Compliance Communication
Posted: Tuesday, December 15, 2009
by Rose-Marie Chaperon
Chaperon Consulting, LLC
The act of following regulatory rules is compliance; while some of them are often external requirements such as policies and procedures made by the government and the followers must obey these rules in accordance with ethical practices. To build compliance program requires management involvement and an oversight assessment, education, reporting and a need for remediation. In order to elevate a successful compliance program, it is essential that it is embedded in the culture of In any hospital. It is imperative that everyone knows and understands the three "C's" of compliance which is communication, confirmation and correction.
I would use a flyer and explain what it means when a facility is denied JCAHO accreditation - When a facility is denied JCAHO accreditation it could have an adverse reaction on the facility's client based. When a healthcare facility chooses to participate in the accreditation process, the organization is when that facility loses its accreditation, it loses its measure against national standards that reflect what health care professionals agree is most conducive to providing quality care in organized health care delivery settings. When a facility does not show the pass or fail card, to its clients, it is a way to tell them that they are not up to par with all the federal regulations, and they are not continuously makes efforts to improve the care and services it provides. When a health care facility goes through the standard of accreditation they are evaluated for competence, safety and quality, when that does not happen it informs the public that they have not met the goals.
I would also use a flyer to explain what HIPAA means and its meaning in maintaining patient privacy. The flyer would read - It has always been of critical importance at In any hospital. It is a responsibility of every employee. The Health Insurance Portability and Accountability Act (HIPAA) establishes new requirements for the handling, processing and storage of patient's health information. These new regulations do not replace existing
Confidentiality policies but further support and strengthen the commitment to keep patient information secure. Everyone involved in healthcare must be trained on these new requirements.
There are three different sets of regulations included in HIPAA:
1. Privacy Rules Effective 4/14/03.
2. Standard Transactions Effective 10/16/03.
3. Security rules Effective 4/21/05
The Privacy Rules affect every healthcare worker, volunteer and physician no matter where they work in the healthcare delivery system by identifying certain patient information as "Protected Health Information" (PHI). PHI means any information, whether oral or recorded (MClaren Health, 2009) . I would further explain the following terms in great details: Minimum Necessary Standard, and Things to consider before you disclose PHI such as minor rights, the minimum necessary information and when to disclose PHI to government entities.
When it comes to correction, sometimes it is difficult for everyone to do everything right at all times, a commitment to compliance includes building checks and balances into systems so
they will reveal the evidence if they have been told to do something wrong. Authorization and authentication controls specify who is allowed to do what, and provide evidence of what they did. The history of corporate scandals includes numerous examples of individuals abusing their authority and systems that did not maintain evidence or support the reporting of such abuse (Legrand, 2008) . I would explain that In any hospital takes several measures to ensure that they correct and take every compliance matter seriously no matter how small or large it is.
Lastly, correction plays a major role in compliance, when an organization makes a mistake they have to take certain measures to ensure that history does not repeat itself. When a company has a clear and consistent communication and it is immediately known when a process is broken, they can take the necessary steps to make certain corrective measures. Even trends
and anomalous patterns are detected and information about them is directed into the measurement, reporting and response cycle. Things don't stay broken when there is a good compliance because the responsible parties are identified and held accountable (Legrand, 2008) .
One final step in compliance communication with everyone at In any hospital would be to lay out for everyone what HIPAA compliance means to all of them:
Every patient has the right to expect we will keep their information confidential. This information includes anything that could identify or be used to find out the identity of the patient or their medical condition.
Everyone needs to follow the "need to know" rule. Ask yourself "do I need to see patient information to perform my job.
Do not discuss patient information in public places.
Information you have access to must not be the subject of conversation with family, friends or neighbors.
The minimum necessary standard needs to be applied to all disclosures except for treatment purposes, disclosures to the patient or as required by law.
Compliance Is Not An Option! It is everyone's responsibility at In any hospital.
REFERENCES
Legrand, C. H. (2008, 05 11). Building a Culture of Compliance. Compliance , pp. 4,5,6.
MClaren Health. (2009, 04 18). HIPAA Compliance. HIPAA and Everyone's Responsibility . Bay City, MI, USA: Bay City Medical Center.
This Article has been viewed 542 times. (Not updated in real-time.)
No comments yet.We want your comments! If you can read this, you don't have javascript enabled, so you can't use this comment system. Please enable javascript.