Do You Need a New PIA When You Open a New Location?

Posted on August 30, 2016 by Jean Eaton in Blog

Congratulations! You are expanding to a new location!

Do you have a PIA for that?

When a physician or another healthcare provider opens another location and both locations are remarkably similar – same employer, same ownership, same EMR and backup practices, etc. – then you may need to only update or amend your original Privacy Impact Assessment.

My recommendation is to review the ‘Clinic Description’ of the initial Privacy Impact Assessment and edit and update all changes.

This will help you to determine if they need a new Privacy Impact Assessment for the new location. If you have a lot of updates – you might need to prepare a Privacy Impact Assessment Amendment and include the information about your new location.

If there are no significant changes, then it may be sufficient to update the clinic description for both clinics, add the additional description of the new clinic and send a Privacy Impact Assessment Amendment to the OIPC. This can often be a letter with an attachment of the updated clinic description.

Most clinics have had, at least, a change in staffing, physicians, and privacy officers.

Has the legislation changed?

Don't forget to consider when the original Privacy Impact Assessment was completed. If it was prior to 2014 then you will need to update your policies and procedures including the amendments to Alberta's Health Information Act and Alberta Electronic Health Records Regulations.

For more information about PIA's see our introductory video.

amendment, Health Information Act, PIA, Privacy Impact Assessment

Are You a Vendor That Supports Healthcare Practices?

Posted on January 14, 2016 by Jean Eaton in Blog

New healthcare business needs IT solutions and asking if you have a PIA

(what will you do about it?)

Healthcare practices throughout Canada and the US need IT services and have money to buy new hardware, software and service contracts. They also need a Privacy Impact Assessment (PIA) and want to work with a vendor who is PIA prepared.

Vendors are required to comply with the healthcare providers ‘PIA's and their privacy, confidentiality, and security best practices.

“A PIA should be as commonplace to a healthcare practice as a business plan is to a business.”

-Jean L. Eaton, Your Practical Privacy Coach

BUT most healthcare practices don't know this and often don't know that a PIA is usually part of their professional college requirements and often even a legislated requirement! Developing a PIA and the supporting policies and procedures will help a healthcare practice to prevent gross errors, omissions or attacks that could result in fines and even jail time for the business, healthcare provider, employee, or vendor. A vendor that supports healthcare practices must:

Understand the PIA process and the healthcare customer needs
Understand the requirements of legislation (for example, Health Information Act Regulations, Electronic Health Records Regulations, HIPAA, etc.) that the clinic must follow, it includes technical safeguards to protect privacy and confidentiality and security of patients' health information.
Makes sure that vendor's business practices meet privacy and safety legislation. This is an excellent opportunity for the seller to lead by example and demonstrate how to implement and follow best practices. This includes:
Having a named Privacy Officer
Implementing an internal privacy and security incident management program
Implementing a privacy awareness program for all of your employees
Providing an Information Management Agreement (IMA) or Business Agreement (BA) to the healthcare provider that meets regulations.

Not every healthcare practice knows all of the technical, physical, and administrative safeguards that should be in place to prevent the risks of unauthorized access, use, or disclosure of sensitive health information. A vendor that understands the requirements can make better recommendations for the healthcare practice. In fact, the experienced vendor can:

Create a premium value-added service to guide all new clinics with step by step instructions about the regulations and requirements of the service and
Profile how the vendor can best support the healthcare practice
Create more sales and help more customers by providing the services they need (even if they don't know it, yet!).
Coach the healthcare practice early in the sales process about how the vendor's services can support the healthcare practice. This results in less work and headache for both the practice and the provider.

Do you want to become the preferred vendor in this large customer niche?

You need to learn what the healthcare business needs to successfully complete their Privacy Impact Assessment. Then you can develop branded PIA Readiness Plan for your business that you can give to the healthcare provider to support them to create their PIA.

Have you seen this?

IT vendor Privacy Impact Assessment Readiness Plan

Brought to you by Jean L. Eaton, Your Practical Privacy Coach

Join Privacy Nuggets and get some more tips, tools, and templates that you can use right away to improve your privacy management program.

BA, health care, healthcare, IMA, IT vendor, PIA, Practical Privacy Coach, Privacy Impact Assessment, Privacy Impact Assessment Readiness Plan, vendor

IT Vendor Privacy Impact Assessment Readiness Plan

Posted on January 9, 2016 by Jean Eaton in Blog, Vendor

New healthcare business needs IT solution asks if you have a PIA (what are you going to do about it?)

