TJC,Information,Management,Rea computer TJC Information Management Readiness Standards What You Ne
----------------------------------------------------------Permission is granted for the below article to forward,reprint, distribute, use for ezine, newsletter, website,offer as free bonus or part of a product for sale as longas no changes a Gone are those times when the companies and the organisations didn't need a hi-tech system to handle them. Owing to the considerable increase in the business sector and thus, an enormous increase in the complexity of the organisational struc
The Joint Commission has updated and expanded its informationmanagement accreditation readiness standards for hospitals and relatedorganizations. New readiness standards for information management andtechnology risk management are requiring hospitals to rethink how theywill protect and secure sensitive information, audit, and improvecontinuity of operations and disaster recovery planning.The Joint Commission evaluates the quality and safety of care formore than 15,000 healthcare organizations. To maintain and earnaccreditation, organizations must have an extensive on-site review by ateam of Joint Commission healthcare professionals, at least once everythree years. The purpose of the review is to evaluate theorganizations performance in areas that affect care. Accreditation maythen be awarded based on how well the organizations met JointCommission standards.Hospitals who have not met the challenge of enabling compliance withthese newly enhanced standards risk the loss of reimbursements fromMedicare and increased liability of insurance costs.A healthcare organizations IT infrastructure is at the foundationof delivering quality care. TJC recognizes this in the enhancedinformation management (IM) readiness standards. Among numerous othertopics, TJC specifically addresses three key areas of IT riskmanagement in the new IM standards. These include:Patient record securitySystem security from intrusion and data tamperingContinuity of operations and disaster recovery capabilitiesNow lets take a closer look at these three TJC IM Readiness Standards.Plan for Continuity of IM Processes (IM.01.01.03)The hospital must have a written plan for managing interruptions toits information processes (paper-based, electronic, or a mix ofpaper-based and electronic). The hospitals plan for managinginterruptions to information processes must address the following:Plan for scheduled and unscheduled interruptions of electronic information systemsProvide training for staff and licensed independent practitionerson alternate procedures to follow when electronic information systemsare unavailableHave a back-up of electronic information systemsPlan for managing interruptions to information processes is testedfor effectiveness according to time frames defined by the hospitalImplement its plan for managing interruptions to information processes to maintain access to information needed for patient careProtect Privacy of Health Information (IM.02.01.01)Use health information only for purposes as required by law and regulation or further limited by its policy on privacyDisclose health information only by authorization from the patient or as otherwise consistent with law and regulationMonitor compliance with its policy on the privacy of health informationMaintain Security & Integrity of Health Information (IM.02.01.03)Protect against unauthorized access, use, and disclosure of health informationProtect health information against loss, damage, unauthorized alteration, unintentional change, and accidental destructionControl the intentional destruction of health informationMonitor compliance with its policies regarding the security and integrity of health informationTJCs move to enhance its information management readiness standardsis consistent with the growing number of ID theft incidents andregulatory pressures from many government and private sources. Atypical hospital, for example, is subject to HIPAA regulations, PCIcompliance (credit card), and often Sarbanes Oxley.Common among these regulations and other information security bestpractice standards is the need to protect all patient, credit card andother confidential data from intrusion, tampering, and theft at alltimes.
TJC,Information,Management,Rea