HR Update; December 19, 2008
Subscribe to HR Update with RSS
In this Edition
- New California Medical Privacy Laws Create Personal Liability of up to $250,000 per Violation
- Fingerprinting Now Required for Individuals with Unescorted Access to Certain Radioactive Materials
- Resolve to Improve Job Performance in the New Year
- UC Retirement Savings Programs & Upcoming Workshops
- UCSF Farmers Market Holiday Closure
New California Medical Privacy Laws Create Personal Liability of up to $250,000 per Violation
In response to recent privacy violations in California involving medical records, the Governor signed two new laws to protect patient privacy, AB 211 and SB 541, effective January 1, 2009. These two laws work together in making health care providers -- that is, both hospitals and individual health care professionals, as well as University staff -- accountable for maintaining the confidentiality of patient medical information. Individuals will face fines and penalties, for which they will be personally responsible, criminal sanctions, as well as disciplinary action by licensing boards for unauthorized access/disclosure of medical information. In addition, hospitals will incur fines for failure to prevent or report unauthorized access/disclosure of medical information. The table below highlights each law.
The new laws define unauthorized access such as:
"The inappropriate review or viewing of patient medical information without a direct need for diagnosis, treatment, or other lawful use as permitted by the California Medical Information Act."
Both the University of California and UCSF have existing privacy policies that are consistent with these new laws. Current privacy policies provide that unauthorized access, use, disclosure and viewing of medical information are unlawful and subject to sanctions and disciplinary actions up to and including termination of employment.
If you access Protected Health Information (PHI) or Personally Identifiable Information (PII), you are personally responsible for ensuring the confidentiality, privacy, and security of the data entrusted to you, and you could be personally subject to statutory fines and penalties for failure to comply. You are expected to:
- Access, use, disclose only the minimum necessary amount of information
- Use safeguards to protect verbal, written, electronic health information including encryption software
- The “Secure” e-mail system must be used if ePHI is in the e-mail message
- Dispose of health information appropriately De-identify information whenever possible
- Protect your password(s), do not share passwords, log off promptly and use computing device security
Going forward, UCSF will enhance encryption activities on the campus; enhance controls on clinical systems; and implement more robust monitoring and surveillance of electronic records to detect for unauthorized access.
For questions concerning privacy or data security, call any of the following:
- UCSF Chief Privacy Officer: 415-353-2750
- UCSF Medical Center, Information Security Officer: 415-353-3539
- UCSF Information Security Officer: 415-502-1593
Highlights of the New Medical Privacy Laws Effective January 1, 2009
| AB 211 | SB 541 | ||
| Key Requirements | Mandates the confidentiality of medical information. Requires implementation of appropriate administrative, technical and physical safeguards to protect the privacy of a patient’s medical information, and implementation of reasonable safeguards to prevent unauthorized access, use, or disclosure. |
Mandates prevention of unlawful or unauthorized access to or use or disclosure of patient medical information. Reporting obligations: Providers must report incidents of unlawful access, use, or disclosure of a patient’s medical information within 5 days of detection of the breach to CDPH and the affected patient(s)/ legal representative. |
|
| Authorizes | Fines and civil penalties against any individual that negligently discloses or knowingly and willfully obtains, discloses, or uses medical information in violation of state / federal laws. |
Fines to the institution for failure to prevent or report for unauthorized access, use, disclosure of medical information. | |
| Oversight Agency | Calif. Office of Health Information Integrity (Cal-OHII) |
Calif. Department of Public Health (CDPH) | |
| Fines & Penalties; Civil/Criminal Actions | Individual Fines/ Penalties: $2,500 - $25,000 per violation $250,000 – maximum penalty per violation Misdemeanor if patient suffers economic loss or personal injury Potential for civil action by patient with statutory damages ($1000) in addition to actual damages Cal-OHI may notify licensing board for further investigation/ discipline of individual providers. |
Institutional Fines for failure to prevent or report: $25,000 – initial violation (per patient) $17,500 – subsequent occurrence $250,000 – maximum penalty $100 per day for late reporting |
|
Refer to the State’s websites to review the new privacy laws: AB-211 and SB-541
For more information, visit http://hipaa.ucsf.edu
Fingerprinting Now Required for Individuals with Unescorted Access to Certain Radioactive Materials
The United States Nuclear Regulatory Commission (USNRC) and the State of California have implemented new requirements for background checks for individuals who have unescorted access to certain radioactive materials. Specifically, it will now be required to submit an individual’s fingerprints to access his/her criminal history records.
As a licensee of the state authorized to possess radioactive material in quantities of concern, the University must comply with the new order. Absent a successful background check, a position may continue to have access to certain radioactive materials, but that access may not be unescorted. In an effort to comply with the regulations, UCSF's critical position guidelines have been updated. Environmental Health and Safety has identified all current employees with unescorted access to certain radioactive materials and fingerprints have been submitted. Effective immediately, for all new hires or employees that assume these critical responsibilities, contact the Environmental Health and Safety department at 476-1300 to ensure that individuals are fingerprinted in accordance with these requirements.
Resolve to Improve Job Performance in the New Year
How comfortable are you in exercising your management authority when challenged by an employee’s non-compliance or insubordination? Is someone on your staff struggling with basic grammar, punctuation and sentence construction? In January, Development and Training offers courses that directly address these issues.
