HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.

Slides:



Advertisements
Similar presentations
Independent Contractor Orientation HIPAA What Is HIPAA? Health Insurance Portability and Accountability Act of 1996 The Health Insurance Portability.
Advertisements

WRSU Customer Service The Beauty of Change. Privacy and Confidentiality.
And the finer details of patient privacy TCH Confidential Understanding HIPAA.
1. As a Florida KidCare community partner families entrust you to not only help them navigate the Florida KidCare system but to keep the information they.
Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.
HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website:
Confidentiality and HIPAA
COBB/DOUGLAS COMMUNITY SERVICES BOARD Confidentiality and Privacy of Consumer Information.
LMC WHAT IS HIPAA AND HOW TO COMPLY WITH IT? Health Insurance Portability and Accountability Act of 1996.
National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
HIPAA Health Insurance Portability & Accountability Act.
HIPAA Health Insurance Portability and Accountability Act.
HIPAA 101 Education. WHAT IS HIPAA??? WHAT IS HIPAA? The Health Insurance Portability and Accountability Act The Health Insurance Portability and Accountability.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
Health Insurance Portability and Accountability Act (HIPAA)HIPAA.
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
NAU HIPAA Awareness Training
1 Louisiana Department of Health and Hospitals Basic HIPAA Privacy Training: Policies and Procedures 01/09/
HIPAA Basics A Matter of Integrity. Introduction “A Matter of Integrity” defines HIPAA and protecting patient health information. Success depends on our.
Health Insurance Portability & Accountability Act “HIPAA” To every patient, every time, we will provide the care that we would want for our own loved ones.
PRESENTOR: MARIA ROSARIO DIANA O. CAINGLET.  HIPAA (Health Insurance Portability and Accountability Act of 1996)  Designed to protect the patient while.
Are you ready for HIPPO??? Welcome to HIPAA
HIPAA How can you maintain patient privacy and confidentiality? General Medicine LCCA.
HIPAA HIPAA Health Insurance Portability and Accountability Act of 1996.
SAFEGUARDING DHS CLIENT DATA PART 2 SAFEGUARDING PHI AND HIPAA Safeguards must: Protect PHI from accidental or intentional unauthorized use/disclosure.
HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.
HIPAA Health Insurance Portability & Accountability Act of 1996.
HIPAA Basic Training for Privacy and Information Security Vanderbilt University Medical Center VUMC HIPAA Website: HIPAA Basic.
HIPAA PRIVACY AND SECURITY AWARENESS.
Privacy and Security of Protected Health Information NorthPoint Health & Wellness Center 2011.
HIPAA OBJECTIVES  Define HIPAA  Define PHI  Use of PHI  Your rights  Your responsibilities.
Next ETCH Confidentiality and HIPAA Annual Review What you need to know. The Privacy Rule 1.
Copyright ©2011 by Pearson Education, Inc. Upper Saddle River, New Jersey All rights reserved. Health Information Technology and Management Richard.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
HIPAA Michigan Cancer Registrars Association 2005 Annual Educational Conference Sandy Routhier.
Speak HIPAA Like a Native A Guide to Common HIPAA Nomenclature University of Miami Ethics Programs.
Building a Privacy Foundation. Setting the Standard for Privacy Health Insurance Portability and Accountability Act (HIPAA) Patient Bill of Rights Federal.
Health Insurance Portability and Accountability Act (HIPAA) CCAC.
Health Insurance Portability and Accountability Act of 1996 HIPAA Privacy Training for County Employees.
Understanding HIPAA (Health Insurandce Portability and Accountability Act)
Mr. Fleming.  Law passed by Congress in  Right to Privacy ◦ Medical information of patient can only be shared with doctor and professionals administering.
© 2013 The McGraw-Hill Companies, Inc. All rights reserved. Ch 8 Privacy Law and HIPAA.
HIPAA BASIC TRAINING Presented by Anderson Health Information Systems, Inc.
HIPAA BASIC TRAINING MODULE 1C – Overview (For staff who do not generally create Protected Health Information) Anderson Health Information Systems, Inc.
HIPAA Pre-Clerkship Review Dr. Maryann Skrabal, Pharm.D., CDE.
HIPAA THE PRIVACY RULE. 2 HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti- depressant medications.
1 Privacy Plan of Action © HIPAA Pros 2002 All rights reserved.
1 HIPAA The Health Insurance Portability and Accountability Act Southeastern Institute.
Medical Documentation
HIPAA Overview Why do we need a federal rule on privacy? Privacy is a fundamental right Privacy can be defined as the ability of the individual to determine.
HIPAA HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT UI EMS Training Dept.
The Health Insurance Portability and Accountability Act of 1996 “HIPAA” Public Law
The Health Insurance Portability and Accountability Act (HIPAA) requires Plumas County to train all employees in covered departments about the County’s.
HIPAA Privacy What Every Staff Member Needs to Know.
WHAT IS HIPAA AND HOW TO COMPLY WITH IT?
HIPAA Privacy & Security
What is HIPAA? HIPAA stands for “Health Insurance Portability & Accountability Act” It was an Act of Congress passed into law in HEALTH INSURANCE.
Privacy & Confidentiality
HIPAA Online Student Orientation
WHAT IS HIPAA AND HOW TO COMPLY WITH IT?
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
HIPAA PRIVACY AWARENESS, COMPLIANCE and ENFORCEMENT
Disability Services Agencies Briefing On HIPAA
HIPAA Privacy & Security
HIPAA SECURITY RULE Copyright © 2008, 2006, 2004 by Saunders an imprint of Elsevier Inc. All rights reserved.
The Health Insurance Portability and Accountability Act
HIPAA Do’s and Don'ts: What is Really Behind Protected Health Information (PHI) and Health Care Privacy Rules Paul Sisler, Director, Information Services;
Presentation transcript:

HIPAA

What Why Who How When

What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.

