...Continuous Accreditation Compliance - Task 4 AFT2 Accreditation Audit October 31st, 2014 Continuous Accreditation Compliance - Task 4 Nightingale Community Hospital (NCH), like many other health care facilities, uses a Periodic Performance Review (PPR) as an assessment tool that assists in examining performance on a consistent basis to ensure compliance with Joint Commission standards. A PPR concentrates attention on procedures, methods, and processes that contribute an environment that provides for proper care and emphasizes patient safety. NCH has shown to be 100% compliant with the majority of standards including: Infection Prevention and Control, Right and Responsibilities to Patients, Human Resources, Transplant Safety, Emergency Management, and Performance Improvement. During the last inspection NCH was found to be non-compliant in the following areas: National Patient Safety Goals, Record of Care, Environment of Care, Nursing, Treatment and Services, Leadership, Life Safety, Provision of Care, and Universal Protocol. Trending Areas of Concern The PPR revealed numerous issues in all areas of NCH. In order to address issues that affect patient safety and accreditation it is necessary to focus on issues that are found to be present in several areas of the facility. These patterns and trends of non-compliance often expose a weakness in policy, procedure, or training that needs to be addressed in order to ensure patient safety and accreditation compliance...
Words: 2777 - Pages: 12
...WGU AFT2 RAFT2 (Accreditation Audit) MBA Graduate Programe - Complete Course All 4 Tasks http://www.homeworkminutes.com/question/view/41054/AFT2-RAFT2-Accreditation-Audit-WGU-MBA-Graduate-Program-Complete-Course AFT2 Accreditation Audit Task 1 1. The purpose of this executive summary is to outline the current status of compliance of the organization for the priority focus area of communication, namely the standard UP.01.01.01 which is named the “Conduct a Pre-procedure Verification Process” as noted by the Joint Commission standards. A.2. The primary area of focus I chose to review was the communication aspect. I feel that communication is vital in any business, especially health care. Clear communication improves patient care and the quality of care. This is evident when time is taken to verify a patient or a procedure. When things go wrong due to misidentification of a patient, not only does that cost time and money for the patient as well as the extra burden of having that wrong fixed, but it also costs the hospitals too. Their costs are increased by trying to fix the issue and then legal issues to follow. The best way to avoid any mistake and/or injury is to adopt a more vigorous verification system. AFT2 Accreditation Audit Task 2 A.1. An unexpected occurrence that involves serious bodily or psychological harm including death or the risk leading to these is known as a sentinel event. (Sentinel event, 2013) A.2. Several people were...
Words: 982 - Pages: 4
...Accreditation Audit: AFT Task 3 Western Governor’s University Abstract AFT Task 3 allows the examination of data from a patient while hospitalized at Nightingale Hospital and utilizes a tracer methodology to identify trends, patterns, and pertinent problems for healthcare improvement. We plan to develop a corrective action plan to address the organization’s improvement while maintaining compliance from a Joint Commission standard. Accreditation Audit: AFT Task 3 Nightingale Hospital is preparing to devise a mock tracer methodology to assess the organizations’ current compliance with Joint Commission Standards. A tracer methodology follows a patient through the course of care and evaluates all aspects of care (Joint Commission E-dition, 2014). This method allows a quick overview of a patient through the flow of a system in order to evaluate the effectiveness of the process flow. Our mock tracer patient is a sixty seven year old female whom recently underwent an open total abdominal hysterectomy secondary to menorrhagia and uterine fibroids. The patient presented back to the emergency room one week postoperatively with complaints of a subjective fever of 100.2 degrees Fahrenheit and incisional drainage described as yellowish-green in color. A CT scan of her abdomen was performed in the emergency room and revealed a peri-umbilical abscess. The surgical team was consulted and an incision and drainage of the abscess was performed. Infectious disease physicians determined...
Words: 528 - Pages: 3
...security activities and policies; assessing information security risk; and implementing and auditing information security management programs, information assurance certification programs, and security ethics. Watch the following video for an introduction to this course: Competencies This course provides guidance to help you demonstrate the following 3 competencies: Competency 427.3.2: Controls and Countermeasures The graduate evaluates security threats and identifies and applies security controls based on analyses and industry standards and best practices. Competency 427.3.3: Security Audits The graduate evaluates the practice of defining and implementing a security audit and conducts an information security audit using industry best practices. Competency 427.3.4: Certifications and Accreditations The graduate identifies and discusses the Information Assurance certification and accreditation (C&A) process. Course Mentor Assistance As you prepare to successfully demonstrate competency in this subject, remember that course mentors stand ready to help you reach your educational goals. As subject matter experts, mentors enjoy and take pride in helping...
