IIT HIM Professionals Role in Compliance Discussion

1) Discussion: HIM Professional’s Role in Compliance 

In healthcare, compliance generally refers to adherence to federal statutes and regulations designed to prevent unjust financial enrichment and patient privacy breaches by healthcare providers or organizations.Staying abreast of compliance requirements continues to be a challenge for those responsible for the management and integrity of healthcare information.

Requirements: 

Describe the role of the HIM professional in supporting an effective compliance program.Why do you think that healthcare fraud and abuse is such a significant problem?What mechanisms would you implement to ensure that staff members are encouraged to report suspected or actual compliance violations?

2) Cloud Computing in Healthcare

You will have the opportunity to discuss the storage of patient information in the cloud – discussing the benefits and risks of cloud computing.  Before participating in the discussion, you will need to read the following articles and watch two videos that provides the framework of this discussion:

• Cloud computing: Now Hospitals can keep confidential patient records in the public cloud
  • http://www.zdnet.com/article/cloud-computing-now-hospitals-can-keep-confidential-patient-records-in-the-public-cloud/
• Cloud Computing 101
  • (see module 3 for this document)
• Opportunities and Challenges of Cloud Computing to Improve Health Care Services
  • (see module 3 for this document)
• Video: Benefits of Cloud Computing in the Health Care Sector
  • https://www.youtube.com/watch?v=-KNk-y0j8ao#action=share
• Video: Cloud Computing: What is Cloud Computing?
  • https://www.youtube.com/watch?v=arVoQxjIxUU

Here are the questions you need to discuss:

1. Is cloud computing the future of healthcare and the storage of health information?

2. Do you think the benefits to cloud computing outweigh the risk?

Cloud Computing 101 By Angela K. Dinh, MHA, RHIA, CHPS In the past several years cloud computing has gained substantial recognition. However, it is still a relatively new concept for those in the healthcare industry. Before adopting cloud-based services or applications, organizations need to understand how cloud computing works, the types of clouds available, and the pros and cons of using clouds. How It Works The National Institute for Standards and Technology defines cloud computing as “a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”1 Although it sounds simple, it is not. Exactly how cloud computing works can be complicated to describe. In simple terms, think of a cloud in the sky. Within that cloud exist servers, applications, storage space, and databases, to name just a few of the technologies that can be provided in a cloud. Through the Internet, people access the cloud and the technologies it contains. Clouds are managed by providers, who may or may not charge fees. Google, for example, offers Google Docs, which allows anyone to create and share documents on the Web for free. Because these documents live in the cloud, they can be accessed and edited from any computer or smart phone. Organizations that use cloud services typically use more robust paid services. These are billed like utilities. Just as home owners are billed for the amount of water and electricity consumed, organizations are billed for the cloud services used. Organizations typically identify and define which of their staff members have access to the cloud and which technologies they can use. Types of Clouds There are three basic cloud types based on user needs and preferences: Š Š Š Private cloud, which involves virtualized cloud data centers inside the organization’s firewall. It can also be a private space dedicated to the organization within a cloud provider’s data center. Public cloud, which involves virtualized data centers outside of the organization’s firewall. Generally, a service provider makes resources available to organizations on demand over the Internet. Hybrid cloud, which combines aspects of both public and private clouds.2 Copyright © 2011 by The American Health Information Management Association. All Rights Reserved. The type of data an organization creates, manages, and maintains will determine the type of cloud it requires. Healthcare data such as protected health information (PHI) mandate privacy and security protections that warrant use of a private cloud. However, whether clouds provide adequate privacy and security capabilities to protect PHI is debatable. Whether the cloud can meet the requirements mandated for data privacy such as those for the Payment Card Industry Data Security Standard and HIPAA will vary by vendor, consumer, and technical expert. Organizations should research and understand the vendor’s capabilities before making any decisions. Pros and Cons As with any technology, there are pros and cons to using cloud computing. Some of the pros include: Š Š Š Š Cost. There are no upfront capital costs and fewer overhead expenses. The organization pays only for using the services; it saves on investment, maintenance, user licenses, and overhead such as electricity and rack space. Elasticity. Cloud computing acts like a rubber band. It can expand for volume and storage purposes as needed and at a rapid pace. Access. Access is immediate and available anytime from anywhere (as defined by permissions). Disaster planning and back-up. The cloud is resilient in natural disasters as it will continue to function even if the user’s computers and systems crash. Some of the cons include: Š Š Š Š Cost. Although the organization saves on capital investments and maintenance, the costs of its usage can skyrocket if it fails to monitor and manage access to the cloud. Performance. Cloud computing is scalable; however, performance depends on Internet speed and the number of users in the cloud at a given moment. If there is a spike in use, then the cloud may run slowly. A user can never tell if and when a cloud will be slow. Reliance on the Internet. The cloud relies on the Internet. If the Internet goes down, the cloud is inaccessible. Privacy and security. Safeguards do exist to protect the data of cloud consumers. However, the level of privacy and security provided is still in question. There is not enough information to prove or disprove the credibility of the cloud for privacy and security overall. Regarding its ability to safeguard PHI, the cloud needs further evaluation. Contract Considerations Organizations that use a cloud provider must take appropriate measures, as they should with any vendor. Contracts need to be appropriately negotiated and legal counsel consulted. At a minimum, a contract with a cloud provider should include the following details: Š Š Š The security controls that will ensure privacy. Healthcare data must be protected to prevent data breaches and identity theft. Where the data will be stored. Other countries have different laws pertaining to privacy and data ownership. Data recovery procedures and data ownership. In the event the cloud service provider goes out of Copyright © 2011 by The American Health Information Management Association. All Rights Reserved. Š Š business, organizations must ensure all their data are returned and are not sold off to other businesses for data mining. The type of medical information to be stored. Certain file types such as images can consume large volumes of data storage and may cost more to store in the cloud than storing locally. Bandwidth and connection speed required to connect to the cloud. All users, especially busy physicians and clinicians, will get frustrated if the system takes too long to retrieve data. Acknowledgment Tom Walsh, CISSP Notes 1. The National Institute for Standards and Technology. “The NIST Definition of Cloud Computing.” October 2009. Available online at http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-def-v15.doc. 2. Dummies.com. “Cloud Computing for Dummies Cheat Sheet.” Available online at www.dummies.com/howto/content/cloud-computing-cheat-sheet.html. Angela K. Dinh ([email protected]) is a professional practice resource manager at AHIMA. Article citation: Dinh, Angela K.. “Cloud Computing 101” Journal of AHIMA 82, no.4 (April 2011): 36-37. Copyright © 2011 by The American Health Information Management Association. All Rights Reserved.

Click here to ORDER an A++ paper from our Verified MASTERS and DOCTORATE WRITERS:IIT HIM Professionals Role in Compliance Discussion

A

• Grid View