Empowering the Supervisor: Jan. 14, 8:30 a.m. – 10:30 a.m., $35
Write Right! Baseline Business Writing Skills: Jan. 20, 8:30 a.m. – 4:30 p.m., $35
See Below for a Full List of January Courses
Simply click the course names below to learn more and to register for January training. Please share this article with coworkers and those you supervise. View a complete listing of all Development and Training classes.
Career & Self Development
Administrative Support Essentials: Jan 28, 8:30 a.m. – 12:30 p.m., $35
Business and Administrative Processes
OLPPS WebLinks – Payroll Personnel Reporting: Jan 12, 9:00 a.m. – 12:30 p.m., $0
Cash Deposit Basics: Jan 15, 8:30 – 11:30 a.m., $35
General Ledger / Fund Accounting using OLFS Weblinks – Part I: Jan 6, 8:30 a.m. – 12:00 p.m., $35
General Ledger / Fund Accounting using OLFS Weblinks - Part II: Jan 15, 8:30 a.m. – 12:00 noon, $35
Communications
Write Right! Baseline Business Writing Skills: Jan. 20, 8:30 a.m. – 4:30 p.m., $35
Management & Leadership
Empowering the Supervisor: Jan 14, 8:30 a.m. – 10:30 a.m., $35
Working with Integrity: Ethics for the UCSF Community: Jan 15, 1:00 – 3:00 p.m., $35
Research Administration
PAM of EMF - Award Closeouts and FSRs: Jan 9, 8:30 a.m. – 12:00 noon, $35
Pam of EMF – Advanced OLFS WebLinks for Sponsored Projects: Jan 9, 8:30 a.m. – 12:00 noon, $35
Technical Support Partnership
Information Security Fundamentals: Jan 14, 1:30 – 3:30 p.m., $0
Computer Training eLearning (Live on Line)
Managing & Organizing Your Inbox in Outlook (Live on Line): Jan 13, 9:30 a.m. – 11:00 a.m., $49
Total Organization (Live on Line): Jan 27, 9:30 – 11:00 a.m.
Computer Training – Downtown San Francisco
Development & Training offers a full range of computer training (Microsoft, Adobe, Web, and programming) in downtown San Francisco at the office of our computer training provider, AcademyX. To learn more, visit Class Catalog and Enrollments. Then use Search Class Catalog to find a course topic or click the big green button, Choose Classes, and Enroll Online.
UC Retirement Savings Programs & Upcoming Workshops
Maximum Annual Contribution limits increase for 2009:
- 457(b) Deferred Compensation Plan: $16,500 (or $22,000 if age 50 (or older) during plan year 2009)
- 403(b) Tax-deferred Savings Plan: $16,500 (or $22,000 if age 50 (or older) during plan year 2009)
- These limits are independent of one other
- Review your 457(b) and/or 403(b) monthly contribution amounts and submit enrollments/changes at any time—plan rules and Payroll deadlines apply. Log in online (24/7) at Fidelity (netbenefits.fidelity.com) or call 1.866.682.7787 to enroll or submit your changes. To attend a Retirement Readiness Workshop, refer to these schedules on the UCSF HR/Benefits website
- 2009 tax rates: Paid by both employer and employee
- OASDI*: 6.2% on wages up to $106,800—OASDI wage base
- *Old Age, Survivor & Disability Insurance
- Medicare: 1.45% on all wages
Keep Retirement Readiness on Your Radar
Are your ducks all in a row? Start to plan now—it’s never too early. Happy holidays—more workshops to come in 2009 so stay tuned!
Please pass this on to your colleagues, circulate invitations, post the actual scheduled workshops happening near your location, or otherwise re-broadcast these weekly reminders about our valuable (free) education programs for faculty and staff. Bring your lunch, your questions, your spouse/partner ...
- UC Retirement Plan (UCRP) -- UC's Defined Benefit Plan
- "The Features of UCRP"
- Stay tuned -- click the "these schedules" link in 2009
- Refer to these schedules for details and future workshops
- The Future of UCRP
- UC Retirement Savings Plans -- the 403(b), 457(b), and DC Plans
- "Enrolling in Your UC Retirement Savings Program"
- Stay tuned -- click the "these schedules" link in 2009
- "Determining Your Investment Strategy"
- Stay tuned -- click the "these schedules" link in 2009
- "Achieving a Sound Retirement"
- Stay tuned -- click the "these schedules" link in 2009
- "Understand the How-tos of Fidelity’s NetBenefits Website"
- Stay tuned -- click the "these schedules" link in 2009
- Refer to these schedules for details and future workshops
- Arrange to have these workshops at a meeting in your department
- Focus on Your Future!
Usually there can be at least one (or more) workshop(s) per week scheduled at various UCSF locations around town. For more details and listings for upcoming scheduled presentations, please refer to our Workshops and Presentations Schedules menus found at our local UCSF HR/Benefits website.
UCSF Farmers Market Holiday Closure
The UCSF Farmers Market will be closed from Wednesday, December 24 through Wednesday, January 7 and will reopen on Wednesday, January 14.
The market brings healthy, seasonal, and convenient food options to the UCSF community. Help support local farmers along with UCSF’s mission of promoting health worldwide. The weekly market is held every Wednesday from 10 a.m. – 3 p.m. in the ACC Breezeway between Millberry Union and the Ambulatory Care Center on the Parnassus Campus.
############################################
HR Update is distributed weekly to individuals on the following listservs: Campus Administrators, Managers and Supervisors, HR Policy, Payroll Administrators and Benefits Representatives.
You can also sign up for the HR Update Mailing List
For more information, including on how to be removed from this list, please read more about UCSF Distribution Lists