Nebraska statewide telehealth network privacy and security
1 / 26

- PowerPoint PPT Presentation

  • Updated On :

Nebraska Statewide Telehealth Network Privacy and Security. Reta Studnicka [email protected] Laura Meyers [email protected] Mission of the Nebraska Statewide Telehealth Network (NSTN).

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about '' - adamdaniel

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

Mission of the nebraska statewide telehealth network nstn l.jpg
Mission of the Nebraska Statewide Telehealth Network (NSTN)

  • To increase the quality, availability and accessibility of health care throughout the state of Nebraska, particularly as it impacts the rural population within the state.

  • To create video-conferencing capability allowing the rural areas of the State to have access to other health providers and information without the need for extensive travel within a Private Network.

Patient benefits l.jpg
Patient Benefits

  • Decreases travel time

  • Lowers job absenteeism

  • Cost savings

  • Provides earlier disease intervention: Screening opportunities

  • Increased availability of local follow-up care may decrease ALOS in tertiary center

Community benefits l.jpg
Community Benefits

  • Improves Quality of Medical Services

  • Strengthens Ties to Specialty Care

  • Increases Confidence in Local Providers

  • Alleviates Isolation of Rural Providers

  • Increases Diagnostic Resources

Provider benefits l.jpg
Provider Benefits

  • Potential for decreasing outmigration

  • Enhances clinical support

  • Increased referral opportunities

  • Provides the opportunity to enhance and supplement the services provided at existing outreach clinics

Provider benefits6 l.jpg
Provider Benefits

  • Easy access to continuing education

  • Opportunities to consult with other professionals, even internationally

Connection status today l.jpg
Connection Status Today

  • Hub Sites:

    • UNMC (Omaha)

    • St. Elizabeth’s Regional Medical Center (Lincoln)

    • BryanLGH Medical Center (Lincoln)

    • St. Francis Medical Center (Grand Island)

    • Good Samaritan Hospital (Kearney)

    • Great Plains Regional Medical Center (North Platte)

    • Faith Regional Health Services (Norfolk)

    • Regional West Medical Center (Scottsbluff)

Connection status today9 l.jpg
Connection Status Today

  • Sixty-seven rural hospitals are connected to these hubs.

  • Nineteen public health departments will be connected (15-17 are connected at this time)

  • Also have connections to all but one bioterrorism lab

  • Omaha hospitals: Immanuel, Bergan Mercy, Creighton, Childrens, Methodist, Midlands, The Nebraska Medical Center

  • Other connections on the horizon: Winnebago Indian Hospital and Tecumseh State Correctional Institution

Network uses clinical l.jpg
Network Uses: Clinical

  • Clinical Consults

    • Rehabilitation Therapy

    • Disease Management

    • Emergent Care: Trauma, EPC, Mental Health

    • Family Advocacy Network: abuse and sexual abuse

    • Deaf and Hard of Hearing

    • On the horizon: Telepharmacy and Teledentistry

Services approved for reimbursement l.jpg
Services Approved for Reimbursement

  • Consultations (CPT Codes 99241-99275)

  • Office or Other Outpatient Visits (99201-99215)

  • Individual Psychotherapy (90804-90809)

  • Pharmacologic Management (90862)

  • Psychiatric Diagnostic Interview Exams (90801)

  • End Stage Renal Disease (HCPCS codes G0308, G0309, G0311, G0312, G0314, G0317, G0318)

Sites approved for reimbursement l.jpg
Sites Approved for Reimbursement

  • Hospitals (inpatient/outpatient)

  • Critical Access Hospitals

  • Physician/Practitioner Offices

  • Rural Health Clinics

  • Federally Qualified Health Centers

Network uses education l.jpg
Network Uses: Education

  • Education

    • CMEs and CEUs

    • Grand Rounds

    • EMS Continuing Training/Considering Initial Training

    • RN/Allied Health Professional Degree Programs

    • Community Education/Support Groups


Network uses other l.jpg
Network Uses: Other

  • Administrative Meetings

  • Health Alert Network

  • Routine Testing

  • Lung Surgery “Scared Straight”

