Privacy & Security Inservice Protected Health Information, Personal Electronic Devices & Social Media.

Slides:

Advertisements

Similar presentations

Confidentiality: What Is Our Responsibility?

Advertisements

HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.

Privacy and Information Security Training ( ) VUMC Privacy Website

HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.

Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.

HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.

Confidentiality and HIPAA

What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

NAU HIPAA Awareness Training

1 Louisiana Department of Health and Hospitals Basic HIPAA Privacy Training: Policies and Procedures 01/09/

 The Health Insurance Portability and Accountability Act of  Federal Law designed to protect sensitive information.  HIPAA violations are enforced.

Are you ready for HIPPO??? Welcome to HIPAA

HIPAA How can you maintain patient privacy and confidentiality? General Medicine LCCA.

HIPAA HIPAA Health Insurance Portability and Accountability Act of 1996.

Protecting Client Data HIPAA, HITECH and PIPA Part 1A

Welcome to UF We’re from the Privacy Office and we’re here to help you… HIPAA Orientation College of Nursing– Fall 2014 Cheryl Webber, MS, RHIA University.

Walking Through the Breach Notification Process - Beginning to End HIPAA COW Presentation and Panel April 8, 2011.

Presented by: Dan Landsberg August 12, Agenda  What is Social Media?  Social Media’s Professional Side  Benefits of Social Media  Regulatory.

School of Risk Control Excellence Employee Use of Social Media The Impact of the Virtual World on Disciplining and Firing Employees Laura Lapidus, Esq.

Health Information Technology for Economic and Clinical Health Act (HITECH)

HIPAA PRIVACY AND SECURITY AWARENESS.

 Board Policy GBEAA (The Internet Acceptable Use Policy): › “Employees will have access to the Internet for the purpose of instruction, resources and.

HIPAA OBJECTIVES  Define HIPAA  Define PHI  Use of PHI  Your rights  Your responsibilities.

Health Insurance Portability and Accountability Act (HIPAA)

Computerized Networking of HIV Providers Workshop Data Security, Privacy and HIPAA: Focus on Privacy Joy L. Pritts, J.D. Assistant Research Professor Health.

1.8 vs. 5.3 Benefits and Risks of Social Media in Healthcare Andy Malinoski Director of Risk Management Andy Malinoski Director of Risk Management.

Arkansas State Law Which Governs Sensitive Information…… Part 3B

HIPAA Training Developed for Ridgeview Institute 2012 Hospital Wide Orientation.

Professionalism/Customer Service in the Health Environment Communications and Professionalism This material Comp16_Unit9 was developed by The University.

Health Insurance Portability and Accountability Act (HIPAA) CCAC.

Health Insurance Portability and Accountability Act of 1996 HIPAA Privacy Training for County Employees.

Understanding HIPAA (Health Insurandce Portability and Accountability Act)

Privacy & Confidentiality

A Road Map to Research at Jefferson: HIPAA Privacy and Security Rules for Researchers Presented By: Privacy Officer/Office of Legal Counsel October 2015.

HIPAA: Breach Notification By: Office of University Counsel For: Jefferson IRB Continuing Education September 2014.

HIPAA Overview Why do we need a federal rule on privacy? Privacy is a fundamental right Privacy can be defined as the ability of the individual to determine.

Your Cyber Security: The scope of your risk is broad and growing To understand the nature of the risk landscape look at the presentations here today-begin.

AND CE-Prof, Inc. January 28, 2011 The Greater Chicago Dental Academy 1 Copyright CE-Prof, Inc

Final HIPAA Rule Special Training What you need to know to remain compliant with the new regulations.

2015 Privacy & Security Refresher. Presenters  Dana Williams  Privacy Officer  (501)  Stephen Yarberry  Chief Information Security Officer.

HIPAA TRIVIA Do you know HIPAA?. HIPAA was created by?  The Affordable Care Act  Health Insurance companies  United States Congress  United States.

An Introduction to Compliance and HIPAA Privacy RVHIMA Spring 2016 Meeting Joshua A. Lenavitt, MHA Regional Director of Compliance and Privacy Baptist.

The Medical College of Georgia HIPAA Privacy Rule Orientation.