Words: 4354 - Pages: 18
...Accreditation Audit: AFT2 task 2 1 Accreditation Audit: AFT2 Task 2 Confidential—For internal use only to support performance improvement activities. This information is provided within the confidentiality protections of state statute. It is not to be distributed outside the quality assurance, performance improvement, peer review process. Accreditation Audit: AFT2 task 2 2 Analysis of Key Components RCA: Child Abduction Please note that the root cause analysis and action plan must show evidence of an analysis within the key components as outlined on the root cause analysis matrix for the specific type of event. An area on the matrix that may not have an identified process breakdown should still be summarized to determine that the component was evaluated. Brief description of event Briefly summarize the circumstances surrounding the occurrence including the patient outcome (e.g., death, loss of function). A 3-‐year-‐old female pediatric patient...
Words: 3407 - Pages: 14
...[pic] Australian Government Department of Defence Information System Audit Guide VERSION 11.1 January 2012 Table of Contents 1. Introduction to Accreditation 4 2. The Information System Audit – Checklist 7 2.1. What is an Information System Audit? 7 2.2. Why is an Information System Certification needed? 7 2.3. Assessing an Information System’s Security Risks 7 2.4. Selecting an Information System’s Security Controls 7 3. Purpose of the Checklist 8 4. How to Use the Checklist 8 4.1. The Checklist Structure 8 4.2. Security Objectives 9 4.3. Guidance for IRAP Assessors 9 4.4. Information System Compliance 10 5. Guidance for IRAP Assessors 10 6. The Checklist 11 6.1. The Information Security Policy & Risk Management 11 6.2. Information Security Organisation 14 6.3. Information Security Documentation 17 6.4. Information Security Monitoring 20 6.5. Cyber Security Incidents 22 6.6. Physical & Environmental Security 24 6.7. Personnel Security for Information Systems 26 6.8. Product & Media Security 27 6.9. Software, Network & Cryptographic Security 30 6.10. Access Control & Working Off-site Security 33 Appendix A – Accreditation Governance 36 The ISM & Certification 36 Compliance Levels 37 Compliance Report 37 Compliance Comments 37 Audit Documentation Submissions 38 Appendix B – Standards 39 ...
Words: 6447 - Pages: 26
...Nightingale Community Hospital is compliant with The Joint Commission standards except the following areas: Accreditation function of environment of care and life safety, it was documented that more than 3 smoke wall penetrations were found on the 1st floor and one on the 4th floor. The hospital is to minimize the potential for harm from fire, and smoke (TJC, 2013). A review of documentation showed appropriate ILSM was not initiated during 3 construction projects this put employees and patients at risk. Education of fire safety equipment should have been completed before the project. The gift shop did not have the required 18 inch clearance from the sprinklers. All sprinklers must have at least 18 inches below and around of clearance for The Joint Commission standards. Review of department documentation shows that the master alarm panel for medical gasses was not tested annually per policy. This is a policy written by the hospital that is not being met. They are to follow the policies that they set for themselves. The Fire Drill History Report showed that the fire drill process is not adequate and does not meet standards. Quarterly fire drills are to be conducted as regulated by the Life Safety Code (TJC, 2013). Clutter was found in the hallways of 3E, 4E, OR and telemetry this could restrict people from leaving the floor safely in case of fire or smoke. Accreditations function of Nursing Leadership it was discovered that Nurses on 3E were not documenting in a timely manner....
Words: 2356 - Pages: 10
...Accreditation Audit AFT2 Task 1. Herman Big Mawanda Western Governors University Contents COMPLIANCE STATUS. 3 PLANS OF COMPLIANCE 7 JUSTIFICATION 8 BIBLIOGRAPHY 10 Nightingale Community Hospital provides leadership in quality health services. Its core values focus on safety, community, teamwork and accountability with a vision of being a hospital of choice for all and a mission to create a healing environment with a passionate commitment to health care excellence. This executive summary of the accreditation audit is presented to the senior leadership to outline the compliance, plan of compliance and institution of the hospital under the reviewed focus area of Information Management as per the Joint Commission Standards. COMPLIANCE STATUS. The Joint Commission Standard IM 02.02.01 requires that the hospital effectively manages the collection of health information. Nightingale Community Hospital is in compliance with this standard under its patient care policy which specifies prohibited abbreviations. Its policy states that the use of abbreviations and symbols in the medical record is discouraged to prevent errors; as these can be associated with misinterpretation resulting in medical errors, and patient harm. In case the intended meaning of the abbreviation or symbol in the context of a specific order is not clear, the ordering practitioner must be contacted for clarification. This procedure demands that the elements of performance under IM 02.02.01 of the...
