BACKGROUND:
The Health Services Department is requesting to exclude from the Merit System the classification of County Compliance and HIPAA Privacy Officer-Exempt. The County Compliance and HIPAA Privacy Officer-Exempt is given a high-level authority and critical nature of the classification, and its senior policy setting role not just for the Health Services Department but for other county departments such as County Counsel, Auditor-Controller, Human Resources, Public Works, and Risk Management which are affected by the Health Information Portability and Accountability Act. Per the Board Order approved by the Board of Supervisors in April of 2003, the HIPAA Privacy Officer is responsible for overseeing a HIPAA compliance program to ensure processes are implemented to maintain compliance with Federal and State laws related to the privacy, security, confidentiality, and protection of information resources and health care information. This single position classification is charged with developing and administering a county-wide training program and serves as an independent body to review and evaluate all compliance issues. It also serves as the internal resource to receive and direct concerns to appropriate stakeholders for investigation and resolution of privacy matters.
CONSEQUENCE OF NEGATIVE ACTION:
This classification will not be exempt from the County Merit System, which is needed to ensure the County's HIPAA standards and practices are in compliance with federal and state laws.