NAAC Announces HIPAA Compliance Program for Ambulance Privacy Officers

NAAC – The National Academy of Ambulance Compliance – has announced that it will be launching the nation’s first Certified Ambulance Privacy Officer (CAPO) program to help ambulance professionals conform with the Health Insurance Portability and Accessibility Act of 1996 (HIPAA) and its subsequent amendments.

“The Certified Ambulance Privacy Officer program is a ground-breaking opportunity for an industry that often struggles with the difficult challenges that HIPAA presents,” according to National EMS attorney, Steve Wirth; one of the developers of the compliance program.

The healthcare industry has been hit with a number of high profile breaches in recent years and millions of individuals have had their protected health information exposed. The industry faces an increased threat of targeted attacks by cybercriminals looking to steal data to commit identify and medical fraud and the penalties for HIPAA violations as considerable.

The OCR has been enforcing HIPAA more aggressively since the introduction of the HITECH Act and substantial financial penalties are being issued for non compliance issues. National EMS attorney Doug Wolfberg was also involved in the development of the course. He has seen the financial penalties increase, which for some healthcare organizations have been of the order of several million dollars. According to Wolfberg, “The CAPO course hones in on the risk areas identified by OCR and gives ambulance professionals real solutions to plug compliance gaps we consistently see at EMS agencies.”

The certification program involves two days of classroom instruction by HIPAA professionals and EMS attorneys. In addition to classroom instruction there are a number of workshops where real life scenarios are played out to test knowledge of HIPPA issues and how to deal with them in practice.

Certified Ambulance Privacy Officers are instructed how to conduct a thorough risk analysis of all systems; assess the physical environment and satisfy the administrative requirements remanded by HIPAA. Compliance is an ongoing issue and privacy officers will be instructed how to develop policies and procedures to match the changing needs of the organization.

Training will be provided in key areas of compliance with the Privacy and Security Rules, Breach notification rules, protecting electronic health data, communicating with other healthcare professionals, the use of social media, working with business associates and the correct response to patient requests for their Protected Health Information.

The CAPO course requires all students to pass an examination at the end of the course to obtain certification, and Continuing Education hours must be obtained each year to maintain certification. The first program is taking place at the Embassy Suites Philadelphia–Airport Hotel on March 10-11, 2015

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.