IIT HIM Professionals Role in Compliance Discussion

IIT HIM Professionals Role in Compliance Discussion

IIT HIM Professionals Role in Compliance Discussion

Description

1) Discussion: HIM Professional’s Role in Compliance 

In healthcare, compliance generally refers to adherence to federal statutes and regulations designed to prevent unjust financial enrichment and patient privacy breaches by healthcare providers or organizations.Staying abreast of compliance requirements continues to be a challenge for those responsible for the management and integrity of healthcare information.

Requirements: 

Describe the role of the HIM professional in supporting an effective compliance program.Why do you think that healthcare fraud and abuse is such a significant problem?What mechanisms would you implement to ensure that staff members are encouraged to report suspected or actual compliance violations?

2) Cloud Computing in Healthcare

You will have the opportunity to discuss the storage of patient information in the cloud – discussing the benefits and risks of cloud computing.  Before participating in the discussion, you will need to read the following articles and watch two videos that provides the framework of this discussion:

Here are the questions you need to discuss:

1. Is cloud computing the future of healthcare and the storage of health information?

2. Do you think the benefits to cloud computing outweigh the risk?

Cloud Computing 101 By Angela K. Dinh, MHA, RHIA, CHPS In the past several years cloud computing has gained substantial recognition. However, it is still a relatively new concept for those in the healthcare industry. Before adopting cloud-based services or applications, organizations need to understand how cloud computing works, the types of clouds available, and the pros and cons of using clouds. How It Works The National Institute for Standards and Technology defines cloud computing as “a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”1 Although it sounds simple, it is not. Exactly how cloud computing works can be complicated to describe. In simple terms, think of a cloud in the sky. Within that cloud exist servers, applications, storage space, and databases, to name just a few of the technologies that can be provided in a cloud. Through the Internet, people access the cloud and the technologies it contains. Clouds are managed by providers, who may or may not charge fees. Google, for example, offers Google Docs, which allows anyone to create and share documents on the Web for free. Because these documents live in the cloud, they can be accessed and edited from any computer or smart phone. Organizations that use cloud services typically use more robust paid services. These are billed like utilities. Just as home owners are billed for the amount of water and electricity consumed, organizations are billed for the cloud services used. Organizations typically identify and define which of their staff members have access to the cloud and which technologies they can use. Types of Clouds There are three basic cloud types based on user needs and preferences: Š Š Š Private cloud, which involves virtualized cloud data centers inside the organization’s firewall. It can also be a private space dedicated to the organization within a cloud provider’s data center. Public cloud, which involves virtualized data centers outside of the organization’s firewall. Generally, a service provider makes resources available to organizations on demand over the Internet. Hybrid cloud, which combines aspects of both public and private clouds.2 Copyright © 2011 by The American Health Information Management Association. All Rights Reserved. The type of data an organization creates, manages, and maintains will determine the type of cloud it requires. Healthcare data such as protected health information (PHI) mandate privacy and security protections that warrant use of a private cloud. However, whether clouds provide adequate privacy and security capabilities to protect PHI is debatable. Whether the cloud can meet the requirements mandated for data privacy such as those for the Payment Card Industry Data Security Standard and HIPAA will vary by vendor, consumer, and technical expert. Organizations should research and understand the vendor’s capabilities before making any decisions. Pros and Cons As with any technology, there are pros and cons to using cloud computing. Some of the pros include: Š Š Š Š Cost. There are no upfront capital costs and fewer overhead expenses. The organization pays only for using the services; it saves on investment, maintenance, user licenses, and overhead such as electricity and rack space. Elasticity. Cloud computing acts like a rubber band. It can expand for volume and storage purposes as needed and at a rapid pace. Access. Access is immediate and available anytime from anywhere (as defined by permissions). Disaster planning and back-up. The cloud is resilient in natural disasters as it will continue to function even if the user’s computers and systems crash. Some of the cons include: Š Š Š Š Cost. Although the organization saves on capital investments and maintenance, the costs of its usage can skyrocket if it fails to monitor and manage access to the cloud. Performance. Cloud computing is scalable; however, performance depends on Internet speed and the number of users in the cloud at a given moment. If there is a spike in use, then the cloud may run slowly. A user can never tell if and when a cloud will be slow. Reliance on the Internet. The cloud relies on the Internet. If the Internet goes down, the cloud is inaccessible. Privacy and security. Safeguards do exist to protect the data of cloud consumers. However, the level of privacy and security provided is still in question. There is not enough information to prove or disprove the credibility of the cloud for privacy and security overall. Regarding its ability to safeguard PHI, the cloud needs further evaluation. Contract Considerations Organizations that use a cloud provider must take appropriate measures, as they should with any vendor. Contracts need to be appropriately negotiated and legal counsel consulted. At a minimum, a contract with a cloud provider should include the following details: Š Š Š The security controls that will ensure privacy. Healthcare data must be protected to prevent data breaches and identity theft. Where the data will be stored. Other countries have different laws pertaining to privacy and data ownership. Data recovery procedures and data ownership. In the event the cloud service provider goes out of Copyright © 2011 by The American Health Information Management Association. All Rights Reserved. Š Š business, organizations must ensure all their data are returned and are not sold off to other businesses for data mining. The type of medical information to be stored. Certain file types such as images can consume large volumes of data storage and may cost more to store in the cloud than storing locally. Bandwidth and connection speed required to connect to the cloud. All users, especially busy physicians and clinicians, will get frustrated if the system takes too long to retrieve data. Acknowledgment Tom Walsh, CISSP Notes 1. The National Institute for Standards and Technology. “The NIST Definition of Cloud Computing.” October 2009. Available online at http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-def-v15.doc. 2. Dummies.com. “Cloud Computing for Dummies Cheat Sheet.” Available online at www.dummies.com/howto/content/cloud-computing-cheat-sheet.html. Angela K. Dinh ([email protected]) is a professional practice resource manager at AHIMA. Article citation: Dinh, Angela K.. “Cloud Computing 101” Journal of AHIMA 82, no.4 (April 2011): 36-37. Copyright © 2011 by The American Health Information Management Association. All Rights Reserved.

