Skip this Video
Download Presentation
Making a CHC EM Program Work— Tools, Tips & Strategies

Loading in 2 Seconds...

play fullscreen
1 / 21

Making a CHC EM Program Work— Tools, Tips & Strategies - PowerPoint PPT Presentation

  • Uploaded on

Making a CHC EM Program Work— Tools, Tips & Strategies. Amelia Muccio [email protected] Director of Emergency Management NJPCA. Objectives. Tools, Tips and Strategies for Everyday Preparedness Accreditation Standards Planning, Training, Exercising Needs

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about ' Making a CHC EM Program Work— Tools, Tips & Strategies ' - justina-mccarthy

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

Making a CHC EM Program Work— Tools, Tips & Strategies

Amelia Muccio

[email protected]

Director of Emergency Management


  • Tools, Tips and Strategies for Everyday Preparedness
  • Accreditation Standards
  • Planning, Training, Exercising Needs
  • Health Information Technology and Future of Center’s IT
  • Instilling a Culture of Preparedness
chcs emergency preparedness
CHCs & Emergency Preparedness
  • 50 States and US Territories
  • 1,250 Centers
  • 20 million patients served annually
  • 20 Centers with 100 sites
  • 425,000 patients served annually
  • Provide services to at risk populations
  • Triage, screen and treat lower acuity patients “walking wounded”
  • Provide surge capacity during emergency
  • Provide mass vaccination
  • Serve as Point of Dispensing
  • Decompress healthcare system
  • Serve as Alternate Care Site
  • FQHC accreditation standards for emergency preparedness:
    • Bureau of Primary Health Care Policy Information Notice 2007-15 (PIN)
    • Joint Commission (JC)
    • Accreditation Association for Ambulatory Care (AAAHC)
    • National Committee for Quality Assurance (NCQA)
    • National Incident Management System (NIMS)
personal preparedness
Personal Preparedness
  • Do you have a family communications plan?
  • Do you have a go bag?
  • Do you have a pet go bag?
  • Have you made arrangements for childcare if you are needed at work?
  • What about your other family members including elderly and pets?
  • Identifies potential emergencies and the direct/indirect effects these emergencies may have on CHC’s operation and demand for services
  • The risks identified should be prioritized based on likelihood of occurrence and severity
risk management
Risk Management
  • Identifying and assessing risk, reducing it to an acceptable level and implementing mechanisms to maintain that level
  • Risk reduction (countermeasures, HVA)
  • Risk transference (insurance)
  • Risk acceptance (may happen)
  • Risk rejection (do nothing)
what threatens information
What Threatens Information?
  • Misuse
  • Disasters
  • Data interception
  • Computer theft
  • Identify/Password theft
  • Malicious software
  • Data theft/corruption
  • Vandalism
  • Human error
planning elements
Planning Elements
  • Continuity of Operations
  • Command and Control
  • Staffing
  • Surge Patients
  • Medical and Non-Medical Supplies
  • Pharmaceuticals
  • Security
  • Evacuation
  • Decontamination
  • Isolation
  • Power Supply
  • Transportation
  • Water/Sanitation
  • Communications
  • Medical Records Security and Access
  • EOPs-how org will respond to emergencies
    • Basic plan
    • Functional annexes
    • Incident-Specific appendices
  • Procedures-SOPs
  • Preparedness plans-training needs
  • Corrective action/mitigation plans-activities required to implement lessons learned
  • Recovery plans-long term actions needed
policies and procedures
Policies and Procedures
  • Establish security culture
  • Establish best security practices
  • Define goals and structure of security program
  • Educate personnel
  • Maintain compliance with any regulations
  • Ex: email policy, Internet usage, physical security
business continuity plans
Business Continuity Plans
  • A comprehensive written plan to maintain or resume business operations in the event of a disruption
  • Continue critical business operations
  • Jeopardize normal operations
  • Most critical operations
  • May require alternate sites (hot, warm, cold)
  • What do we need to KEEP going?
disaster recovery plan
Disaster Recovery Plan
  • A comprehensive written plan to return business operations to the pre-disruption state following a disruption
  • Restore IT functions (prep and restore)
  • Jeopardize the normal operations
  • Includes all operations
plan testing training and exercising
Plan Testing, Training and Exercising
  • Testing is a critical to ensure a viable contingency capability
  • Conduct plan exercises
  • Tabletops are useful tools!
exercises building block approach
Exercises—Building Block Approach
  • Seminar (Discussion)
  • Workshop (Discussion)
  • Tabletop Exercise (TTX) (Discussion)
  • Games (Discussion)
  • Drills (Operations)
  • Functional Exercises (FXE) (Operations)
  • Full Scale Exercises (FSE) (Operations)
electronic health records
Electronic Health Records
  • Vulnerabilities discovered, reported to eHealth vendor and then patched
  • Patches take A LOT of time to fix
  • 2,211 days (vendor) vs. 284 days (Microsoft)
  • No one eHealth vendor in charge
ehr vulnerabilities
EHR Vulnerabilities
  • Unauthorized users can compromise integrity and confidentiality
  • Unauthorized access to computer networks
  • Password protection (hacks and policies)
  • Subversive software (malware)
  • Disaster
personal information security countermeasures
Personal Information Security Countermeasures
  • Password policies
  • Backup
  • Spoofing countermeasures
  • Malware detection and prevention
  • 93% of companies that lost their data center for 10 days or more due to a disaster filed for bankruptcy within one year of the disaster
  • 50% of businesses that found themselves without data management for this same period filed for bankruptcy immediately
security and assurance program
Security and Assurance Program
  • Protective measures include:
  • Firewalls and virus protection systems
  • Password procedures
  • Information encryption software
  • Computer access control systems
  • Computer security staff background checks (at initial hire and periodically)
  • Computer security staff training & 24/7 on-call technical support
  • Computer system recovery and restoration plans
  • Intrusion detection systems
  • Redundant & backup systems, & offsite backup data storage
additional resources
Additional Resources
  • Planning/Trainings/Exercises
  • HAZMAT, MCI, workplace violence, severe weather, fit-testing, novel influenza, hostile patient, active shooter, foodborne outbreak, hostage situation, bomb scare, communications, ICS/NIMS, PINS, cyber security, power outages, COOP, business continuity, personal preparedness…