nebraska statewide telehealth network privacy and security l.
Skip this Video
Loading SlideShow in 5 Seconds..
Nebraska Statewide Telehealth Network Privacy and Security PowerPoint Presentation
Download Presentation
Nebraska Statewide Telehealth Network Privacy and Security

Loading in 2 Seconds...

play fullscreen
1 / 26

Nebraska Statewide Telehealth Network Privacy and Security - PowerPoint PPT Presentation

  • Uploaded on

Nebraska Statewide Telehealth Network Privacy and Security. Reta Studnicka Laura Meyers Mission of the Nebraska Statewide Telehealth Network (NSTN).

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Nebraska Statewide Telehealth Network Privacy and Security' - adamdaniel

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
nebraska statewide telehealth network privacy and security

Nebraska Statewide Telehealth Network Privacy and Security

Reta Studnicka

Laura Meyers

mission of the nebraska statewide telehealth network nstn
Mission of the Nebraska Statewide Telehealth Network (NSTN)
  • To increase the quality, availability and accessibility of health care throughout the state of Nebraska, particularly as it impacts the rural population within the state.
  • To create video-conferencing capability allowing the rural areas of the State to have access to other health providers and information without the need for extensive travel within a Private Network.
patient benefits
Patient Benefits
  • Decreases travel time
  • Lowers job absenteeism
  • Cost savings
  • Provides earlier disease intervention: Screening opportunities
  • Increased availability of local follow-up care may decrease ALOS in tertiary center
community benefits
Community Benefits
  • Improves Quality of Medical Services
  • Strengthens Ties to Specialty Care
  • Increases Confidence in Local Providers
  • Alleviates Isolation of Rural Providers
  • Increases Diagnostic Resources
provider benefits
Provider Benefits
  • Potential for decreasing outmigration
  • Enhances clinical support
  • Increased referral opportunities
  • Provides the opportunity to enhance and supplement the services provided at existing outreach clinics
provider benefits6
Provider Benefits
  • Easy access to continuing education
  • Opportunities to consult with other professionals, even internationally
connection status today
Connection Status Today
  • Hub Sites:
    • UNMC (Omaha)
    • St. Elizabeth’s Regional Medical Center (Lincoln)
    • BryanLGH Medical Center (Lincoln)
    • St. Francis Medical Center (Grand Island)
    • Good Samaritan Hospital (Kearney)
    • Great Plains Regional Medical Center (North Platte)
    • Faith Regional Health Services (Norfolk)
    • Regional West Medical Center (Scottsbluff)
connection status today9
Connection Status Today
  • Sixty-seven rural hospitals are connected to these hubs.
  • Nineteen public health departments will be connected (15-17 are connected at this time)
  • Also have connections to all but one bioterrorism lab
  • Omaha hospitals: Immanuel, Bergan Mercy, Creighton, Childrens, Methodist, Midlands, The Nebraska Medical Center
  • Other connections on the horizon: Winnebago Indian Hospital and Tecumseh State Correctional Institution
network uses clinical
Network Uses: Clinical
  • Clinical Consults
    • Rehabilitation Therapy
    • Disease Management
    • Emergent Care: Trauma, EPC, Mental Health
    • Family Advocacy Network: abuse and sexual abuse
    • Deaf and Hard of Hearing
    • On the horizon: Telepharmacy and Teledentistry
services approved for reimbursement
Services Approved for Reimbursement
  • Consultations (CPT Codes 99241-99275)
  • Office or Other Outpatient Visits (99201-99215)
  • Individual Psychotherapy (90804-90809)
  • Pharmacologic Management (90862)
  • Psychiatric Diagnostic Interview Exams (90801)
  • End Stage Renal Disease (HCPCS codes G0308, G0309, G0311, G0312, G0314, G0317, G0318)
sites approved for reimbursement
Sites Approved for Reimbursement
  • Hospitals (inpatient/outpatient)
  • Critical Access Hospitals
  • Physician/Practitioner Offices
  • Rural Health Clinics
  • Federally Qualified Health Centers
network uses education
Network Uses: Education
  • Education
    • CMEs and CEUs
    • Grand Rounds
    • EMS Continuing Training/Considering Initial Training
    • RN/Allied Health Professional Degree Programs
    • Community Education/Support Groups
network uses other
Network Uses: Other
  • Administrative Meetings
  • Health Alert Network
  • Routine Testing
  • Lung Surgery “Scared Straight”
  • Language Interpretation
network uses at this time
Network Uses at This Time
  • Telehealth Education and Training
    • On-Going
      • Conducting Clinical Consults for Practitioners
      • Peripheral Devices
      • Creating a Telehealth Business Plan
      • Privacy and Security
      • Community Mental Health and Telehealth
      • Electronic Health Records
the nstn current decision making structure priorities committees
The NSTN: Current Decision Making Structure, Priorities, Committees
  • Network Advisory Committee
  • Network Operations Group
  • NSTN Education Committee
    • Scheduling
    • Website
    • Evaluation
  • Privacy & Security Subcommittee
hipaa privacy security and telehealth