The Basics of Protecting Electronic Personal Health Information Greg Nance - CISSP, CRISC, CISA, ITIL Information Security Governance, Risk and Compliance.

Health Insurance Portability and Accountability Act (HIPAA) Primer for Observers, Volunteers, Medical Students Dr. Michael Palumbo- Privacy Officer/ EVP.

PHI Breach PHI Breach Dealing Breach With HIPAA Guidelines Guidelines.

HIPAA Privacy Training Flowers Hospital

Developed for Ridgeview Institute 2015 Hospital Wide Orientation

HIPAA Privacy and Security

HIPAA PRIVACY & SECURITY TRAINING

Top Compliance Topics.

Social Media August 2014.

HIPAA THE PRIVACY RULE Reviewed December 2012.

HIPAA Privacy & Security

2015 Orientation to HIPAA Privacy Rule Compliance

Use of BMC Patient Information Privacy & Security

Reid Cushman, UM Ethics Programs

Privacy & Confidentiality

HIPAA/HITECH – The Final Omnibus Rule

Social Media Guidelines for Nursing Students

Understanding HIPAA Dr. Jennifer Lu.

Health Insurance Portability and Accountability Act of 1996 (HIPAA)

HIPAA PRIVACY AWARENESS, COMPLIANCE and ENFORCEMENT

Disability Services Agencies Briefing On HIPAA

Move this to online module slides 11-56

HIPAA Privacy & Security

Mayo Clinic Privacy Office

HIPAA & PHI TRAINING & AWARENESS

Personal Social Media and Technology Use Policy

The Health Insurance Portability and Accountability Act

Presentation transcript:

Privacy & Security Inservice Protected Health Information, Personal Electronic Devices & Social Media

Background Federal laws HIPAA, Privacy HITECH, Security If you can identify the patient, HIPAA applies! Information/areas that you have access to solely due to your position as an employee are considered sensitive.

Always remember your role. HIPAA 101 Access/disclosure of PHI is permitted for the following reasons Treatment Payment Healthcare Operations Required by Law Authorized by the Patient Any access/use/disclosure outside of this is a violation. Always remember your role.

Types of Violations EMOTION FAILURE TO VERIFY Fax to wrong # RX to wrong patient Discharge instructions to wrong patient Letters/envelopes

Personal Electronic Device Policy Personal Electronic Devices may NEVER be used to capture, store, or transmit protected health information or sensitive business information. This includes photos, video and audio.

Personal Electronic Devices cont’d Use the patient’s device Be aware of background Employees can decide if they want to be in patient photos No photos, video, or audio of other employees without their consent.

PED Violation Examples Audio captured of patient Video taken during huddle Photos of sensitive work area Video of visitors

Social Networking The use of dedicated websites and applications to interact with other users, or to find people with similar interests to oneself. Facebook Twitter Instagram SnapChat Pinterest YouTube News Sites

Social Media First violation reported in March 2011 Most recent violation – August 2015 Difference between being “friendly” and being “friends/follower” on social media Violations By employee By employee family member Trying to help patient Trying to defend Baptist Health

Social Media Violation Examples Employee posts to SM and tags patient Patient captured in Valentine photo Employee’s child posts to news site Patient locates negative comments on SM Employee messages patient to defend treatment

Violations Based in Emotion Patient information is a tool used by provider but belongs to the patient. If you have “feelings” about patient information, STOP and re evaluate actions. Access to information is granted in your role as an employee. See slide 4. Can’t use system for personal reasons Role as a mother/caregiver Role as a visitor/friend

Discipline Policy Breach notification not required Written Counseling Breach notification required Written warning Malicious, personal gain, financial gain, access of protected classes (HIV, etc) Suspension or termination

What is Breach Notification? Certain violations require notification to patient “Harm” standard removed in 2013 Must be conducted within 60 days Breaches are reported to Office for Civil Rights Breaches damage our reputation and impede our mission.

Closing Thoughts If you disclose or cause to disclose, the violation is yours. Patient information is a tool you use to help perform your job. Privacy violations have lasting effects on your employment future. Corporate Compliance is here to help. Call us anytime!

Dana Williams, Privacy Officer Q U E S T I O N Dana Williams, Privacy Officer (501) 202-6776