Faculty Lunches with the Dean (No. 10)

Download PDF

Last week I had the latest round of Faculty Lunches with the Dean.  The group included Shea Denning, Jessie Smith, Leisha DeHart-Davis, and Jill Moore.  I continue to think that this idea from our strategic foresight process is incredibly worthwhile, and I hope that these blog posts help provide useful information about the work of our colleagues.  This post reflects what Jill Moore shared about one of her current projects.

jill-mooreJill works in the field of public health law—as opposed to more general health care law—and it focuses more on the health of populations.  Public health law occupies the intersection between local government law and administrative law.  Jill covers subjects like communicable diseases law and the environmental health law (think septic tanks and restaurant inspections).  As a part of our country’s patchwork healthcare system, however, public health departments now also provide health care for certain populations.

Health care is highly regulated, of course, and one of those regulations that health departments must follow as a provider is HIPAA (Health Insurance Portability and Accountability Act of 1996).  HIPAA is complex and there is an officer in each health department responsible for compliance with various confidentiality and security provisions.  Those designated officers include people who occupy many different types of positions, and they are responsible for avoiding breaches of confidentiality that can violate patient privacy and lead to time-consuming, expensive audits.  In terms of the impact measures discussed at the last faculty meeting, helping health departments comply with HIPAA fits into the category identified as “preventing bad things from happening.”

Jill is working with the NC Public Health HIPAA Alliance, which was formed in the spring of 2016 by a group of HIPAA officers who wanted to create a peer network to share policies, discuss best practices, and facilitate training.  A vacuum existed because the state no longer supported local departments on their HPAA compliance—and there also were major changes in the rules in 2013 that created new compliance obligations.  The challenge is especially great for health departments because they have special roles and responsibilities that create unique needs not readily met by conventional HIPAA training programs or existing policy templates from commercial providers.


Jill is serving as a resource person for the Alliance to provide legal expertise and training.  She organized the group’s first training event as a pre-conference workshop held in association with the NC Public Health Association conference in September 2016.  100 people attended, which far exceeded the group’s expectation of around 60-70.  A second face-to-face workshop is in the planning stages for September 2017.

Meanwhile, Jill also is working with colleagues in the School of Public Health to identify funding for a series of online “HIPAA 101” modules for new HIPAA officers—one for online modules is because there is a significant turnover in these positions.  She also is working with the Alliance to develop a document warehouse for their members to use in sharing policies and other documents.  There are many consultants out there offering HIPAA policies, but they are not tailored to the needs of North Carolina health departments.  One issue Jill raised is trying to navigate the line between warehousing policies without necessarily creating a perception that they have received a blanket seal-of-approval from the School.


Jill started her comments by noting that she is driven to respond to the expressed needs of clients in the public health field.  That is a hallmark of the School’s best work, and Jill continues to be an excellent example of our core value of responsiveness.  This project also is not the first one in which our faculty members have found ways to collaborate with colleagues in the School of Public Health on projects that serve health departments.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.