Agenda

Return

C. 17

To:	Board of Supervisors
From:	Anna Roth, Health Services
Date:	February 8, 2022

Contra

Costa

County

Subject:

Add one (1) Health Services Administrator-Level B Position

APPROVE	OTHER
RECOMMENDATION OF CNTY ADMINISTRATOR	RECOMMENDATION OF BOARD COMMITTEE

Action of Board On: 02/08/2022

APPROVED AS RECOMMENDED

OTHER

Clerks Notes:

VOTE OF SUPERVISORS

AYE:

John Gioia, District I Supervisor
Candace Andersen, District II Supervisor
Diane Burgis, District III Supervisor
Karen Mitchoff, District IV Supervisor
Federal D. Glover, District V Supervisor

Contact:	Bud DeCesare, 925-957-5429
cc:	Bud DeCesare Jo-Anne Linares Kathi Caudel Kathy Sitton Lauren Ludwig Tuli Ochoa

I hereby certify that this is a true and correct copy of an action taken and entered on the minutes of the Board of Supervisors on the date shown.
ATTESTED: February 8, 2022
Monica Nino, County Administrator

BY:	, Deputy

RECOMMENDATION(S):

ADOPT Position Adjustment Resolution No. 25893 to add one (1) Health Services Administrator-Level B (VANG) position at salary plan and grade XB2-1323 ($5,174 - $8,477) in the Finance division of the Health Services Department. (Represented)

FISCAL IMPACT:

Upon approval, this action will result in an annual cost of approximately $172,529, with $66,931 in pension cost already included. (100% Hosptial Enterprise Fund I)

BACKGROUND:

Increased demands on the Health Services Department Privacy Office due to additional regulatory review and reporting requirements necessitate expansion of the current two person staff. This year through mid-October, there have been 109 breaches reported, potentially impacting thousands of individuals. Each reported breach requires the Privacy Office to review the details of the event, consult with counsel if necessary, review regulatory guidance, ask follow up questions of staff, and either mitigate the incident by conducting a risk analysis to document the event is not a breach, or report the breach to the Health and Human Services Office for Civil Rights, the California Department of Public Health, and to the victim(s) of the breach, plus work internally with staff to implement a plan of correction.

In addition, the Health Services Department has received numerous requests for information related to the COVID pandemic including data for outreach and for vaccination status/compliance, plus unrelated requests to share data for grants. These requests are directed to the Privacy Officer to review the privacy regulation component as it relates to the appropriate use and release of information stored in various registries and data bases used throughout Health Services. These requests involve extensive analysis, including a review of the Health Service Department’s contracts with the State related to the specific registry database, which often requires consultation with Counsel. The terms of these contracts with the State sets forth the information privacy and security requirements that Health Services, as the Contractor, is obligated to follow with respect to all personal and confidential information disclosed to the Contractor, or collected, created, maintained, stored, transmitted or used by the Contractor for, or on behalf of, the State.

The addition of a Health Services Administrator-Level B position will support the Privacy Officer by providing guidance to Health Services Divisions that maintain patient information as it relates to breach investigations and following up with Department Staff to ensure complete and accurate information is provided in response to investigative questions in a timely manner. These tasks are currently done by the Privacy Officer, thereby diverting time and resources that should be used to review and update Privacy and Compliance policies, develop and make additional training and education available to staff, conduct internal auditing and monitoring, and manage the overall operations of the Privacy Office.

CONSEQUENCE OF NEGATIVE ACTION:

If this action is not approved, the Privacy Officer will continue to be the only person performing these functions, taking time and resources away from higher level tasks which compromises the overall operations of the Privacy Office.