Informatics-Review HIPAA Survey

HIPAALERT NEXT STEPS SURVEY -- JUNE, 2000

IMPORTANT! READ THESE SURVEY DIRECTIONS:

1. TO COMPLETE & RETURN BY E-MAIL -- Copy this HIPAAlert message
and paste into your email program. Type our address,
info@hipaalert.com, into the "TO: address box" on the e-mail you're
forwarding to us. Complete the questions in the questionnaire.
Then, send in your response.

2. TO COMPLETE & RETURN BY FAX -- Print the questionnaire, and
complete it by hand. FAX it to NEXT STEPS SURVEY at 301 869-0788.

If you have problems, either E-mail us at info@hipaalert.com, or
call HIPAAlert's staff at 301 869-7300.

3. REMEMBER: DEADLINE FOR SUBMISSION is Monday, June 19 !!!

QUESTIONNAIRE

Baseline demographic questions - gives us all a perspective of
who participated. (We will be including these in all surveys.)

1. Are you employed with...

    Hospital of 400+ beds: ___ Hospital of - 400 beds: ___
    Physician Practice: ___ Other Provider: ___ Payer: ___
    Clearinghouse: ___ Vendor: ___ Consulting Firm: ___
    Pharmaceutical Co:___ Other: __________________________

2. What title best describes your position?

    Senior Mgmt: ___ CIO: ___ Other Dept Mgr: ___ Analyst: ___
    Consultant: ___ Sales: ___ Compliance/Security: ___ Other: ____

3. Do you hold an official role in your organization for HIPAA
    compliance? Yes: _____ No: _____

3a. If yes, what is your role? ________________________

3c. To which senior executive do you report?
    CEO ___
    COO ___
    CIO ___
    CFO ___
    Other ___

------------------------

NEXT STEPS

4. Looking back over the last six months since the start of 2000
    and the First Steps Survey (2/2000), how has your organization
    progressed in your HIPAA preparations?

     Ahead of schedule (more than 2 months) ____
    Slightly ahead of schedule (more than 1 month) ____
    On track, or less than 1 month off ____
    Slightly behind schedule (more than 1 month)____
    Behind schedule (more than 2 months) ____
    Have no formal HIPAA compliance strategy ____

6. What overall HIPAA compliance strategic actions has your
    organization chosen?

-- Already selected HIPAA compliance leader? Yes __ No __
    Who? CIO/MIS Dir _____ COO _____ CFO ______
    Dedicated Compliance Officer _____ Other ______

-- Educating senior mgmt? Now___ In 3 mon___ In 6 mon___

-- Training mgrs/dept heads? Now___ In 3 mon___In 6 mon___

-- Budgeting of funds? Now___ In 3 mon___ In 6 mon___

-- Inventorying of systems? Now___ In 3 mon___ In 6 mon___

-- Alerting vendors & "partners"? Now___ In 3 mon___ In 6 mon___

-- Devising risk assessment plan? Now___ In 3 mon___ In 6 mon___
    Internally or thru external resource? ____

-- Executing risk assessment plan? Now___ In 3 mon___ In 6 mon___
    Internally or externally? _____

-- Waiting until the final rule to before taking any further
    action for compliance...
    in the Security area ___
     in the Privacy area ___

-- Other initiatives? (include timing)
________________________________________________________________
________________________________________________________________
________________________________________________________________

7. What has your organization budgeted (or is likely to budget)
    for HIPAA compliance?
    in 2000 __________ in 2001 __________ overall _________

8. The Transactions and Code Sets final rule is expected at the
    end of June. What strategy has your organization chosen for
    compliance with this regulation?

    Conversion of internal systems ____
    Continued use of clearing house ____
    New relationship with clearinghouse _____
    Use of paper transactions ____
    Other ____ What? ____________________________________________
    Undecided ____ What factors will be considered in decision?
_________________________________________________________________

7. Does your organization currently use electronic signatures?
    Yes and they meet HIPAA standards ___
    Yes and they do not meet HIPAA standards ___
    Yes and unsure whether they meet HIPAA standards ___
    No ___
    Unsure ___

8. How would you measure knowledge of HIPAA and its implications
    within your senior management? (Low) 1__ 2__ 3__ 4__ 5__ (High)
    Among managers/dept heads? (Low) 1__ 2__ 3__ 4__ 5__ (High)

9. What is the biggest single concern your organization has
    regarding HIPAA or HIPAA compliance? ____________________________
_________________________________________________________________

10. Comments on above, or suggestions for questions on future
    HIPAAlert surveys?
_________________________________________________________________
_________________________________________________________________
_________________________________________________________________

    Thank you for completing the HIPAAlert NEXT STEPS SURVEY. Look
    for results in the July HIPAAlert and the JULY HIMSS Newsletter.