Healthcare practices throughout Canada and US need IT services and have money to buy new hardware and service contracts. They also need a Privacy Impact Assessment and want to work with a vendor who is PIA prepared.

You don’t want to lose that sale, do you?

Learn what the healthcare business needs to successfully complete their Privacy Impact Assessment. Develop your own responses and move to the top of their preferred vendors list.

I have developed an on-line interactive course to help you learn everything you need in order to create, review, or amend your own Privacy Impact Assessment Readiness plan. The E-course, Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments – A Complete Step-by-Step Course includes 5 modules each with a weekly live webinar, as well as templates, tools,resources and one common case study to build on each week.

Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments – A Complete Step-by-Step Course will help you

Understand the Privacy Impact Assessment process and the healthcare client needs
Organize your business marketing to meet the healthcare clients requirements
Be informed
Be proactive
Improve your internal business documentation
Be efficient and reduce the administration delays between procurement and installation
Create a branded Privacy Impact Assessment Readiness plan to give to that caller and get the sale.

Let the Practical Privacy Coach help you!

Video by Trish Findlay – explaindiowhiz on Fiverr

If you are a vendor that supports healthcare practices this e-course is for you!

BONUS! One hour tele-consult with Jean, “Create a branded Privacy Impact Assessment Readiness Package”. Jean will work individually with you to review your documentation and coach you on how to prepare the package to give to healthcare practices.

BONUS! Vendor PIA live webinar includes Vendor non-disclosure agreement, Information Manager Agreement, GAP Analysis, Computer Network Narrative templates.

The modules include:

Module 1:

What is a PIA?

Tuesday, January 12, 2016

9 - 10 am MST

Module 2:

What is an Information Flow?

Tuesday, January 19, 2016

9 - 10 am MST

Module 3:

What is a Risk Analysis?

Tuesday, January 26, 2016

9 - 10 am MST

Module 4:

Pull it together into PIA format

Tuesday, February 2, 2016

9 - 10 am MST

Module 5:

Complete your PIA Submission

Tuesday, February 9, 2016

9 - 10 am MST

BONUS Module 6:

Vendor PIA

Tuesday, February 16, 2016

9 - 10 am MST

The replays, tools, and resources will be available to you for (almost) forever! If you miss a live webinar, or you will be away for some time during the course, you can catch up with the replays. The resources are yours to keep.

BONUS Three (3) open office drop-in group calls with Jean to help you get un-stuck with your PIA.

If you a vendor that supports healthcare practices this e-course is for you

BONUS One (1) hour tele-consult with Jean, “Create a branded Privacy Impact Assessment Readiness Package”. Jean will work individually with you to review your documentation and coach you on how to prepare the package to give to healthcare practices.

BONUS Vendor PIA live webinar includes Vendor non-disclosure agreement, Information Manager Agreement, GAP Analysis, Computer Network Narrative templates.

If you provide services for any of these healthcare providers, they probably require a PIA and they require their vendors to support their PIA and privacy, confidentiality, and security best practices. This is for you if you are a vendor that supports a healthcare provider in a group or solo practice with direct patient care, for example a:

Physician
Pharmacist
Registered nurse
Optometrist or optician
Chiropractor
Physiotherapist
Midwife
Podiatrist
Dentist, dental hygienist or denturist
Audiologist
Mental health practicitioner
Laboratory, x-ray, and imaging technician
Paramedic

Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments –

A Complete Step-by-Step Course

5 live webinars, replays, templates tools, and resources

$450.00 (plus GST)

You will get

Learning Resource Guide for EACH module – how-to explanations, templates, and resource lists
Checklists to help you plan your PIA
MindMap of the entire PIA process
PIA project plan timeline templates
Checklists of personal and health information privacy and security policies that you need in your practice
Two sample case studies – one for a new PIA project and one for a PIA amendment – that we will use in each module. The case study is easy to understand by everyone. Use this approach for your PIA project.
Explanation and real-life examples of key terms that you need to know and include in your PIA
Strategies and templates of risk management assessments that you can customize
This E-course might qualify for CPE credits, too!

BONUS! Three (3) open office drop-in group calls with Jean to help you get un-stuck with your PIA.

BONUS! Checklist to update your PIA to meet recent changes to Alberta's Netcare Portal.

BONUS! Invitation to join a private LinkedIn Group with other registered participants of this course to network and support each other on your PIA journey and continue to help you after this course closes.

