Lesson 7 Discussion Board
This week, you will only be posting twice. There are no reply posts. Each of your posts must be 100 words in order to receive full credit.
Post #1: Choose and describe one of the following electronic communication tools for your Wednesday post due byWednesday at 11:59 PM
internet
socialmedia
Cloud
e-mail
Post #2: Give an example of how the electronic communication that you describe in your post #1 might be used in the medical office.
COMPUTERS IN THE MEDICAL OFFICE COMPUTERS IN THE MEDICAL OFFICE Computers in the medical office The computer plays an important role in a medical office. Some or all front office duties are done on a computer. Messaging Scheduling Payments Reminders MA needs to be familiar with the hardware and software used in the medical office. USE OF COMPUTERS IN MEDICINE Computers enhance the quality of patient care in terms of efficiency, safety, and cost containment: * Data Collection. * Eliminating duplicate work. * Decreasing errors. COMPUTER BASICS Computer: Programmable machine Hardware: Physical parts of the computer. (CPU, hard drive, mother board, mouse, keyboard, scanner, printer, microphone, cables, wires) Computer Terms Software: Software is all of the instructions and programming that provide instructions to the computer. Types of Software Application Software Operating System Software Storage Devices: Devices used to organize and retain data . RAM (DRAM) or main memory; magnetic tape and magnetic disk; optical disc, such as CDs, DVDs and Blu-ray disks; flash memory, usb drives, media cards and in-memory storage; and cache memory Batch: Data stored for processing at periodic intervals. TYPES OF COMPUTERS Supercomputers fastest and the most expensive computers used to solve very complex science and engineering problems Servers Provides services to other computer programs. The tower of your desktop. Workstations Computers connected to a network. A thin client configuration is a desktop terminal that has no hard drive with all features/programs/memory typically found on the desk stored back in the data center Personal computer (PC) Most common Desktop, laptop, notebook, or tablet Handheld (PDAs) COMPUTER HARDWARE CPU: (Central Processing Unit) Brain of the computer. Speed is determined by the MHz (megahertz) or GHz capacity. Microprocessor – small chip that processes data. Memory Measured & stored in kilobytes(K or Kb), megabytes (M or Mb), or gigabytes (G or Gb). Gigabytes are the largest. Higher the number of byte = the more storage. RAM) Random-Access Memory: Active memory of computer while turned on. Memory needed to run software & store data that may not have been saved. Only active while computer is on. When computer is off RAM memory is gone. (ROM) Read-Only Memory: Internal Permanent Storage. Makes the computer operate. You cannot access or change data. Input/Output Hardware Input Devices Keyboard Mouse Track pad Microphone Optical pens Output Devices Monitor Speakers Printer PRACTICE MANAGEMENT SOFTWARE (pms) Software program for administrative and business functions of a medical office such as: Appointment Scheduling Patient Registration Coding & Charge Entry Billing & Claims Processing Electronic Claims Submission Patient & Insurance Payment Posting Patient Statements & Collections Patient Reminders Reimbursement Management Reports & Analysis Computer System Security HIPAA Implemented Security Rule protecting (e-PHI), Electronic Protected Health Information. Require 3 Safeguards: Administratibe, Physical, and Technical Administrative and Physical Safeguards 1. Administrative Safeguards * Designate Privacy Officer * Conduct training on PHI * Policies * Emergency Plans for Data Loss. 2. Physical Safeguards * Proper positioning of work stations to prevent viewing * Protection from environmental hazards or unauthorized access * Procedures when hardware is added/removed. Technical Safeguards 3. TECHNICAL Safeguards: * Access control *Password Requirements * Audit control * Data integrity * Firewalls * Data Encryption SYSTEM MAINTENANCE 1. Data Backup: * Copying of files to external media. Disaster recovery: Safeguard incase of system failure, fire, or equipment theft. Stored in a secure location 2. Virus Protection: * Software that scans computer data to detect & disable malicious virus programs. Should run this on a regular basis. 3. Firewall: * Hardware/Software barrier that prevents outsiders from knowing your computer on the network. 4. File Cleanup: * Deletion of temporary files, cookies, & internet history. * Should run automatically. COMPUTER ERGONOMICS for working comfortably CHAIR: Chair height – Feet flat on the floor & knees at the same level. Back of chair should be 100-110 degrees reclined angle. Make sure upper & low back are supported. KEYBOARD: Shoulders relaxed. Elbows in slightly opened position. Wrists & Hands are straight. MONITOR: Neck should be neutral/relaxed position. Monitor centered directly in front of you. Position top of monitor 2-3 inches above seated eye level. BODY: Stretch 1-2 minutes every 20-30 minutes. Every hour, take a break & change task for 5-10 minutes. Avoid eye fatigue. Look away periodically & focus on something in the distance. Chapter 2 Your Practice and the HIPAA Rule, Guide to Privacy and Security of Electronic Health Information Guide to Privacy and Security of Electronic Health Information 10 Chapter 2 Your Practice and the HIPAA Rules Understanding Provider Responsibilities Under HIPAA The Health Insurance Portability and Accountability Act (HIPAA) Rules provide federal protections for patient health information held by Covered Entities (CEs) and Business Associates (BAs) and give patients an array of rights with respect to that information. This suite of regulations includes the Privacy Rule, which protects the privacy of individually identifiable health information; the Security Rule, which sets national standards for the security of electronic Protected Health Information (ePHI); and the Breach Notification Rule, which requires CEs and BAs to provide