Why Do We Need HIPAA? The purpose of HIPAA is to protect confidential health care information through improved security and privacy standards.

Who Must Comply With HIPAA? Every employee of a health care facility or provider that handles protected patient health information will have to comply with HIPAA regulations.

What Must Be Kept Confidential? PHI: Protected Health Information The HIPAA privacy rule defines the type of information that must be kept private by categorizing it as “Protected Health Information,” or PHI for short. Healthcare organizations must have policies in place that maintain the privacy of PHI.

What is PHI? Protected Health Information

PHI (Protected Health Information) Health information is any information, (verbal, electronic, or written) that relates to a person’s physical or mental health, or payment information.

Examples of Personally Identifiable Information Name SSN Driver’s license Address Telephone number Marital status Financial information Parental status Gender Race Religion Medical Condition Test Results Income

Minimum Necessary What can I access? Only information you “need to know”to do your job Accessing, using, or disclosing PHI on a need to know basis to get your job done is an important concept under HIPAA known as “minimum necessary.” Working in a healthcare organization does not entitle a person to access any and all patient records in the organization. You can access only the information you need to know to get your job done. Does the minimum necessary standard apply in every situation? No – the minimum necessary standard does not apply when accessing, using, or disclosing PHI for treatment of the individual. It also does not apply to the patient – they can have access to their protected health information.

Incidental Disclosure The Privacy Rule does not say that health information will not be accidentally over heard. But everyone should make every effort to prevent this from happening.

Examples of Incidental Disclosure Calling a patient’s name in a waiting room A sign-in sheet is ok as long as it does not list a reason for the visit

Examples of Verbal Risk Discussing personal health information with a patient in a waiting room when there is risk of others overhearing the conversation.

Examples of Verbal Risk Personal health information should not be discussed in public areas such as elevators, hallways, parking lots, or bathrooms. a

Examples of Verbal Risk You should never discuss a patient’s personal health information with friends, family, or neighbors.

Examples of Visual Risks Leaving documents that you know contain PHI in the open, unprotected and easily accessible by anyone

How Do I Know... … when information is considered private? -Did you learn it through your job? -If yes, then it is considered private ! a

Internal Security Violations Taking advantage of computer glitches that mistakenly allow access to a patient’s medical record Deliberately gaining access to patient data Sharing pass codes Leaving documents with patient information visible in an open area

How Do I Handle… …An individual asking for access to their record? Individuals have a right of access Route requests to appropriate department or staff Do not attempt to provide or get this information yourself

How Do I Handle… … An individual’s request to change their medical record? Individuals have the right to amend or correct their record Route requests to appropriate department or staff Do not attempt to handle yourself

How Do I Handle… Tell them to call Directory information Do not attempt to answer yourself …A family member or close friend asking about a patient?

How Do I Handle… …Co-workers asking about a patient’s condition or treatment? Route request to appropriate department or staff Do not attempt to provide or get this information yourself

Penalties If you break the rules, you can face civil and criminal penalties If found guilty you can be fined and/or sentenced to jail a

Civil Penalties $100 per wrong act up to $25,000 per person, per year for each rule broken a

Criminal Penalties $50,000 & 1 year in jail if found guilty of telling protected health information $100,000 & 5 years in jail if found guilty of obtaining or disclosing protected health information under false pretenses $250,000 & 10 years in jail if found guilty of obtaining and disclosing PHI with intent to sell, transfer, or use for cash, personal gain, or malicious harm

“Privacy-friendly” Practices Abide by the Notice of Privacy Practice & Confidentiality Avoid discussing personal health information Keep health information out of public areas

“Privacy-friendly” Practices Secure records in all locations Respect an individuals’ right to privacy during treatments

HIPAA Security HIPAA security applies to physical, technical and administrative safeguards that are put in place to protect the confidentiality of information. Passwords File Cabinets ID Numbers Coded information

Organizations should always access what resources need to be protected, determine the cost for protection and access the likelihood of loss or compromise. Organizations should train all employees on day-to-day procedures that ensure the protection of information. When complying with security standards…

Ways of Insuring that information is protected Faxes should never be left unattended or in places where unauthorized people can view them. Passwords should be changed regularly. Children’s names, pet’s names, spouse’s names and birthdates should never be used as passwords. Information on computer monitors should not be visible to unauthorized people. Files should always be closed and coded. Personal information should never be on a file’s cover.

What Can You Do? Be aware of patient information and how it is used or handled. Look for ways to insure the information is not available to unauthorized individuals. Shred when appropriate. Password protect your computer. Never leave files open on your desk or at the copier.

Organizations can prevent access the unauthorized data by implementing procedures at time of employee termination. 1.Change all combination locks 2.Removal of terminated employee for access lists 3.Removal of user account(s)

MCG Compliance/ Privacy Officers Please report any violations to the MCG Privacy Officer at , or call MCG’s Legal Office at Protect & Serve

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.