Word File Edit View Insert Format Tools Table Window Help GO ? 18% Tue 9:21 PM Q AutoSave . OFF A B ? C 6 P .. WE Health Information Technology (HIT) Audit Compliance Evaluation Matrix + Home Insert Draw Design Layout References Mailings Review View ConvergePoint Acrobat >> Tell me Share Comments USAF Music, Phone pi RE Calibri (BO... ~ 11 A A Aa Po E downloads Mili paste BIUvab X x A DA Styles Styles Dictate Sensitivity Editor Create and Share Request Pane Adobe PDF Signatures Report Health Information Technology Audit Compliance Evaluation STERS UMUC Downloads 5 Oc R Matrix Name: Date: More The Law and Legal requirements & Compliance Compliance The next managerial Guard/Reser Audit Findings Priority Rank for Code Section Penalties for Assessment Risk Action action you would non-compliance with Assessment take to comply with the Law Comply 1 First to need action the law High 10 Last to need action Partial Medium Describes the action A Compliance Low For each audit finding you would take next. determine its priority State reasons to Non-compliance (Evaluate and for action based on the support your action Rate Risk compliance risk and explain why it is (Support your Of Non assessment the next action Compliance Compliance (Number each audit rating) based on audit finding from 1-10 in al Aspects findings order of priority with 1 theare Adm and penalties being the first priority for non- and each having a compliance) different number) Justify your rating Justify your priorities 1. The audit finds HIPAA Breach that the company Notice has a good record are retention policy in place and a solid process to de- identify personal health Kidney Transp information (PHII) Internship before removal of view PHI from computers. This Family view ? need to che Help Page 1 of 10 970 words English (United States) > Tell me Share Comments Calibri (BO... ~ 11 A A Aa Po 2- vav AND USAF Music, Phone pi RE Mili E Ev downloads paste BIUab x x A DAY Styles Styles Dictate Sensitivity Editor Create and Share Request Pane Adobe PDF Signatures Report STERS UMUC Downloads 5 process has been Oc R in place for one year More However, two years ago the Guard/Reser company sold 10 office computers on e-bay and replaced them A with newer models. PHI of 10,000 patients was found on the 10 computers after they were al Aspects sold. The theare Adm company learned of this 1 % years ago and did nothing to follow- up. There is no breach notice are policy. 2. The audit found | 21st Century that the Cures Act and organization has a Patient Access Kidney Transp patient porta to EHI Internship where patients can review their CEHRT view electronic health Interoperability information (EHI) through a secure Family portal. This has view ? need to che Help Page 2 of 10 970 words English (United States) Accessibility: Good to go Focus E + 120% somethingWord File Edit View Insert Format Tools Table Window Help 18%D Tue 9:21 PM Q AutoSave . OFF A B 9 0 6 P .. Health Information Technology (HIT) Audit Compliance Evaluation Matrix + Home Insert Draw Design Layout References Mailings Review View ConvergePoint Acrobat >> Tell me Share Comments RE Calibri (BO... ~ 11 A A Aa Po AND USAF Music, Phone pi Mili E EV downloads paste BIUab X x A DAY Styles Styles Dictate Sensitivity Editor Create and Share Request Pane Adobe PDF Signatures Report STERS UMUC Downloads 5 Oc R been popular with patients and there More have been no security breaches. Guard/Reser However recent patient satisfaction surveys indicate A patients would like to be able to access their prescription drug records through the portal. The al Aspects organization theare Adm putsources its pharmacy through a national vendor. The vendor is willing to make the information are available, but the organization EHR system is not compatible with the vendor so it Kidney Transp would be very Internship expensive. The view organization currently charges $12 for patient access to Family pharmacy records. lew ? Help Page 3 of 10 970 words English (United States) 1Accessibility: Good to go Focus E + 120% somethingWord File Edit View Insert Format Tools Table Window Help 18%D Tue 9:21 PM Q AutoSave O OFF A B . G G P .. Health Information Technology (HIT) Audit Compliance Evaluation Matrix Home Insert Draw Design Layout References Mailings Review View ConvergePoint Acrobat >> Tell me Share Comments + RE Calibri (BO... ~ 11 A A Aa Po AND USAF Music, Phone pi downloads Mili E HE paste BIUab x x A DAY Styles Styles Dictate Sensitivity Editor Create and Share Request Pane Adobe PDF Signatures Report 3. The audit HIPAA Security STERS UMUC Downloads 5 showed that a Oc R security risk analysis was done More 5 years ago and that the issues Guard/Reser identified were corrected. No security risk analysis has been A completed since then even though the organization purchased a new electronic health record (EHR) al Aspects system 2 years theare Adm ago. The sellers of the EHR system said the system itself was a tool to manage risk. The audit showed are that there have been 5 security breached in the last 5 years and that they al Kidney Transp involved "curious Internship employees" view looking at the records of high profile patients. only action Family view ? need to che Help Page 4 of 10 970 words English (United States) 13 Accessibility: Good to go Focus E + 120% somethingWord File Edit View Insert Format Tools Table Window Help 18%D Tue 9:21 PM Q AutoSave O OFF A B 9 0 6 P .. Health Information Technology (HIT) Audit Compliance Evaluation Matrix + Home Insert Draw Design Layout References Mailings Review View ConvergePoint Acrobat >> Tell me Share Comments Calibri (BO... ~ 11 A A Aa A AND USAF Music, Phone pi RE Mili E Ev downloads paste BI Uvab x x A DAY Styles Styles Dictate Sensitivity Editor Create and Share Request Report Pane Adobe PDF Signatures STERS UMUC Downloads 5 Oc R taken against the employees was a reprimand by the More supervisor and attendance at an Guard/Reser extra HIPAA training session. 4. The audit found GDPR A that your health care organization is known internationally. In the last 2 years, you have treated al Aspects 25 international theare Adm patients of whom 10 were from the European Union (EU). All 10 of the EU patients requested their are medical records be sent to their health care providers in the EU. Your health Kidney Transp care organization Internship honored these view requests for medical records as it would any other medical record Family request. view ? need to che Help Page 5 of 10 970 words English (United States) Accessibility: Good to go Focus E + 120% something