Orange County NC Website
5 <br /> INITIAL PROPOSED HIPAA COMPLIANCE SCHEDULE <br /> Action Dates <br /> Health department as beta tester for state assessment flow May 2002 <br /> instrument <br /> Health department designated Privacy and Security Officers for the June 2002 <br /> department to participate in statewide training <br /> Formation of"HIPPA Workgroup"—to conduct an initial study of August 2002 <br /> HIPAA as it applies to Orange County. <br /> Identifying the "Covered Entity" -- Orange County Board of County September 17, 2002 <br /> Commissioners decides whether the County will be treated as a <br /> Hybrid Entity. <br /> The "Covered Entity" files an Electronic Date Interchange Must be filed prior to <br /> Compliance Plan to request that the deadline for the County to October 16, 2002 <br /> comply with HIPAA's new standard medical and billing code sets be <br /> postponed to October 2003. <br /> Designating a "compliance officer(s)" and/or"privacy officer(s)" and <br /> appointment of a HIPAA Compliance Committee as may be <br /> required by the privacy rules. <br /> Baselining the Agency— Identify protected health care information <br /> maintained by County Departments and the flow of such <br /> information, within the agency, between agency, and outside <br /> associates <br /> Gap Analysis — Compare HIPAA privacy requirements with all Deadline, April 2003. <br /> existing health care information privacy laws; compare HIPAA <br /> privacy requirements with existing privacy-related policies, <br /> procedures, practices and forms. Identify new policies required and <br /> obsolete policies to assure complete compliance with HIPAA and <br /> any more stringent state laws. <br /> Develop a work plan and budget to achieve HIPAA compliance. <br /> Implementation — Conduct HIPAA awareness training for the <br /> effected County Departments as required; create new policies and <br /> forms identified through the Gap Analysis; implement new policies. <br /> Maintaining Compliance — Develop and implement ongoing training <br /> program for new and existing employees, an internal audit program Ongoing <br /> to ensure ongoing HIPAA compliance. <br />