Are you ready for HIPPO??? Welcome to HIPAA

Slides:



Advertisements
Similar presentations
Independent Contractor Orientation HIPAA What Is HIPAA? Health Insurance Portability and Accountability Act of 1996 The Health Insurance Portability.
Advertisements

1 The Health Insurance Portability and Accountability Act (HIPAA) A guided tutorial for GVSU employees.
HIPAA Basics Brian Fleetham Dickinson Wright PLLC.
HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.
Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.
HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.
Confidentiality and HIPAA
HIPAA Privacy Rule Training
Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.
HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.
National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
Presented by the Office of the General Counsel An Overview of HIPAA.
NAU HIPAA Awareness Training
1 Louisiana Department of Health and Hospitals Basic HIPAA Privacy Training: Policies and Procedures 01/09/
TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.
Reviewing the World of HIPAA Stephanie Anderson, CPC October 2006.
HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.
 The Health Insurance Portability and Accountability Act of  Federal Law designed to protect sensitive information.  HIPAA violations are enforced.
HIPAA THE PRIVACY RULE Reviewed December HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti-
HIPAA HIPAA Health Insurance Portability and Accountability Act of 1996.
Professional Nursing Services.  Privacy and Security Training explains:  The requirements of the federal HIPAA/HITEC regulations, state privacy laws.
2 HIPAA, HITECH, and Medical Records. Learning Outcomes When you finish this chapter, you will be able to: 2.1Discuss the importance of medical records.
Version 6.0 Approved by HIPAA Implementation Team April 14, HIPAA Learning Module The following is an educational Powerpoint presentation on the.
HIPAA Health Insurance Portability & Accountability Act of 1996.
The University of Kansas Medical Center Shadow Experience Training.
HIPAA PRIVACY AND SECURITY AWARENESS.
Privacy and Security of Protected Health Information NorthPoint Health & Wellness Center 2011.
Health Insurance Portability and Accountability Act (HIPAA)
Copyright ©2011 by Pearson Education, Inc. Upper Saddle River, New Jersey All rights reserved. Health Information Technology and Management Richard.
1 Copyright © 2011, 2007, 2003, 1999 by Saunders, an imprint of Elsevier Inc. All rights reserved. Privacy in the Physician’s Office Chapter 17.
Computerized Networking of HIV Providers Workshop Data Security, Privacy and HIPAA: Focus on Privacy Joy L. Pritts, J.D. Assistant Research Professor Health.
HIPAA Michigan Cancer Registrars Association 2005 Annual Educational Conference Sandy Routhier.
© 2009 The McGraw-Hill Companies, Inc. All rights reserved. 1 McGraw-Hill Chapter 2 The HIPAA Privacy Standards HIPAA for Allied Health Careers.
Building a Privacy Foundation. Setting the Standard for Privacy Health Insurance Portability and Accountability Act (HIPAA) Patient Bill of Rights Federal.
Health Insurance Portability and Accountability Act (HIPAA) CCAC.
Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill Chapter 6 The Privacy and Security of Electronic Health Information.
Health Insurance Portability and Accountability Act of 1996 HIPAA Privacy Training for County Employees.
Understanding HIPAA (Health Insurandce Portability and Accountability Act)
© 2013 The McGraw-Hill Companies, Inc. All rights reserved. Ch 8 Privacy Law and HIPAA.
PricewaterhouseCoopers 1 Administrative Simplification: Privacy Audioconference April 14, 2003 William R. Braithwaite, MD, PhD “Doctor HIPAA” HIPAA Today.
HIPAA BASIC TRAINING Presented by Anderson Health Information Systems, Inc.
HIPAA PRACTICAL APPLICATION WORKSHOP Orientation Module 1B Anderson Health Information Systems, Inc.
HIPAA THE PRIVACY RULE. 2 HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti- depressant medications.
Copyright ©2014 by Saunders, an imprint of Elsevier Inc. All rights reserved 1 Chapter 02 Compliance, Privacy, Fraud, and Abuse in Insurance Billing Insurance.
C HAPTER 34 Code Blue Health Sciences Edition 4. Confidentiality of sensitive information is an important issue in healthcare. Breaches of confidentiality.
A Road Map to Research at Jefferson: HIPAA Privacy and Security Rules for Researchers Presented By: Privacy Officer/Office of Legal Counsel October 2015.
1 Privacy Plan of Action © HIPAA Pros 2002 All rights reserved.
Copyright © 2015 by Saunders, an imprint of Elsevier Inc. All rights reserved. Chapter 3 Privacy, Confidentiality, and Security.
HIPAA Overview Why do we need a federal rule on privacy? Privacy is a fundamental right Privacy can be defined as the ability of the individual to determine.
HIPAA TRIVIA Do you know HIPAA?. HIPAA was created by?  The Affordable Care Act  Health Insurance companies  United States Congress  United States.
HIPAA Training. What information is considered PHI (Protected Health Information)  Dates- Birthdays, Dates of Admission and Discharge, Date of Death.
The Medical College of Georgia HIPAA Privacy Rule Orientation.
The Health Insurance Portability and Accountability Act (HIPAA) requires Plumas County to train all employees in covered departments about the County’s.
HIPAA Privacy What Every Staff Member Needs to Know.
Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill/Irwin Chapter 6 The Privacy and Security of Electronic Health Information.
HIPAA Privacy Rule Training
Health Insurance Portability and Accountability Act of 1996
HIPAA PRIVACY & SECURITY TRAINING
HIPAA THE PRIVACY RULE Reviewed December 2012.
HIPAA Privacy & Security
What is HIPAA? HIPAA stands for “Health Insurance Portability & Accountability Act” It was an Act of Congress passed into law in HEALTH INSURANCE.
Disability Services Agencies Briefing On HIPAA
HIPAA Privacy & Security
HIPAA SECURITY RULE Copyright © 2008, 2006, 2004 by Saunders an imprint of Elsevier Inc. All rights reserved.
The Health Insurance Portability and Accountability Act
South Jordan City Fire Department
Presentation transcript:

