During your first session your Compliance Coach assigned you some audits to complete for this second meeting. For the beginning of this second session you will be shown how to place those completed External Audits back into The Guard. Several other topics will be discussed as well. Read below for further details.
Uploading External Audits Back to The Guard:
Amongst the tabs seen above the Dashboard, please hover over ‘Tracking,’ and click ‘Document(s) Version Control.’ You are now in The Guard’s ‘Document Repository.’
When you click any given folder to your left-hand side it will show green to indicate it is open. For purposes of uploading External Audits, please click the folder to your left-hand side titled ‘HIPAA Manual Audits’ so that it indicates it is open. Then you will want to click ‘Upload’ the bottom-left to bring up the yellow upload window. Next to ‘Local File’ you can click ‘Choose File’ to find where the document is on your computer. ‘Document Title’ and ‘Description’ would be the same as the title of the document being uploaded. The ‘Enactment Date’ would be the day the audit was completed and the ‘Review Date’ would be one year following. Leave the check box blank, since we do not want everyone reading this document. Finally, click ‘Upload Document’ to place the Audit into The Guard.
While within the ‘Document Repository’ it is worth mentioning that every member of your direct staff would need to sign a Confidentiality Agreement. Please upload the signed staff Confidentiality Agreements to the folder labeled ‘Confidentiality’ directly above the one titled ‘HIPAA Manual Audits.’
‘Choose File’ allows you to find where the document is on your computer. For ‘Document Title’ as well as ‘Description’ you would enter in the name of the employee whose agreement you are uploading to The Guard. The ‘Enactment Date’ is the date it was signed off on. The ‘Review Date’ can be set as far into the future as you like. Government just wants to see it is in place and the reviewing of the agreement is not terribly important. Leave the box un-checked, since you do not want this readable by all Users. Last, click ‘Upload Document’ and you will see the employee name show behind where the yellow window was, beneath ‘Document Name.’
If this folder is not present for you, you can click ‘New’ (next to ‘Upload’), enter ‘Confidentiality Agreements’ in the open field and click ‘Create Folder’ to add this folder within The Guard.
With that completed, you will now want to shift your concentration toward your Vendors. Before performing any work within The Guard it is important to understand the difference between a Business Associate and a ‘regular’ Vendor.
A Business Associate is any person or Organization that you pay money to and their job entails specifically dealing with P.H.I. They will directly handle protected health information as part of the reason for why you hired them. For these Individuals/Organizations you would want to make sure to have a Business Associate Agreement in place. The best examples of Business Associates are establishments such as a Clearinghouse, a Billing Service, a Collection Agency, Storage Companies, IT Services, EHR Platforms, Consultants, and Shredding Companies.
A ‘regular’ Vendor is a person or Organization (not a member of your direct staff) who may see P.H.I. by chance. This person/Organization is one who you pay money to for a specific task, but not to work directly with P.H.I. They may, however, see or hear P.H.I. indirectly. Examples or ‘regular’ Vendors are members of a Janitorial Staff, or a Copy Person. You will want each Individual who enters the Facility to sign a Confidentiality Agreement. Please keep in mind that this is different from Business Associate’s, whose Company would sign-off on the agreement.
Now that we have cleared the air somewhat about Vendors and Business Associates, let’s link that back to how that applies to The Guard and your compliance efforts.
First, you will want to create a unique profile for each of the Vendors who require an agreement be in place (for Business Associates be sure to put a pre-fix of BA ahead of their Organization name for the sake of keeping things neat and tidy). This will allow you to easily track your Vendors and make edits/modifications to their information in a streamlined manner. Beneath the ‘Accounts’ tab you will click ‘Vendors’ in the drop down (as seen above).
Now, look below ‘Vendor Details’ and populate all the information in the open fields, placing BA ahead of the name of any Organization who is a Business Associate of yours. If you want to place any notes into the system please feel free to utilize the ‘Notes’ tab and, when done, click ‘Create New Partner’ to save this Vendor’s unique profile.
Adding Users/Administrators into The Guard
Every member of your direct staff will need to log into The Guard at one point or another, despite what their job entails. It is so that they can attest to the policies, procedures and training we will build along with you. For that reason, you’d need to create a unique User ID for each member of the direct staff. It is extremely simple. First, please hover over ‘Administration’ and select ‘Users and Access Controls’ from the drop down that shows.
Once there you can add in a User by merely entering their Full Name, Full E-mail address, and a default password of password in all lower case. Users cannot launch The Guard but everything which they will need is accessible via the Main Screen which shows upon logging in. This default password can be changed upon first login (see below). When you click ‘Save Information’ after inputting the above information above this User ID is now active and working.
If this individual is someone who will also be assisting with the compliance work you may want to make them an Administrator, instead of a User of The Guard. Also extremely simple to set-up. You’d follow the same process as adding a User, except next to ‘Access Roles’ you would click off each of the options available to grant Administrator access to The Guard. If you are the Privacy or Security Officer for the facility please be sure to also check off the corresponding box next to ‘Job Roles.’
For your Third Meeting
Please be sure to upload all of the external audits (Excel spreadsheets) to the Document Repository.
Please ensure all Vendors have been given their own unique profile.
Please ensure all members of your direct staff have signed off on Confidentiality Agreements.
Please be sure to provide all members of the direct staff with unique User ID’s, as explained above.
Please be sure to also send out all necessary agreements in the mail.
Should you receive back any Vendor agreements, please hold onto them until the next lesson so we may show you how to place these back into The Guard.