HIPAA - Oversight Committees

Warning!

It seems that JavaScript is not working in your browser. It could be because it is not supported, or that JavaScript is intentionally disabled. Some of the features on CT.gov will not function properly with out javascript enabled.

Settings Menu

Language
High Contrast
High Contrast Mode On or Off switch
Font Size
Disclaimer

HIPAA Notice of Privacy Practices
DMHAS HIPAA Initiative
HIPAA Oversight Committees

Steering Committee:

Charter, facilitate, coordinate and direct team and inter-team activities.
Link the project deliverables to the DMHAS Commissioner’s Executive Group and to the Attorney General’s Office.

Subcommittees:

Policy & Procedure

Develop statewide policies and procedures and/or addend them with HIPAA related compliance policies.
Finalizes policies for distribution to all facilities.
Reviews agency and program-level policies for compliance with regulations.

Business Operations

Goals include assessing transactions, code sets, identifiers, security rules, preparing inventories of payers, vendors and business associates.
Document who has or needs access to PHI (in conjunction with the Policy & Procedure Committee) and meet the Privacy “minimum necessary” rule.
Review stand-alone database issues and develops strategy to incorporate all stand-alone databases into agency MIS system.

Technical

Assess technical security requirements, identify the gaps and develop compliance recommendations.
Review stand-alone database issues and develops strategy to incorporate all stand-alone databases into agency MIS system.
In relating the security information to DMHAS, prepare a flowchart of how patient information is currently handled, and how it might flow after safeguards have been put in place. The flow chart can be used to prove “due-diligence."

Education

Develop, deliver, and document privacy and security education and training.