft/corruption • Vandalism • Human error

  9. Planning Elements • Continuity of Operations • Command and Control • Staffing • Surge Patients • Medical and Non-Medical Supplies • Pharmaceuticals • Security • Evacuation • Decontamination • Isolation • Power Supply • Transportation • Water/Sanitation • Communications • Medical Records Security and Access

  10. Plans • EOPs-how org will respond to emergencies • Basic plan • Functional annexes • Incident-Specific appendices • Procedures-SOPs • Preparedness plans-training needs • Corrective action/mitigation plans-activities required to implement lessons learned • Recovery plans-long term actions needed

  11. Policies and Procedures • Establish security culture • Establish best security practices • Define goals and structure of security program • Educate personnel • Maintain compliance with any regulations • Ex: email policy, Internet usage, physical security

  12. Business Continuity Plans • A comprehensive written plan to maintain or resume business operations in the event of a disruption • Continue critical business operations • Jeopardize normal operations • Most critical operations • May require alternate sites (hot, warm, cold) • What do we need to KEEP going?

  13. Disaster Recovery Plan • A comprehensive written plan to return business operations to the pre-disruption state following a disruption • Restore IT functions (prep and restore) • Jeopardize the normal operations • Includes all operations • RETURN TO NORMAL BUSINESS OPERATIONS • WHAT DO WE NEED TO DO IN CASE OF A DISASTER?

  14. Plan Testing, Training and Exercising • Testing is a critical to ensure a viable contingency capability • Conduct plan exercises • Tabletops are useful tools!

  15. Exercises—Building Block Approach • Seminar (Discussion) • Workshop (Discussion) • Tabletop Exercise (TTX) (Discussion) • Games (Discussion) • Drills (Operations) • Functional Exercises (FXE) (Operations) • Full Scale Exercises (FSE) (Operations)

  16. Exercise Planning Team Structure .

  17. Electronic Health Records • Vulnerabilities discovered, reported to eHealth vendor and then patched • Patches take A LOT of time to fix • 2,211 days (vendor) vs. 284 days (Microsoft) • No one eHealth vendor in charge

  18. EHR Vulnerabilities • Unauthorized users can compromise integrity and confidentiality • Unauthorized access to computer networks • Password protection (hacks and policies) • Subversive software (malware) • Disaster

  19. Personal Information Security Countermeasures • Password policies • Backup • Spoofing countermeasures • Malware detection and prevention • 93% of companies that lost their data center for 10 days or more due to a disaster filed for bankruptcy within one year of the disaster • 50% of businesses that found themselves without data management for this same period filed for bankruptcy immediately

  20. Security and Assurance Program • Protective measures include: • Firewalls and virus protection systems • Password procedures • Information encryption software • Computer access control systems • Computer security staff background checks (at initial hire and periodically) • Computer security staff training & 24/7 on-call technical support • Computer system recovery and restoration plans • Intrusion detection systems • Redundant & backup systems, & offsite backup data storage

  21. Additional Resources • Planning/Trainings/Exercises • HAZMAT, MCI, workplace violence, severe weather, fit-testing, novel influenza, hostile patient, active shooter, foodborne outbreak, hostage situation, bomb scare, communications, ICS/NIMS, PINS, cyber security, power outages, COOP, business continuity, personal preparedness…

More Related