Words: 1726 - Pages: 7
...Task 4 Nightingale Community Hospital is preparing for a periodic performance review by The Joint Commission. Prior to The Joint Commission coming to complete its unannounced audit, the commission sends the hospital a handbook of standards guidelines each department of the hospital is expected to meet. The accreditation is a very important process to the daily operations of the hospital. The Center for Medicare and Medicaid Services, (CMS) requires hospital to meet and operate to the accreditation standards. This assures CMS that patients, who pay for services with their Medicare or Medicaid insurance, are receiving the best of medical care. It is imperative for Nightingale to meet the Joint Commission requirements not just for the ability to collect revenue, but its symbol of accreditation hanging in the hospital lobby, tells the public the hospital has met national patient standards. The Joint Commission’s job is not to close a hospital doors, nor to deny the hospital to provide medical services. It should be used a tool for good operating standards for a hospital to conduct its business. It takes work and preparation to meet the standards and to make sure all departments are on board, but once nightingale meet the requirements it all about managing and monitoring the daily operations of standards. It is the Director of Accreditation job of Nightingale Hospital to make sure the hospital is prepared for the Joint Commission audit. It is the directors who reviews all standards...
Words: 1597 - Pages: 7
... NIST Risk Management Framework for FISMA ..................................................................... 4 III. Application Security and FISMA .......................................................................................... 5 IV. NIST SP 800‐37 and FISMA .................................................................................................. 6 V. How Veracode Can Help ...................................................................................................... 7 VI. NIST SP 800‐37 Tasks & Veracode Solutions ....................................................................... 8 VII. Summary and Conclusions ............................................................................................... 10 About Veracode .................................................................................................................... 11 © 2008 Veracode, Inc. 2 Overview The Federal Information Security Management Act of 2002 ("FISMA", 44 U.S.C. § 3541, et seq.) is a United States federal law enacted in 2002 as Title III of the E‐ Government Act of 2002 (Pub.L. 107‐347, 116 Stat. 2899). The Act is meant to bolster computer and network security within the Federal Government and affiliated parties (such as government contractors) by mandating information security controls and periodic audits. I. The Role of NIST in FISMA Compliance The National Institute of Standards and...
Words: 2451 - Pages: 10
...other organizations, not mentioned above, will be denied access due to the high security risk they may present by possibly allowing unauthorized personnel access the DLIS systems, information, files, and/or data. Compliance to laws applicable to our company All federal agencies, including DLIS, are required to abide by all laws and regulations of the Federal Information Security Management Act (FISMA) to allow the protection of sensitive information. Since DLIS provides logistics and information technology services to the U.S. Department of Defense (DoD) and other federal agencies and international partners, they are also provided with standards for risk management including the Defense Information Assurance Certification and Accreditation Process (DIACAP) and the Control Objectives for Information and related Technology (COBIT). Roles and Responsibilities i. Chief of Information Technology. a. Maintains Risk Management Plan b. Established Policies and Procedures c. Develops Risk Response and Contingency Action Plan ii. Information Technology Managers. a. Maintains...
Words: 1341 - Pages: 6
...Assurance Certification and Accreditation Process (DIACAP) (a) Subchapter III of Chapter 35 of title 44, United States Code, “Federal Information Security Management Act (FISMA) of 2002” (b) DoD Directive 8500.01E, “Information Assurance (IA),” October 24, 2002 (c) DoD Directive 8100.1, “Global Information Grid (GIG) Overarching Policy,” September 19, 2002 (d) DoD Instruction 8500.2, “Information Assurance (IA) Implementation,” February 6, 2003 (e) through (ab), see Enclosure 1 1. PURPOSE This Instruction: 1.1. Implements References (a), (b), (c), and (d) by establishing the DIACAP for authorizing the operation of DoD Information Systems (ISs). 1.2. Cancels DoD Instruction (DoDI) 5200.40; DoD 8510.1-M; and ASD(NII)/DoD CIO memorandum, “Interim Department of Defense (DoD) Information Assurance (IA) Certification and Accreditation (C&A) Process Guidance” (References (e), (f), and (g)). 1.3. Establishes or continues the following positions, panels, and working groups to implement the DIACAP: the Senior Information Assurance Officer (SIAO), the Principal Accrediting Authority (PAA), the Defense Information Systems Network (DISN)/Global Information Grid (GIG) Flag Panel, the IA Senior Leadership (IASL), the Defense (previously DISN) IA Security Accreditation Working Group (DSAWG), and the DIACAP Technical Advisory Group (TAG). 1.4. Establishes a C&A process to manage the implementation of IA capabilities and services and provide visibility of accreditation decisions regarding the operation...
