Convention Q&A: HIPAA Hunger Games
The 2017 AHIMA convention session, “HIPAA Hunger Games,” will take place Tuesday, October 10 in room 502B of the Los Angeles Convention Center. The Journal of AHIMA recently spoke with presenter Robert Brzezinski, MBA, CHPS, CISA, CISM, principal of Bizwit LLC in Columbus, OH, for a preview of his session.
What are you hoping members will take away from your session?
I hope attendees will take away a better understanding of how complex the healthcare business is, how many different domains are crossed, and how many different subject
matter experts are involved in what seems like simple scenarios or questions. I also hope attendees will take away some ideas about tools and approaches that can be used in solving HIPAA’s challenges. It’s important not to reinvent the wheel—there are tools and proven approaches that have been successfully used in other industries. Remember to adopt and adapt, not fall into the trap of needing to invent or build your own.
Can you tell me about the “Hunger Games” scenarios you will be incorporating as a tool for discussing privacy and security?
Each of the scenarios we will be discussing involves privacy and security aspects, as well as ideas for improving how we approach and solve these issues. When discussing privacy issues, we often focus on the legal or regulatory aspects, but security always comes into play when trying to operationalize and implement privacy solutions dealing with systems and applications. The same is true for solving security issues; we have to take privacy into consideration when granting access to systems, or collecting or aggregating data.
I hope that “Hunger Games tributes” will share their perspectives, concerns, and experience when discussing scenarios that will help us all see a broader perspective. During the session, I will be looking for four to six volunteer tributes that have a fair amount of exposure to privacy and security issues to share their experience, concerns, and opinions. For the purposes of this session, the only risk involved is a potential indulgence in Starbucks coffee.
What takeaways can attendees hope to learn from the problem-solving methodologies in your presentation?
I wanted to highlight some of the tools that I use and that are always helpful for me to present the problem, identify the issue, and resolve it. Visual tools work well for solving issues and simplifying and improving processes. For example, when you map the document/patient record flow (who has access to it, who makes changes, and who can view it) it becomes easier to identify who can steal this record and how. This mapping process helps us understand what type of protection we can put in place for prevention. You may also see unnecessary or duplicate steps that can be eliminated and that result in efficiencies.
How can attendees start incorporating the lessons from your session in their organization right away?
I love building basic mind maps or process flows with post-it notes because they can be easily moved, reorganized, and replaced on a table. Try this in your next meeting when discussing a problem or trying to understand a process flow. Use different colors and take a picture after a basic flow has been created. This can be used to transfer the flow or map to an application like Excel or Visio.
Finally, know your limitations and the value of time so you can start collaborating, trusting, and using other subject matter experts’ expertise. It’s important to avoid becoming another example of a Jack of All Trades turning into a Master of Disaster.