Christy Navarro works with hospitals and their business partners to implement robust and transparent privacy programs across a large network of de-centralized hospitals. Christy started her career in privacy over a decade ago and became the Chief Privacy Administrator for Catholic Healthcare West in 2010. She holds a Bachelor's degree from California State University, Sacramento and is currently pursuing a Masters of Science Degree in Health Informatics at UC Davis Medical Center (expected completion Summer 2013).
Abstract: Prior to developing the privacy impact analysis tool that San Francisco-based Catholic Healthcare West (CHW) currently uses, Christy Navarro, CIPP,CHW's senior privacy and data security analyst, knew there had to be a better way.
When business owners introduced new software applications, contracts, or projects and shared PHI and other sensitive business information, it was a challenge for CHW's privacy officials to examine the privacy ramifications of such activities and make the necessary recommendations. Privacy officials at each of CHW's 42 hospitals and medical centers in California, Arizona, and Nevada conducted their own nonuniform reviews, looking at all 40 privacy-related policies regardless of the nature of the project.
The privacy review process-an examination of various business activities to ensure consistency with organizational privacy policies-needed simplification and standardization, says Navarro.
"We were all essentially doing the same activity using a different approach each time. We needed to standardize it," she adds.
Abstract: As the nation moves toward greater adoption and leveraging of health information technology, the issue of protecting and providing proper access to health records has become a central element of concern. In addition to that attention, the last few years have seen a marked increase in the enforcement of various health information privacy laws at both the federal and state level. While the theme of only a few years ago was "voluntary compliance," large breaches and other privacy and security issues may now lead to a multitude of penalties or financial settlements. This Web conference will explore recent healthcare privacy enforcement trends, including:
⢠The increase in HIPAA financial settlements and what lessons can be learned from these resolutions;
⢠How states are using both HIPAA and state law to enforce health information privacy;
⢠The various types of federal and state agencies that are enforcing health information privacy, and
⢠What the future may hold, such as HIPAA audits and more aggressive enforcement of potential violations attributable to âwillful neglect.â
Speakers:
Adam Greene, Partner, Davis Wright Tremaine LLP
Christy Navarro, CIPP, Chief Privacy Administrator, Catholic Healthcare West
Abstract: Ms. Navarro is the Chief Privacy Administrator for CHW and
will share an overview and examples of tools that can be utilized
to navigate various state and federal laws for determining patient
privacy breach notification and reporting requirements. She will
discuss common types of reportable incidents including examples
and outcomes and review one organizationsâ practice with
determining detection dates and âpre-noticeâ efforts.
Abstract: It is important that privacy officials identify the use, transmission/storage of PHI, and that they proactively assess the means for protection of this information. One effective method is through the development of a privacy impact assessment. This session will use a privacy impact assessment template and a case study.
Participants will be provided with information on conducting a privacy impact assessment when planning for information system purchases and upgrades. The materials will include key components of the impact assessment. We will review a case study and provide a sample privacy impact assessment tool to the participants.
Abstract:
Gain insight on the sharing of health information beyond the implementation of Electronic Health Records, as well as ideas on how to systematically adjudicate potential breach situations.â¨
Abstract: Every 60 seconds, someone shares information via social media. Hos-pitals are no exception. In Social Networking and Privacy within Hos-pitals, you will examine the legal and compliance issues healthcare organizations face from social networking and the use of social media by their patients, visitors and personnel.
Join legal and compliance experts at this the half-day conference as they present vital information on the challenges and risks posed by social media platforms and how hospitals can minimize those risks.
Abstract: Many opportunities exist for organizations to create, hold and process protected health information (PHI) in the service of HIPAA-covered entities. Managing PHI comes with responsibilities, and in a competitive environment, best business practices will set your organization above the crowd during the bidding process. Join our panelists--including legal, operational and regulatory experts--to discuss best practices for creating compliant and responsible relationships between your organization and covered entities.