124-Bed Hospital

Privacy Officer

Focal point for HIPAA compliance activities; establishes accountability and structure to HIPAA Compliance Steering Committee.

Chairs the HIPAA Compliance Steering Committee.

Coordinates, implements and monitors HIPAA privacy initiative.

Coordinates with Human Resources the training and education component of the HIPAA Privacy Compliance Program.

Receives reports of non-compliance and potential privacy and security breaches through a telephone "hot-line" and investigates reports.

Consults with legal counsel on changes in law and consults with legal counsel to assess potential legal exposure for current practices, as well as reports of non-compliance.

Oversees auditing and monitoring of privacy practices.

Provides annual (or more frequent) reports on HIPAA compliance activities (including hot-line activity) to the President/CEO and Board of Directors.

Disseminates information to the organization's employees and other agents relating to changes in relevant laws.

Provides clarification on organization's privacy compliance policies.

Reviews certain critical decisions and strategic planning of the organization before decision has been made for potential problems related to HIPAA rules.

Reviews departments on an annual basis to assess particular HIPAA compliance needs of that department.

Needs sufficient independence, freedom and authority to implement a HIPAA Privacy Compliance Program, respond to reports of non-compliance, investigate the report without interference, interview any employee, stop an instance of non-compliance, and correct non-compliant activities.

Has independent access to the Board of Directors and the President/CEO.