Meeting & Agendas

Decision/Actions: Motion to approve Gina Swearingen Second Renee Cornett Decision/Actions: Agenda approved by committee.

Motion to approve Minutes Robyn Richter Second Kirk White Decision/Actions: Minutes approved by committee

Discussion: Survey Monkey use Compliance Reviews submitted Compliance Review not submitted Decisions/Actions: Committee Approval of Survey Monkey process and results Follow-up Items: >Survey Monkey Use for one last review. Person responsible: Kirk White Deadline: ASAP >Addition to HIPAA Compliance Review – Business Associate. Person Responsible: Renee Cornett. Deadline: ASAP >Inform committee of additional information from late review. Person responsible: Pat Recek. Deadline: ASAP >Membership for Survey Monkey for Health Science. Person Responsible: Eileen Klein. Deadline: None

Discussion: Committee reviewed the results of the compliance reviews that had been submitted. There were three programs who did not submit on time; one had since submitted, but the results were not available. The survey will be activated again so that the other departments can complete the Compliance Review. Survey monkey is able to report the data in several ways: aggregated the responses, but the committee was able to retrieve the individual program surveys for the records. The responses on the Business Associates agreements were reviewed. That committee felt that some of the “false” responses were based on lack of clarity in the actual item and suggested revisions for future surveys discussed. Items of most concern were the “false” responses to the items: •Formal privacy and security policies for all faculty, staff, and students exist and training is provided and documented on an annual basis. •Department has a process to document any intentional or unintentional disclosure of PHI. •Department has a course of action for HIPAA related complaints. •Department policies and procedures managed to allow access for six years (training records, requests, and violations. Three Handouts Answers submitted on reviews, answer of True, answer of False Additional space on review for clarification to some answers Addition of information to skip portion if not applicable. Addition of clarification box if an answer is false Identify questions that should be re-written on Business Associate Compliance Review Identify questions that should be re-written on Covered Entity/Hybrid Provider Review Decisions/Actions: Address False Replies with Department Chair Rewrite Questions for next time, Suggestion for a comment box- current tool did have a comment box for each item. Committee agreed that next year an on-site audit of each area will be conducted using specified essential components that will be identified in fall meeting. Follow-up Items: >Notify Committee of additional information from late review. Person responsible: Pat Recek. Deadline: ASAP >Review questionable answers and notify department chair. Person responsible: Pat Recek. Deadline: ASAP >Faculty HIPAA re-education. Persons responsible: Pat Recek, Deadline: Department Chair Meeting. Most of the departments indicating “false” to the above items are in the HS division. >P. Recek will do a presentation during a DC meeting to review the policies and reeducate the DC’s about the obligations of the department related to HIPAA. Person responsible: Pat Recek. Deadline Department Chair Meeting >Send out reminders to Department chairs to review HIPAA with staff and make sure all department procedures are being followed- will send out before the fall semester so that students are compliant as clinical begins. Person Responsible: Pat Recek Deadline: none >Becky Cole has investigated the possibility of HIPAA being placed on the automatic reminder system like ADA and Sexual Harassment. >Placing HIPAA compliance in the faculty handbook. Person Responsible: Susan Corbett. Deadline: none

Campus HIPAA Policies- The question was raised whether the ACC Campus Police Reports have the potential to contain PHI. The committee agreed that it is likely to contain PHI. Becky Cole will follow up with Campus Police because part of their actions relate to Workman’s Compensation which is not subject to HIPAA Laws. Decisions/Actions: All departments should review HIPAA within the department/staff/students. Follow up on all training. Request Updates on employee handbook. >ACC Campus Police Reports – HIPAA Compliant. Person responsible: Becky Cole. Deadline: None

Discussion:Review of the following for new members: History of HIPAA at ACC Compliance Audit/Review – Business Associate Compliance Audit/Review – Covered Entity/Hybrid Provider Compliance Coordinator – Responsibilities and duties Background Checks, vendor and process for student and compliance coordinator. Decisions/Actions: Kirk White’s replacement on the committee will be Doug Mitchell, dmitchell@austincc.edu , 512-223-7090. Mr. Mitchell is the Healthcare Program Coordinator for Continuing Education/Health Professions Institute. Mr. Mitchell will replace Kirk White as a committee member and the HIPAA Training Officer. Kirk White was presented with a certificate for his dedicated service and contributions to the ACC HIPAA Task Force Committee. Committee members acknowledged his service. Mary Ann Bridges was welcomed as a new committee member. Ms. Bridges, mbridges@austincc.edu, 512-223-1142, is the new Institutional Records Manager for ACC. >Training Module Questions to be replaced – there are two versions and they are to be switched each year. Person responsible: Doug Mitchell, Training Officer & Daniel Schmidt, Computer Lab Manager, Deadline: Fall 2010.

No violations at this time. Becky Cole asked the committee to consider the following scenario: Faculty/ staff have an ADA accommodation and transfers to another department. Does the new supervisor need to know what the reason is for the accommodation or just what the accommodation is. Committee members agreed that the medical reason for the accommodation is kept in HR in their benefits file and that information is not required to be shared with a new supervisor—only the specific accommodation is sent forward. Employees can self disclose any additional information. Decisions/Actions: ADA is separate from Covered Entity.

None

Next Meeting Date:November 2009 Time:TBA Location: EVC, Bldg. 8000, 3rd Floor, Room 8358