notification following a breach of unsecured Protected Health Information (PHI). CEs must comply with the HIPAA Privacy,10 Security,11 and Breach Notification12 Rules. BAs must comply with the HIPAA Security Rule and Breach Notification Rule as well as certain provisions of the HIPAA Privacy Rule. Whether patient health information is on a computer, in an Electronic Health Record (EHR), on paper, or in other media, providers have responsibilities for safeguarding the information by meeting the requirements of the Rules. This chapter provides a broad overview of the HIPAA privacy and security requirements. You may also need to be aware of any additional applicable federal, state, and local laws governing the privacy and security of health information.13 9 http://www.healthit.gov/providers-professionals/regional-extension-centers-recs 10 http://www.hhs.gov/ocr/privacy/hipaa/administrative/privacyrule/index.html 11 http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/ 12 http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/index.html 13 State laws that are more privacy-protective than HIPAA continue to apply. Where Can I Get Help or More Information? Regional Extension Centers (RECs)9 across the nation can offer customized, on-the-ground assistance to providers who are implementing HIPAA privacy and security protections. http://www.hhs.gov/ocr/privacy/hipaa/administrative/privacyrule/index.html http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/ http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/index.html http://www.healthit.gov/providers-professionals/regional-extension-centers-recs http://www.hhs.gov/ocr/privacy/hipaa/administrative/privacyrule/index.html http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/ http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/index.html http://www.healthit.gov/providers-professionals/regional-extension-centers-recs Guide to Privacy and Security of Electronic Health Information 11 What Types of Information Does HIPAA Protect? The Privacy Rule protects most individually identifiable health information held or transmitted by a CE or its BA, in any form or media, whether electronic, paper, or oral. The Privacy Rule calls this information “protected health information” or “PHI.” Individually identifiable health information is information, including demographic information, that relates to: • The individual’s past, present, or future physical or mental health or condition, • The provision of health care to the individual, or • The past, present, or future payment for the provision of health care to the individual. In addition, individually identifiable health information identifies the individual or there is a reasonable basis to believe it can be used to identify the individual. For example, a medical record, laboratory report, or hospital bill would be PHI if information contained therein includes a patient’s name and/or other identifying information. The HIPAA Rules do not apply to individually identifiable health information in your practice’s employment records or in records covered by the Family Educational Rights and Privacy Act (FERPA), as amended.14 Who Must Comply with the HIPAA Rules? CEs15 and BAs must comply with the HIPAA Rules. CEs include: • Health care providers who conduct certain standard administrative and financial transactions in electronic form, including doctors, clinics, hospitals, nursing homes, and pharmacies. Any health care provider who bills electronically (such as a current Medicare provider) is a CE. • Health plans • Health care clearinghouses A BA is a person or entity, other than a workforce member16 (e.g., a member of your office staff), who performs certain functions or activities on your behalf, or provides certain services to or for you, when the services involve the access to, or the use or disclosure of, PHI.17 BA functions or activities include 14 20 United States Code (USC) 1232g; 45 Code of Federal Regulations (CFR) 160.103; http://www2.ed.gov/policy/gen/guid/fpco/doc/ferpa-hipaa-guidance.pdf 15 http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/index.html 16 Workforce members are employees, volunteers, trainees, and other persons whose conduct, in the performance of work for a covered entity, is under the direct control of such covered entity, whether or not they are paid by the covered entity. 45 CFR 160.103. 17 http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/index.html and 45 CFR 160.103. http://www2.ed.gov/policy/gen/guid/fpco/doc/ferpa-hipaa-guidance.pdf http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/index.html http://www2.ed.gov/policy/gen/guid/fpco/doc/ferpa-hipaa-guidance.pdf http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/index.html http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/index.html Guide to Privacy and Security of Electronic Health Information 12 claims processing, data analysis, quality assurance, certain patient safety activities, utilization review, and billing. BA services to a CE can be legal, actuarial, accounting, consulting, data aggregation, information technology (IT) management, administrative, accreditation, or financial services.18 Many contractors that perform services for a CE are not BAs because the services do not involve the use or disclosure of PHI. Examples of BAs include: • Health Information Organizations or Exchanges (HIOs/HIEs) • E-prescribing gateways • Other person who provides data transmission services (that involve routine access to PHI) to a CE • A subcontractor to a BA that creates, receives, maintains, or transmits PHI on behalf of the BA • An entity that a CE contracts with to provide patients with access to a Personal Health Record (PHR) on behalf of a CE Following are some scenarios to help illustrate who is and who is not a BA. This is not an exhaustive list of examples. • You hire a company to turn your accounting records from visits into coded claims for submission to an insurance company for payment; the company is your BA for payment purposes.19 • You