HIPAA Summit West: 1 in 4 Organizations Report Data Breaches
In many organizations, the compliance officers have been given the role of privacy officer, but Patrick maintains that they're different roles with different regulations.
"I don't advocate that the compliance officer also be the privacy officer," Patrick told the audience, though she does recognize many smaller facilities must do so.
What suffers when privacy and security officers are doing too many things? Policies and procedures that don't get updated or delivered and staff members who are not properly educated on them.
In some cases, such as the case of the Pittsburgh Pirates and social media, they were never written.
Angel Hoffman, RN, MSN, corporate quality/compliance officer, Kane Regional Medical Centers and principal, Advanced Partners in Health Care Compliance in Pittsburgh, told the audience about Major League Baseball's Pittsburgh Pirates, which fired an employee for inappropriate Facebook posts about the organization.
But since the Pirates did not have a policy for social media use, it had to rehire the employee.
Hoffman said organizations must have a sanctions policy for enforcement.
Remind employees that when something's written, it never goes away, Hoffman said. Organizations cannot ban social media use among its employees, but they must have a policy for it and educate employees on the consequences of inappropriate posts.
- MU Compliance Announcement Sparks Concern, Confusion
- New G-Codes to Pay Doctors for Broad Array of Non-Face-to-Face Care
- Scary Financial Challenges for 2014
- MGMA Urges 'End-to-End' ICD-10 Testing
- 1 in 5 CT Screenings for Lung Cancer Results in Overdiagnosis
- Telehealth Improves Patient Care in ICUs
- CMS Sets 2014 Pay Rates for Hospital Outpatient and Physician Services
- LifePoint Bolsters Presence in Michigan's Upper Peninsula
- States Rejecting Medicaid Expansion Forgo Billions in Federal Funds
- Douglas Hawthorne—A Chance to Do Something Big