IIT HIM Professionals Role in Compliance Discussion
IIT HIM Professionals Role in Compliance Discussion

 

Click here to ORDER an A++ paper from our Verified MASTERS and DOCTORATE WRITERS:IIT HIM Professionals Role in Compliance Discussion

A

  Excellent Good Fair Poor
Main Posting 45 (45%) – 50 (50%)

Answers all parts of the discussion question(s) expectations with reflective critical analysis and synthesis of knowledge gained from the course readings for the module and current credible sources.

 

Supported by at least three current, credible sources.

 

Written clearly and concisely with no grammatical or spelling errors and fully adheres to current APA manual writing rules and style.

40 (40%) – 44 (44%)

Responds to the discussion question(s) and is reflective with critical analysis and synthesis of knowledge gained from the course readings for the module.

 

At least 75% of post has exceptional depth and breadth.

 

Supported by at least three credible sources.

 

Written clearly and concisely with one or no grammatical or spelling errors and fully adheres to current APA manual writing rules and style.

35 (35%) – 39 (39%)

Responds to some of the discussion question(s).

 

One or two criteria are not addressed or are superficially addressed.

 

Is somewhat lacking reflection and critical analysis and synthesis.

 

Somewhat represents knowledge gained from the course readings for the module.

 

Post is cited with two credible sources.

 

Written somewhat concisely; may contain more than two spelling or grammatical errors.

 

Contains some APA formatting errors.

0 (0%) – 34 (34%)

Does not respond to the discussion question(s) adequately.

 

Lacks depth or superficially addresses criteria.

 

Lacks reflection and critical analysis and synthesis.

 

Does not represent knowledge gained from the course readings for the module.

 

Contains only one or no credible sources.

 

Not written clearly or concisely.

 

Contains more than two spelling or grammatical errors.

 

Does not adhere to current APA manual writing rules and style.

Main Post: Timeliness 10 (10%) – 10 (10%)

Posts main post by day 3.

0 (0%) – 0 (0%) 0 (0%) – 0 (0%) 0 (0%) – 0 (0%)

Does not post by day 3.

First Response 17 (17%) – 18 (18%)

Response exhibits synthesis, critical thinking, and application to practice settings.

 

Responds fully to questions posed by faculty.

 

Provides clear, concise opinions and ideas that are supported by at least two scholarly sources.

 

Demonstrates synthesis and understanding of learning objectives.

 

Communication is professional and respectful to colleagues.

 

Responses to faculty questions are fully answered, if posed.

 

Response is effectively written in standard, edited English.

15 (15%) – 16 (16%)

Response exhibits critical thinking and application to practice settings.

 

Communication is professional and respectful to colleagues.

 

Responses to faculty questions are answered, if posed.

 

Provides clear, concise opinions and ideas that are supported by two or more credible sources.

 

Response is effectively written in standard, edited English.

13 (13%) – 14 (14%)

Response is on topic and may have some depth.

 

Responses posted in the discussion may lack effective professional communication.

 

Responses to faculty questions are somewhat answered, if posed.

 

Response may lack clear, concise opinions and ideas, and a few or no credible sources are cited.

0 (0%) – 12 (12%)

Response may not be on topic and lacks depth.

 

Responses posted in the discussion lack effective professional communication.

 

Responses to faculty questions are missing.

 

No credible sources are cited.

Second Response 16 (16%) – 17 (17%)

Response exhibits synthesis, critical thinking, and application to practice settings.

 

Responds fully to questions posed by faculty.

 

Provides clear, concise opinions and ideas that are supported by at least two scholarly sources.

 

Demonstrates synthesis and understanding of learning objectives.

 

Communication is professional and respectful to colleagues.

 

Responses to faculty questions are fully answered, if posed.

 

Response is effectively written in standard, edited English.

14 (14%) – 15 (15%)

Response exhibits critical thinking and application to practice settings.

 

Communication is professional and respectful to colleagues.

 

Responses to faculty questions are answered, if posed.

 

Provides clear, concise opinions and ideas that are supported by two or more credible sources.

 

Response is effectively written in standard, edited English.

12 (12%) – 13 (13%)

Response is on topic and may have some depth.

 

Responses posted in the discussion may lack effective professional communication.

 

Responses to faculty questions are somewhat answered, if posed.

 

Response may lack clear, concise opinions and ideas, and a few or no credible sources are cited.

0 (0%) – 11 (11%)

Response may not be on topic and lacks depth.

 

Responses posted in the discussion lack effective professional communication.

 

Responses to faculty questions are missing.

 

No credible sources are cited.

Participation 5 (5%) – 5 (5%)

Meets requirements for participation by posting on three different days.

0 (0%) – 0 (0%) 0 (0%) – 0 (0%) 0 (0%) – 0 (0%)

Does not meet requirements for participation by posting on 3 different days.

Total Points: 100