Words: 16882 - Pages: 68
...2 Technical Objectives 2 2.1.3 Management Objectives 3 2.2 Assumptions and Constraints 3 2.2.1 Access Control 4 2.2.2 Authentication 4 2.2.3 HSPD-12 Personnel Security Clearances 4 2.2.4 Non-Disclosure Agreements 5 2.2.5 Accessibility 5 2.2.6 Data 5 2.2.7 Confidentiality, Security, and Privacy 5 2.3 Tasks/Sub-Tasks to Be Performed Related to Initiating the Service 6 2.3.1 Task 1: 6 2.3.2 Task 2: 7 2.4 Period of Performance 7 3 PERFORMANCE MANAGEMENT OF THE DELIVERED SERVICES 8 3.1 Modifications to Service Level Agreements 8 3.2 Changes to Key Performance Measures. 8 3.3 Quality Assurance Evaluation 8 3.4 Government Roles and Responsibilities. 9 3.4.1 Contracting Officer (CO) 9 3.4.2 Contract Specialist 9 3.4.3 Contracting Officer’s Technical Representative (COTR) 10 3.4.4 Other Key Government Personnel 10 3.5 Contractor Roles and Responsibilities 10 4 METHODS OF QUALITY ASSURANCE SURVEILLANCE 11 5 SECURITY REQUIREMENTS 11 5.1 Required Policies and Regulations for GSA Contracts 11 5.2 GSA Security Compliance Requirements 13 5.3 Certification and Accreditation (C&A) Activities 13 5.3.1 Certification of System 14 5.3.2 Accreditation of System 15 5.4 Reporting and Continuous Monitoring 16 5.4.1 Deliverables to be provided to the GSA COTR/ISSO/ISSM Quarterly...
Words: 7425 - Pages: 30
...Quality Management Systems Introduction An organisation will benefit from establishing an effective quality management system (QMS). The cornerstone of a quality organisation is the concept of the customer and supplier working together for their mutual benefit. For this to become effective, the customer-supplier interfaces must extend into, and outside of, the organisation, beyond the immediate customers and suppliers. A QMS can be defined as: “A set of co-ordinated activities to direct and control an organisation in order to continually improve the effectiveness and efficiency of its performance.” These activities interact and are affected by being in the system, so the isolation and study of each one in detail will not necessarily lead to an understanding of the system as a whole. The main thrust of a QMS is in defining the processes, which will result in the production of quality products and services, rather than in detecting defective products or services after they have been produced. The benefits of a QMS A fully documented QMS will ensure that two important requirements are met: • The customers’ requirements – confidence in the ability of the organisation to deliver the desired product and service consistently meeting their needs and expectations. • The organisation’s requirements – both internally and externally, and at an optimum cost with efficient use of the available resources – materials, human, technology and information. These requirements can only be truly met...
Words: 2579 - Pages: 11
...requirements and, when necessary, enforcing accountability are major initiatives”. (Herrmann, 2007) Here at the USGA IT department it is our jobs to make sure all the proper paper work is in order before our CIO come to audit us. The OMB give our CIO list of regulations to stay in compliance with the five requirements standard mandate from the Homeland Security. Now through out next couple slide I going discus a strategy plan to put in place in order to be in compliance with the OMB and you see the necessary need for more employee. n Here at USGS one of my main job as IT manger is to put the ball in motion on all policy that was mandate in FISMA and head up information security program on all IT systems. The first task would be to recertify all of our high thread level computer in compliance with the audit guide lines. In order to do this we will need some of our employee to go through a couple of training course. In also we will have to set up different level of security clearance for each employee and put in place some kind monitor process to oversee the system that we just recertify. I believe in order to stay in compliance in the this area we will need some addition staff to stay up to date on all the new certifications and accreditation. At the USGS we like to establish networking relationship between the USGS EA as it relation to IT...
Words: 1561 - Pages: 7
