Healthcare Careers II HIPAA-Overview for Healthcare Workers

What is HIPAA? In 1996 Congress passed the Health Insurance Portability and Accountability Act as a means of healthcare reform to protect the transmission of private health information from one institution to another.

Portability This legislation protects healthcare coverage for employees who change jobs and allows them to carry their existing plans with them to new jobs. The deadline for all healthcare insurance companies and healthcare institutions to comply with securing privacy and protection to data was April 14, 2003.

Technology Computers and other electronic systems are being used more commonly in medicine providing much too easy access to private records. This has created new dangers for breaches of confidentiality

Electronic Transaction standard This simplifies and standardizes the codes and formats used to exchange medical data ICDM diagnoses codes CPT Current Procedural Terminology ANSI X12N American National Standards Institute based codes for all claims Unique Identifiers-computer firewalls put in place to prevent unauthorized access.

Information Can only be shared when it is directly related to treatment

Data Security Must be addressed by HIPAA teams that include: Data backup-for disasters to protect data Access controls- secured passwords Internal Audits-to ensure employees who have resigned or terminated no longer have access.

Privacy Standards Protected Information-Any information that includes: Patient’s name or other identifiers- such as birth date or medical record number It can be written, spoken or electronic Written notice needs to be shown to all patients to explain how information about their health will be shared with third parties

Permission to share Patients must give permission for any information to be shared. Exceptions are information “beneficial to the public” like vital statistics, communicable diseases, adverse reactions to drugs reported to the FDA, and information related to organ donation.

Safeguarding information in the workplace White boards should have limited information on them last names only, no diagnosis or treatment linked to the patient Charts cannot be within view from the nurse’s stations Nurse’s stations cannot be accessible for the public to walk through. Flat screen monitors and screens that black out on a timer to auto lock out last user in place.

Safeguarding information Fax machines in a secure area, all faxes have a cover sheet marked confidential Password protection for that contains information. Encryption if information is going over the Internet Destroy or place in the patients chart any printouts received.

Information Storage Filing cabinets and medical charts in a secured location Workers protect xrays from public viewing Keep a record of any employee that has access to information should a patient request this information. There must be a system in place to record the name of every person who accesses a patient’s medical record.

Conversations Lower your voice Move to a secure location to discuss medical issues so you won’t be overheard Avoid casual breaches of confidentiality in restroom, elevators, parking garages and lunchrooms, etc.

State vs. HIPAA HIPAA does not override state laws where they may demand even stricter privacy. Many states protect the privacy of minors particularly in relation to questions of sexual activity or pregnancy.

Penalties Anyone caught selling private health care information can be fined up to $250,000 and sentenced up to 10 years in prison.