HIPAA Blog

[ Wednesday, June 05, 2013 ]

 

Texas House Bill 300 News: The Texas legislature only meets for 5 months every other year (because nobody's life, liberty or property is safe while the "Lege" is in session).  In the last legislative session in 2011, the Lege passed HB 300, which revised several aspects of Texas medical record privacy law.  One of the big changes was a solidification of the employee training requirement in Health & Safety Code Section 181.101.  HIPAA generally requires training of employees, but it lacks specifics on what or when.  HB 300 requires Texas companies who deal with any sensitive personal information (including PHI) to train their employees at least every 2 years, and within 60 days of hire.  The training must be specific to the employee's duties, and must address any relevant federal and state privacy laws and rules.  Additionally, employees must sign (manually or electronically) a verification of receipt of the training. 

The 2013 Lege has passed an amendment to the HB300 that awaits Governor Perry's signature.  Relevant changes:
One thing that wasn't addressed that could've been is a better defined is what constitutes an electronic signature of an employee acknowledging training.  Can an employee click a box on a computer program?  Does a computer program that times the attendance and requires responses or test answers from the employee count as an electronic signature?  That's still not clear, so for HB 300 compliance, I would still recommend using a physical sign-in sheet or electronic signature pad.

Jeff [1:14 PM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template