HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.

Slides:



Advertisements
Similar presentations
The HIPAA Privacy Rule And Its Impact On Agents And Employers National Association of Health Underwriters Capitol Conference March 23, 2003 Joseph T. Holahan,
Advertisements

HIPAA Basics Brian Fleetham Dickinson Wright PLLC.
HIPAA: Privacy, Security, and HITECH, Oh My! Presented by Stephanie L. Ganucheau, Special Assistant Attorney General.
1. As a Florida KidCare community partner families entrust you to not only help them navigate the Florida KidCare system but to keep the information they.
Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.
HIPAA Privacy Rule Training
HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
P E N N S Y L V A N I A C O A L I T I O N A G A I N S T D O M E S T I C V I O L E N C E P E N N S Y L V A N I A C O A L I T I O N A G A I N S T RAPE HIPAA.
HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) ; Victoria Nemerson.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna
HIPAA CHANGES: HITECH ACT AND BREACH NOTIFICATION RULES February 3, 2010 Kristen L. Gentry, Esq. Catherine M. Stowers, Esq.
NAU HIPAA Awareness Training
HIPAA Health Insurance Portability and Accountability Act.
HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.
COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.
HIPAA THE PRIVACY RULE Reviewed December HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti-
Are you ready for HIPPO??? Welcome to HIPAA
HIPAA HIPAA Health Insurance Portability and Accountability Act of 1996.
© Copyright 2014 Saul Ewing LLP The Coalition for Academic Scientific Computation HIPAA Legal Framework and Breach Analysis Presented by: Bruce D. Armon,
HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.
HIPAA Health Insurance Portability & Accountability Act of 1996.
HIPAA PRIVACY AND SECURITY AWARENESS.
“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.
Copyright ©2011 by Pearson Education, Inc. Upper Saddle River, New Jersey All rights reserved. Health Information Technology and Management Richard.
Computerized Networking of HIV Providers Workshop Data Security, Privacy and HIPAA: Focus on Privacy Joy L. Pritts, J.D. Assistant Research Professor Health.
HIPAA Training Developed for Ridgeview Institute 2012 Hospital Wide Orientation.
HIPAA Michigan Cancer Registrars Association 2005 Annual Educational Conference Sandy Routhier.
Medical Law and Ethics, Third Edition Bonnie F. Fremgen Copyright ©2009 by Pearson Education, Inc. Upper Saddle River, New Jersey All rights reserved.
Health Insurance Portability and Accountability Act (HIPAA) CCAC.
Davis Wright Tremaine LLP Case Study: Small Group Health Plan HIPAA Privacy Compliance for Employers September 15, 2003 Speaker Jason Froggatt Becky Williams.
Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill Chapter 6 The Privacy and Security of Electronic Health Information.
Health Insurance Portability and Accountability Act of 1996 HIPAA Privacy Training for County Employees.
Understanding HIPAA (Health Insurandce Portability and Accountability Act)
© 2013 The McGraw-Hill Companies, Inc. All rights reserved. Ch 8 Privacy Law and HIPAA.
FleetBoston Financial HIPAA Privacy Compliance Agnes Bundy Scanlan Managing Director and Chief Privacy Officer FleetBoston Financial.
HIPAA BASIC TRAINING Presented by Anderson Health Information Systems, Inc.
HIPAA THE PRIVACY RULE. 2 HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti- depressant medications.
HealthBridge is one of the nation’s largest and most successful health information exchange organizations. Tri-State REC: Privacy and Security Issues for.
Copyright ©2014 by Saunders, an imprint of Elsevier Inc. All rights reserved 1 Chapter 02 Compliance, Privacy, Fraud, and Abuse in Insurance Billing Insurance.
HIPAA Health Insurance Portability and Accountability Act of 1996.
HIPAA Privacy Rules: What Are Plan Sponsors Required to Do?
Health Insurance portability and Accountability Act (HIPAA)‏
A Road Map to Research at Jefferson: HIPAA Privacy and Security Rules for Researchers Presented By: Privacy Officer/Office of Legal Counsel October 2015.
1 Privacy Plan of Action © HIPAA Pros 2002 All rights reserved.
Copyright © 2015 by Saunders, an imprint of Elsevier Inc. All rights reserved. Chapter 3 Privacy, Confidentiality, and Security.
Top 10 Series Changes to HIPAA Devon Bernard AOPA Reimbursement Services Coordinator.
AND CE-Prof, Inc. January 28, 2011 The Greater Chicago Dental Academy 1 Copyright CE-Prof, Inc
HIPAA TRIVIA Do you know HIPAA?. HIPAA was created by?  The Affordable Care Act  Health Insurance companies  United States Congress  United States.
HIPAA Training. What information is considered PHI (Protected Health Information)  Dates- Birthdays, Dates of Admission and Discharge, Date of Death.
The Medical College of Georgia HIPAA Privacy Rule Orientation.
New Hire HIPAA Orientation. HIPAA Overview HIPAA is an acronym that stands for the Health Insurance Portability and Accountability Act of HIPAA.
What is HIPAA? Health Insurance Portability and Accountability Act of HIPAA is a major law primarily concentrating on the prolongation of health.
The Health Insurance Portability and Accountability Act (HIPAA) requires Plumas County to train all employees in covered departments about the County’s.
HIPAA Privacy What Every Staff Member Needs to Know.
HIPAA Training Workshop #3 Individual Rights Kaye L. Rankin Rankin Healthcare Consultants, Inc.
Today’s webinar will begin shortly
HIPAA Privacy Rule Training
What is HIPAA? HIPAA stands for “Health Insurance Portability & Accountability Act” It was an Act of Congress passed into law in HEALTH INSURANCE.
HIPAA CONFIDENTIALITY
HIPAA Administrative Simplification
HIPAA PRIVACY AWARENESS, COMPLIANCE and ENFORCEMENT
Disability Services Agencies Briefing On HIPAA
HIPAA Privacy Training
HIPAA SECURITY RULE Copyright © 2008, 2006, 2004 by Saunders an imprint of Elsevier Inc. All rights reserved.
The Health Insurance Portability and Accountability Act
Introduction to the PACS Security
Presentation transcript:

HIPAA Privacy Training

2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC

3 Portability Part One – Portability, access, and renewability requirements

Copyright 2010 MHM Resources LLC4 Administrative Simplification Part Two – Administrative Simplification Standards for maintenance and transmission of health information

Copyright 2010 MHM Resources LLC5 Privacy Part Three – Privacy The privacy regulations govern how individually identifiable medical information must be protected.

Security Part Four – Security Regulates how health plans and other covered entities that electronically maintain or transmit PHI implement reasonable and appropriate safeguards for the availability and protection of electronic protected health information (PHI) Copyright 2010 MHM Resources LLC6

Breach Notification Part Five – Breach Notification Health Information Technology for Economic and Clinical Health (HITECH) Act Outlines how affected individuals must be notified if there is a breach of their “unsecured” PHI Disclosure Log Effective September 23, 2009 Copyright 2010 MHM Resources LLC7

8 Flexible Benefit Plans The Health Flexible Spending Account (FSA), or unreimbursed medical portion of a cafeteria plan; or a Health Reimbursement Arrangement (HRA) are considered to be health and welfare benefit plans.

Copyright 2010 MHM Resources LLC9 HIPAA Definitions Covered Entity A healthcare provider that conducts certain transactions in electronic form A healthcare clearinghouse A health plan - includes all the employer's welfare benefit plans like health insurance, a Health FSA within a cafeteria plan, and any HRAs.

Copyright 2010 MHM Resources LLC10 HIPAA Definitions If you are an employer, you are generally not a covered entity. Employees, the plan, and its Business Associates may not freely share information with the employer unless firewalls exist to contain the information.

Copyright 2010 MHM Resources LLC11 HIPAA Definitions Covered Transactions Healthcare or dental claims administration Healthcare eligibility Benefits enrollment and maintenance Payroll deduction and group premium payment Retail pharmacy transactions

Copyright 2010 MHM Resources LLC12 HIPAA Definitions Business Associate A person, business, or agency that conducts covered transactions for another legal entity.

Copyright 2010 MHM Resources LLC13 HIPAA Definitions Business Associate Agreement The health plan must engage in a Business Associate Agreement with all Business Associates.

Copyright 2010 MHM Resources LLC14 HIPAA Definitions Protected Health Information (PHI) Individually identifiable medical information in any form, including oral communication that is created or received by a covered entity or employer.

Breach of Unsecured PHI A breach is the unauthorized access, use or disclosure of unsecured PHI. PHI must be encrypted or destroyed In motion, in use, at rest Access controls do not make PHI secure Copyright 2010 MHM Resources LLC15 HIPAA Definitions

Significant risk of harm to individual Immediate steps were taken to obtain guarantee that PHI will not be used or disclosed PHI returned prior to be accessed Determine type or amount of PHI disclosed Copyright 2010 MHM Resources LLC16 HIPAA Definitions

Copyright 2010 MHM Resources LLC17 HIPAA Overview Individuals “own” their PHI HIPAA defines what PHI is Privacy notice tells employees how their PHI will be used and disclosed. No other notice is required Privacy notice gives employees certain rights to their PHI

Copyright 2010 MHM Resources LLC18 Where does PHI Come From? Mail Fax Front desk Phones Electronically Orally, in person

Copyright 2010 MHM Resources LLC19 Who Can See PHI? Covered entities with privacy policies in place Business Associates that have signed Business Associate Agreements in place with the covered entities and also have privacy policies in place Individual employees may review and change their own PHI

Copyright 2010 MHM Resources LLC20 When Can You Reveal PHI? Healthcare operations Payment Treatment As permitted or required by law Pursuant to an authorization

Copyright 2010 MHM Resources LLC21 When Can You Reveal PHI? Identify individual with whom you are speaking Verify SSN, gender, birth date, and/or address Authorization signed by participant “Minimum Necessary” standard Reveal the minimum necessary information when releasing information

Copyright 2010 MHM Resources LLC22 Applies to All Covered Entities Employers are generally not covered entities A covered entity may not freely share an individual's PHI with the employer or a non-health plan.

Copyright 2010 MHM Resources LLC23 Protect PHI in Your Office Train all workers with access to PHI Don’t enter PHI into a software system or program unless information encrypted while at rest or in transit Create a “clean desk” policy Store PHI under lock and key Don’t discuss an individual’s health information in public Identify callers

Copyright 2010 MHM Resources LLC24 Protect PHI in Your Office Letters to participants should not contain their SSNs Offsite storage Retain complete list of claim forms, etc. offsite Use security tape on boxes to reveal unauthorized entry. Trash Shredding

Copyright 2010 MHM Resources LLC25 Protect Participant’s Privacy Right to inspect and copy Accounting of disclosures Amend Request restrictions Request confidential communications Right to receive a paper copy of the privacy notice

Copyright 2010 MHM Resources LLC26 Employers Employer puts in place HIPAA privacy policies and procedures Plan documents and Summary Plan Descriptions for all employer-sponsored health plans Assign a HIPAA Compliance Official Employer must certify to plan that HIPAA privacy rules are being followed

Employers The health plan must distribute a notice of privacy practices for employees Business Associate Agreements must be in place Train workforce on HIPPA compliance Train workforce on breach reporting Copyright 2010 MHM Resources LLC27

Breach Notification Accounting for Disclosures of PHI PHI may be disclosed for public policy and safety reasons and other mandatory disclosures listed below without an individual’s authorization These disclosures must be logged since they were disclosed without the individual’s knowledge. The disclosure log must be made available to the individual upon request. Copyright 2010 MHM Resources LLC28

Breach Notification Individuals must be notified if their PHI has been disclosed and the information is unsecured PHI Safe harbor to avoid breach notification: Encryption whether PHI is at rest, in use or in transit Destruction nistrative/breachnotificationrule/ Copyright 2010 MHM Resources LLC29

Copyright 2010 MHM Resources LLC30 Plan Service Provider HIPAA privacy policies and procedures Business Associate Agreements must be in place between the plan service provider (Business Associate) and the plan.

Copyright 2010 MHM Resources LLC31 Exception to Compliance Self-administered health plans with fewer than 50 participants are exempt from privacy compliance

Copyright 2010 MHM Resources LLC32 Civil and Criminal Penalties Substantial civil and criminal penalties apply to noncompliance of HIPAA regulations Be aware of your state laws Get legal counsel

HIPAA Privacy – Your business depends on it

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.