Are you ready for HIPPO??? Welcome to HIPAA What is HIPAA? HIPAA is the Healthcare Insurance Portability and Accountability Act. HIPAA is federal law managed and enforced by the Center for Medicare and Medicaid Services (CMS). HIPAA creates a framework for managing patient health information in verbal, paper, and electronic form. HIPAA also provides standards for electronic transactions, and covers building security. Who does it apply to? HIPAA affects nearly everyone in healthcare: providers, payers, pharmaceutical companies, and hospitals. HIPAA affects all employees and operations of a “covered entity”, as well as business vendors and suppliers who provide services and products. v. 05/15/2014

the Privacy Rule Protected Health Information (PHI) PHI is any information about the past, present or future, physical or mental health of a patient, AND which individually identifies that individual. Examples of individual identifiers include name, address, SSN, family members’ names, insurance numbers, etc. PHI may exist in any form: on paper, in verbal conversations, or in electronic form. Can you identify PHI at your facility? v. 05/15/2014

How do we manage PHI? HIPAA places few restrictions on the use or disclosure of PHI in treatment, payment or healthcare operations (TPO). HIPAA recognizes that providers and employees of a covered entity need wide access to PHI to deliver quality healthcare efficiently. TREATMENT includes the provision of healthcare services, and also consulting between providers about a patient referring a patient to another provider PAYMENT includes interaction with insurance companies & other payers Eligibility determination billing, claims, reimbursement Preauthorization utilization review HEALTHCARE OPERATIONS include activities such as: ·         quality assessments | outcome evaluations |  internal business planning v. 05/15/2014

Minimum Necessary Standard For any internal use of PHI, everyone must make a reasonable, good faith effort to share only the minimum amount of PHI necessary to accomplish the intended purpose. Be aware that many purposes, such as treatment, may well require extensive use of PHI. Exception – does not apply to disclosures of PHI made to other healthcare providers v. 05/15/2014

Applying the Minumum Necessary Standard Restrict amount of PHI used Is ALL this PHI needed now? Restrict physical access to PHI Is the PHI secure ? Restrict access to certain persons Does everyone need to see this? Remember - PHI exists in verbal, paper, and electronic form v. 05/15/2014

Notice of Privacy Practices (NPP) The NPP is a document required by HIPAA that explains patient rights regarding their PHI. The NPP explains how we will use PHI for treatment, payment and healthcare operations. It also describes patients’ right to … Inspect their PHI (medical record) Make copies of their PHI Request changes to their PHI Request an accounting of non-TPO disclosures of PHI The NPP must be given to the patient, or their legal representative, at the first encounter for healthcare services. You must make a good faith effort to obtain a signed acknowledgement of the patient’s receipt of the NPP. Keep this acknowledgement form. v. 05/15/2014

Authorization Form An Authorization Form is required for disclosures of PHI which are not part of treatment, payment, or healthcare operations. An example would be a release of PHI to a law firm. The Authorization Form must include a specific description of the PHI to be disclosed, must identify the recipient of the PHI, and must include the dates which the Authorization covers. A log must be kept of all disclosures made under the Authorization. A patient may refuse to sign the Authorization. v. 05/15/2014

Business Associates Other individuals and organizations, who are NOT healthcare providers, may also have access to PHI. Examples include medical records storage companies, technical support vendors, etc. Note that other healthcare providers are not Business Associates. This would include hospital and clinical labs. All Business Associates must sign an Agreement promising to protect and safeguard PHI in same manner as the covered entity. v. 05/15/2014

HIPAA Security HIPAA Security focuses on PHI which is in electronic format, including computer systems, fax machines, answering machines, internet, CDs, medical equipment, etc. Security also focuses on building security for the protection of PHI. Use special care when handling PHI in electronic format. Do not throw away PHI in electronic format. Do not share passwords, keys, or other means of access with other employees. Be aware of building security regarding physical access, visitors, and emergency procedures. Report all suspected violations of Security policy to immediate supervisor or the Privacy Officer. v. 05/15/2014

HIPAA Enforcement HIPAA enforcement comes under CMS and Office of Civil Rights. For the most part, enforcement actions are complaint-driven. An individual patient generally has no private right to sue under HIPAA. There is no regular HIPAA audit program, but that is changing. All a provider’s employees and Business Associates are responsible for HIPAA and are thus subject to enforcement actions. There are civil penalties, usually fines, associated with HIPAA violations. v. 05/10/2012

Are you HIPPO compliant ?? HIPAA in a Nutshell Always protect and safeguard PHI. Help to create an atmosphere of privacy and professionalism when using PHI. Honor the rights of patients regarding their PHI. Use the proper forms as required under HIPAA. Remember that persons and organizations outside Jones Clinic may also access PHI and know the rules which govern this use. Remember that most violations of HIPAA are not intentional but are due to carelessness or sloppy work habits. Ask the Privacy Officer or your management team if you have questions about HIPAA. Report all violations of HIPAA as instructed. v. 05/15/2014