Covered Entities that must comply with the HIPAA Privacy and Security Standards

  • Health Care Providers
  • Health Plans
  • Health Care Clearinghouses
a reminder
A Reminder….

The HIPAA Privacy Regulation ensures that covered entities will comply with the HIPAA Privacy standards to protect patient’s health information from non-permitted uses and disclosures. For many covered entities, this required the development and implementation of over 50 new policies and procedures with related forms!

adding telehealth policies telehealth encounters must protect patient health information
Adding Telehealth Policies:Telehealth Encounters Must Protect Patient Health Information
  • Proper patient admission/registration
  • Notice of Privacy Rights and Practices
  • Acknowledgement
  • Telehealth Visit Consent Form
  • Providing a Private and Secure Telehealth Transmission
  • Providing a Private and Secure physical location for the telehealth encounter
  • Authorized personnel in attendance for telehealth medical visit
couple of more requirements
...couple of more requirements
  • Properly credentialed healthcare providers

(Recommendation to credential as you would all “in person” healthcare providers)

  • Organized Healthcare arrangements “OHCA” – with the properly credentialed healthcare providers
hipaa security regulation
  • Ensures that covered entities will comply with the HIPAA standards to protect the confidentiality, integrity and availability of Electronic Protected Health Information (EPHI).
  • In the final rule, CMS divides security into three categories – these implementation specifications may be Required or Addressable:
  • Administrative safeguards (164.308)
  • Physical safeguards (164.310)
  • Technical safeguards (164.312)
required vs addressable
Required vs. Addressable


  • Must implement the specification in order to successfully implement the standard


  • Consider the specification, and implement if reasonable and appropriate
  • If not, document why it would not be reasonable and appropriate to implement the specification; and
  • Implement an equivalent alternative measure if reasonable and appropriate
security standards
Security Standards
  • Protect against any reasonably anticipated threats or hazards to the security or integrity of such information
  • Protect against any reasonably anticipated uses or disclosures of such information that are not permitted or required under the security standards
  • Ensure compliance with the security standards by the workforce
  • Ensure confidentiality, integrity and availability of all EPHI the covered entity creates, receives, maintains, or transmits
next steps
Next Steps
  • Coordination between Privacy and Security Officer within the organization
  • Include Telehealth when performing the required HIPAA Security Risk Analysis
  • Include Telehealth when considering Risk Management
  • Include Telehealth when developing and implementing Policies and Procedures
nebraska statewide telehealth network privacy and security subcommittee goals
Nebraska Statewide Telehealth Network Privacy and Security Subcommittee Goals:
  • Conduct the HIPAA Security Risk Analysis for the NSTN
  • Develop policy and procedure templates for Privacy and Security that are applicable to telehealth for the NSTN
  • Gather input from NSTN providers for best practices regarding privacy and security