If you hired a consultant to do the work of the PIA process for you it may cost you as much as $2,000!

And then…when the consultant is done, they take their knowledge out the door with them.

Invest only $450 in this course and you'll have what you need to do your first PIA project today…and every project in the future!

Not sure if this is right for you?

How to Plan a PIA for Your Healthcare Practice – Practice Management Nugget webinar recorded live on December 3, 2015

Watch the replay here!

Watch the Preview of the E-Course, Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments.

Preview the E-Course here!

In this preview, Jean will tell you:

3 Biggest Myths about PIA's (and why they are not true)
Questions Privacy Officers, Clinic Managers, Practice Managers Should ask about PIA's but don't
Biggest fears about doing a PIA

Jean will share with you the Solution: Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments – A Complete Step-by-Step Course.

You will learn:

5 Modules of the E-course
What you get with the course
Why you should buy the course now

Complimentary access to the on-line course Privacy Awareness in Healthcare: Essentials $25 value

from our partner, Corridor Interactive when you purchase the E-course. One user subscription with access to the course for 3-months. Start this training now – a valuable introduction to Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments – A Complete Step-by-Step Course.

– Jean, Your Practical Privacy Coach

business associate agreement, GAP Analysis, information management agreement, PIA, Privacy Impact Assessment, vendor non-disclosure agreement

Prevent Big Fines (or Worse!) for Your Healthcare Practice; Learn How to Plan a Privacy Impact Assessment

Posted on November 18, 2015 by Jean Eaton in PMN Replay, Practice Management Nugget Interview

Join us for the free webinar,

How to Plan a Privacy Impact Assessment for Your Healthcare Practice

A PIA should be as common place to a healthcare practice as a business plan is to a business. BUT most healthcare practices don't know this and often don't know that a PIA is usually part of their professional college requirements and often even a legislated requirement! Prevent malicious errors, omissions or attacks that could result in fines and even jail time for the business, healthcare provider, employee, or vendor by completing a PIA.

You need a Privacy Impact Assessment when:

You are opening a new clinic or establishing a new health services program.
You are changing administrative procedures or technology equipment, services, or vendors
You are changing how you collect and use personal information,
You are implementing or changing an Electronic Medical Records (EMR)
You are sharing health information with another healthcare provider, organization, Primary Care Network or other health program.
You have a Privacy Impact Assessment that was written more than 2 years ago? (It is time to review and update this!)

Doing a Privacy Impact Assessment for your practice is easy – once you figure it out. I have helped hundreds of clients complete their Privacy Impact Assessment and visited hundreds of practices across Alberta. I've figured it out . . . so you don't have to! Now I’m going to share with you what you need to know to plan your PIA.

Jean L. Eaton, the Practical Privacy Coach, will give you an overview of the Privacy Impact Assessment process, including:

What is a PIA
When do you need a PIA
How to plan a PIA

You will get

Learning Resource Guide
Checklists to help you plan your PIA

This is for you if you are a healthcare provider, practice manager, or vendor that supports a healthcare provider in a group or solo practice with direct patient care, for example a:

Physician
Pharmacist
Registered nurse
Optometrist or optician
Chiropractor
Physiotherapist
Midwife
Podiatrist
Dentist, dental hygienist or denturist
Audiologist
Mental health practicitioner
Laboratory, x-ray, and imaging technician
Paramedic

In this FREE 30-minute Practice Management Nugget Webinar Jean will answer your questions about planning a PIA for your healthcare practice. I have a Special BONUS Gift for those who show up live – Don't miss out and register today!

Planning a PIA for your healthcare practice is easy when you have tools, resources and the Practical Privacy Coach and Practice Management Mentor to help you.

Recorded Live Thursday, December 3, 2015

Watch the replay here.

Learning Guide How to Plan a PIA Information Managers

Health Information Act, healthcare, PIA, Practical Privacy Coach, Practice Management Mentor, Privacy Impact Assessment

Privacy Impact Assessments for Chiropractors – We can Help!

Posted on December 11, 2013 by Jean Eaton in Blog

Chiropractors are now named custodians under the Health Information Act (HIA). Your office will be expected to submit a Privacy Impact Assessment (PIA) to the Office of Information and Privacy Commissioner. Are you finding the PIA process overwhelming? Does your office have the time and resources to prepare your PIA submission? We can help! Check out our article What is a Privacy Impact Assessment?

chiropractors, chiropractors HIA, custodians, physicians, PIA, Privacy Impact Assessment, What is a PIA?

1 2 3