  • Language Interpretation

Network uses at this time l.jpg
Network Uses at This Time

  • Telehealth Education and Training

    • On-Going

      • Conducting Clinical Consults for Practitioners

      • Peripheral Devices

      • Creating a Telehealth Business Plan

      • Privacy and Security

      • Community Mental Health and Telehealth

      • Electronic Health Records

The nstn current decision making structure priorities committees l.jpg
The NSTN: Current Decision Making Structure, Priorities, Committees

  • Network Advisory Committee

  • Network Operations Group

  • NSTN Education Committee

    • Scheduling

    • Website

    • Evaluation

  • Privacy & Security Subcommittee

Hipaa privacy security and telehealth l.jpg

Covered Entities that must comply with the HIPAA Privacy and Security Standards

  • Health Care Providers

  • Health Plans

  • Health Care Clearinghouses

A reminder l.jpg
A Reminder…. Committees

The HIPAA Privacy Regulation ensures that covered entities will comply with the HIPAA Privacy standards to protect patient’s health information from non-permitted uses and disclosures. For many covered entities, this required the development and implementation of over 50 new policies and procedures with related forms!

Adding telehealth policies telehealth encounters must protect patient health information l.jpg
Adding Telehealth Policies: CommitteesTelehealth Encounters Must Protect Patient Health Information

  • Proper patient admission/registration

  • Notice of Privacy Rights and Practices

  • Acknowledgement

  • Telehealth Visit Consent Form

  • Providing a Private and Secure Telehealth Transmission

  • Providing a Private and Secure physical location for the telehealth encounter

  • Authorized personnel in attendance for telehealth medical visit

Couple of more requirements l.jpg
...couple of more requirements Committees

  • Properly credentialed healthcare providers

    (Recommendation to credential as you would all “in person” healthcare providers)

  • Organized Healthcare arrangements “OHCA” – with the properly credentialed healthcare providers

Hipaa security regulation l.jpg

  • Ensures that covered entities will comply with the HIPAA standards to protect the confidentiality, integrity and availability of Electronic Protected Health Information (EPHI).

  • In the final rule, CMS divides security into three categories – these implementation specifications may be Required or Addressable:

  • Administrative safeguards (164.308)

  • Physical safeguards (164.310)

  • Technical safeguards (164.312)

Required vs addressable l.jpg
Required vs. Addressable Committees


  • Must implement the specification in order to successfully implement the standard


  • Consider the specification, and implement if reasonable and appropriate

  • If not, document why it would not be reasonable and appropriate to implement the specification; and

  • Implement an equivalent alternative measure if reasonable and appropriate

Security standards l.jpg
Security Standards Committees

  • Protect against any reasonably anticipated threats or hazards to the security or integrity of such information

  • Protect against any reasonably anticipated uses or disclosures of such information that are not permitted or required under the security standards

  • Ensure compliance with the security standards by the workforce

  • Ensure confidentiality, integrity and availability of all EPHI the covered entity creates, receives, maintains, or transmits

Next steps l.jpg
Next Steps Committees

  • Coordination between Privacy and Security Officer within the organization

  • Include Telehealth when performing the required HIPAA Security Risk Analysis

  • Include Telehealth when considering Risk Management

  • Include Telehealth when developing and implementing Policies and Procedures

Nebraska statewide telehealth network privacy and security subcommittee goals l.jpg
Nebraska Statewide Telehealth Network Privacy and Security Subcommittee Goals:

  • Conduct the HIPAA Security Risk Analysis for the NSTN

  • Develop policy and procedure templates for Privacy and Security that are applicable to telehealth for the NSTN

  • Gather input from NSTN providers for best practices regarding privacy and security

Questions l.jpg
Questions? Subcommittee Goals: