Compliance Program Implementation and Ethical Decision Making

Compliance Program Implementation and Ethical Decision Making

Instructions

In this assessment, you are assuming the role of an early careerist in risk management and quality improvement at

one of Vila Health’s community-based hospitals. Vila Health is a medium-sized system of health operating facilities in

Minnesota and Wisconsin. You are working on a team-based initiative under the supervision of the Vila Health Chief

Compliance Officer. Your role is to assist in addressing a specific compliance risk regarding a breach of privacy and

potential HIPAA violation. A Vila Health employee has disclosed—without prior written authorization—a patient’s

protected personal health information.

Here is the information the team has collected about the privacy breach and potential HIPAA violation to date. A

Vila Health supervisor instructed an employee to obtain pre-authorization for an upcoming surgical procedure for a

patient. The Vila Health employee submitted confidential, protected health care information about the patient to

the insurance company. The Member Services Representative at the insurance company contacted the Vila Health

supervisor. The insurance company representative indicated that further discussion of the matter without prior

written consent from the patient is prohibited.

As part of the team exploring the privacy breach, you will prepare a workplace brief with authoritative, evidencebased

references to support your work.

Preparation

You are already familiar with HIPAA but may want to conduct independent research to enhance your

knowledge. Consult this resource for additional guidance on how to conduct research using credible sources: Health

Care Administration Undergraduate Library Research Guide.

Instructions

This is a workplace brief rather than an academic paper. Download the Compliance Program Implementation and

Ethical Decision-Making Template [DOCX]. Be sure to address all of the following in your brief:

Background

Include a short paragraph of no more than five or six sentences describing the known details about the privacy

breach and HIPAA violation.

Privacy Breach—HIPAA Violation

Summarize the relevant health care compliance concepts that apply to this privacy breach and HIPAA violation. Be

sure to consider the following:

Federal, state, and local laws and associated regulations.

Disclosure.

Human resource concepts and law(s).

Seven Essential Elements of an Effective Compliance Program

Apply to this HIPAA breach the seven essential components of an effective health care compliance program, as

determined within the Federal Register.

Privacy Breach Consequences

Provide a synopsis of the consequences for an individual leader and for other internal health care organization

stakeholders for not taking immediate actions to address a privacy breach. At a minimum, be sure to consider all of

the following in your synopsis:

Patient safety.

Financial losses.

Individual and organizational violations of the law.

Evidence-Based Recommendations

Construct evidence-based recommendations to resolve the HIPAA-related privacy breach. You may also want to

include relevant information related to:

Human resource laws.

Professional codes of ethical conduct and standards.

Previous case precedents.

Current alleged health care legal violations.

For help in identifying appropriate evidence-based recommendations, you may want to visit some of the

authoritative sources, such as the DOJ/OIG, CMS/HHS, et cetera, listed under the suggested resources for this

assessment.

Ethical Decision-Making Framework for Health Care Leaders

Describe an ethical decision making framework as one of your concluding recommendations. Tip: You may want to

use the ACHE’s ethical decision-making framework:

Nelson, W. (2015). Making ethical decisions. Healthcare Executive, 46–48. Retrieved

Conclusion

Write a paragraph that summarizes the following:

Key concepts.

Importance of compliance.

Best practices to monitor for future quality improvements.

Short list of resources.

Note: Be sure to include all appropriate citations.

Additional Requirements

Written communication: Use the Compliance Program Implementation and Ethical Decision-

Making Template linked above. Your workplace brief needs to be clear, concise, well-organized, and generally

free of errors in grammar, punctuation, and spelling. The title page, citations, and references need to be in

current APA format.

Length: Approximately 8–10 typed, double-spaced content pages in Times New Roman, 12-point font,

including the reference page.