HIPAA HIPAA Health Insurance Portability and Accountability Act of 1996.

Slides:



Advertisements
Similar presentations
1 The Health Insurance Portability and Accountability Act (HIPAA) A guided tutorial for GVSU employees.
Advertisements

HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.
HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.
HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website:
Confidentiality and HIPAA
HIPAA Privacy Rule Training
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) ; Victoria Nemerson.
HIPAA Health Insurance Portability and Accountability Act.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
NAU HIPAA Awareness Training
HIPAA Health Insurance Portability and Accountability Act 1.
WHAT IS HIPAA? The Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides certain protections for any of your health information.
HIPAA Privacy Keys to Success Education for Nursing and all other Clinical Students Effective January 2010 HIPAA Job Specific Education1.
© 2009 The McGraw-Hill Companies, Inc. All rights reserved 3-1 LEGAL AND ETHICAL ISSUES in Medical Practice, Including HIPAA PowerPoint® presentation.
Reviewing the World of HIPAA Stephanie Anderson, CPC October 2006.
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.
 The Health Insurance Portability and Accountability Act of  Federal Law designed to protect sensitive information.  HIPAA violations are enforced.
HIPAA Job Specific Education1 HIPAA Privacy Keys to Success Education for Students Updated February 2010.
Are you ready for HIPPO??? Welcome to HIPAA
HIPAA How can you maintain patient privacy and confidentiality? General Medicine LCCA.
HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.
HIPAA Health Insurance Portability & Accountability Act of 1996.
HIPAA – Health Insurance Portability & Accountability Act and the Privacy Act MSgt Nechele M. Chambers Senior Enlisted Liaison TRICARE Area Office-Europe.
The University of Kansas Medical Center Shadow Experience Training.
Protected Health Information (PHI). Privileged Communication An exchange of information between two individuals in a confidential relationship. (Examples:
1 VUMC Confidentiality Policy and HIPAA Implications for Clinical Research General Clinical Research Center Skills Workshop March 2, 2007 Gaye Smith Privacy.
HIPAA PRIVACY AND SECURITY AWARENESS.
HIPAA The Privacy Rule Health Insurance Portability and Accountability Act of 1996 (HIPAA) The 104 th Congress passed the Act, Public Law ,
HIPAA OBJECTIVES  Define HIPAA  Define PHI  Use of PHI  Your rights  Your responsibilities.
1 HIPAA OVERVIEW ETSU. 2 What is HIPAA? Health Insurance Portability and Accountability Act.
Health Insurance Portability and Accountability Act (HIPAA)
PRIVACY AND HIPAA THE RIGHT THING TO DO. WHAT’S WRONG WITH THIS PICTURE? ? “ Did you hear that Jane from the 5 th floor is in the hospital?” “No!! Let’s.
Computerized Networking of HIV Providers Workshop Data Security, Privacy and HIPAA: Focus on Privacy Joy L. Pritts, J.D. Assistant Research Professor Health.
HIPAA Michigan Cancer Registrars Association 2005 Annual Educational Conference Sandy Routhier.
Medical Law and Ethics, Third Edition Bonnie F. Fremgen Copyright ©2009 by Pearson Education, Inc. Upper Saddle River, New Jersey All rights reserved.
Speak HIPAA Like a Native A Guide to Common HIPAA Nomenclature University of Miami Ethics Programs.
Building a Privacy Foundation. Setting the Standard for Privacy Health Insurance Portability and Accountability Act (HIPAA) Patient Bill of Rights Federal.
Health Insurance Portability and Accountability Act (HIPAA) CCAC.
Health Insurance Portability and Accountability Act of 1996 HIPAA Privacy Training for County Employees.
Understanding HIPAA (Health Insurandce Portability and Accountability Act)
© 2013 The McGraw-Hill Companies, Inc. All rights reserved. Ch 8 Privacy Law and HIPAA.
HIPAA BASIC TRAINING Presented by Anderson Health Information Systems, Inc.
HIPAA BASIC TRAINING MODULE 1C – Overview (For staff who do not generally create Protected Health Information) Anderson Health Information Systems, Inc.
Copyright ©2014 by Saunders, an imprint of Elsevier Inc. All rights reserved 1 Chapter 02 Compliance, Privacy, Fraud, and Abuse in Insurance Billing Insurance.
C HAPTER 34 Code Blue Health Sciences Edition 4. Confidentiality of sensitive information is an important issue in healthcare. Breaches of confidentiality.
Welcome….!!! CORPORATE COMPLIANCE PROGRAM Presented by The Office of Corporate Integrity 1.
HIPAA A Sea of Confusion, A Wave of the future and A High Tide of Confidentiality.
HIPAA Overview Why do we need a federal rule on privacy? Privacy is a fundamental right Privacy can be defined as the ability of the individual to determine.
CH 10. Confidentiality A. Confidentiality about sensitive medical information is necessary to preserve the patient’s dignity. B. In order to receive payment.
Human Subjects Update E. Wethington, Chair, UCHS.
Table of Contents. Lessons 1. Introduction to HIPAA Go Go 2. The Privacy Rule Go Go.
HIPAA for Students Health Insurance Portability and Accountability Act.
 Health Insurance and Accountability Act Cornelius Villalon Jr.
HIPAA TRIVIA Do you know HIPAA?. HIPAA was created by?  The Affordable Care Act  Health Insurance companies  United States Congress  United States.
HIPAA Training. What information is considered PHI (Protected Health Information)  Dates- Birthdays, Dates of Admission and Discharge, Date of Death.
The Medical College of Georgia HIPAA Privacy Rule Orientation.
What is HIPAA? Health Insurance Portability and Accountability Act of HIPAA is a major law primarily concentrating on the prolongation of health.
The Health Insurance Portability and Accountability Act (HIPAA) requires Plumas County to train all employees in covered departments about the County’s.
Health Insurance Portability and Accountability Act of 1996
HIPAA Privacy & Security
What is HIPAA? HIPAA stands for “Health Insurance Portability & Accountability Act” It was an Act of Congress passed into law in HEALTH INSURANCE.
Health Advocate HIPAA Privacy Information
HIPAA PRIVACY AWARENESS, COMPLIANCE and ENFORCEMENT
Disability Services Agencies Briefing On HIPAA
HIPAA Privacy & Security
Presentation transcript:

HIPAA HIPAA Health Insurance Portability and Accountability Act of 1996

What is HIPAA? Enacted August 21, 1996 Enacted August 21, 1996 Title I Title I Protects people who lose insurance coverage, lose jobs, or change jobs and wish to continue health insurance coverage Protects people who lose insurance coverage, lose jobs, or change jobs and wish to continue health insurance coverage Title II Title II Protects health data privacy Protects health data privacy Established national standards for compliance Established national standards for compliance Protects against fraud Protects against fraud

Protected Health Information “The Office for Civil Rights enforces the HIPAA Privacy Rule, which protects the privacy of individually identifiable health information; the HIPAA Security Rule, which sets national standards for the security of electronic protected health information; and the confidentiality provisions of the Patient Safety Rule, which protect identifiable information being used to analyze patient safety events and improve patient safety.” “The Office for Civil Rights enforces the HIPAA Privacy Rule, which protects the privacy of individually identifiable health information; the HIPAA Security Rule, which sets national standards for the security of electronic protected health information; and the confidentiality provisions of the Patient Safety Rule, which protect identifiable information being used to analyze patient safety events and improve patient safety.” HHS, 2012 HHS, 2012

Why the need for privacy and security act????

The privacy provisions of the federal law, HIPAA apply to heath information created or maintained by health care providers who engage in certain electronic transactions, health plans and health care clearinghouses. The Department of Health and Human Services (HHS) has issued the regulation, “Standard for Privacy of Individually Identifiable Health Information” The Office for Civil Rights (OCR) is the Departmental component responsible for implementing and enforcing the privacy regulation

A health care provider who transmits health or mental health information in electronic transactions. For example, a physician who electronically bills for services. A health plan A health care clearinghouse Concorde is a Hybrid Entity A Hybrid Entity means a single legal entity that is a covered entity, performs business activities that include both covered and non- covered functions, and designates its health care components as provided in the Privacy Rule (45 C.F.R. § ).

Who uses Protected Health Information (PHI) at Concorde? Everyone who uses a computer or electronic device which store or transmits information Such as: Administrative staff that work with PHI Externship Clinics Campus Staff that work in Clinical areas Student that work with patients Accounting Payroll Staff Volunteers Almost everyone at one time or another

Confidentiality and Privacy Confidentiality and Privacy go hand-in-hand and patients have the right to control who sees their protected health information. Confidentiality and Privacy go hand-in-hand and patients have the right to control who sees their protected health information. Communications with and/or about patients protected health information will be kept private and limited to those who need to know information for payment, treatment and operations (PTO). Communications with and/or about patients protected health information will be kept private and limited to those who need to know information for payment, treatment and operations (PTO). These communication may be written, oral or in electronic form. These communication may be written, oral or in electronic form. Only those people with a need to know may have access to the protected information. Only those people with a need to know may have access to the protected information.

Protected Health Information PHI Protected Health Information is any information used to identify the patient such as… Protected Health Information is any information used to identify the patient such as… address address social security number social security number name name … it also includes information about the patients reason for being in the hospital, clinic, medications and treatments they are receiving and their complete health record

PHI is used to treat, to bill and receive payment for services and for internal controls of hospital/clinic operations. This is all outlined in the Notice of Privacy Practices (NOPP). Each patient is given a copy upon admission to any facility. PHI may only be shared with entities outside of the facility who already had a direct relationship with the patient. Such as their primary care provider, an ambulance company that transported the patient between facilities, and the insurance company who is on record and responsible for the bill. Beyond that, a valid authorization from the patient or the patients legal documented representative must be provided. Release of medical record information should be handled through the Health Information Management Department.

Who is authorized to see this information? Any physician who is treating the patient Any physician who is treating the patient Any care giver who needs the information to perform their job Any care giver who needs the information to perform their job This means “Need to Know” Only the portion of the chart that is needed for a specific job function with that patient may be accessed This means “Need to Know” Only the portion of the chart that is needed for a specific job function with that patient may be accessed

How to protect information? Be mindful when discussing patient information out in open areas Be mindful when discussing patient information out in open areas Sign off your computer when not in use and not at your desk Sign off your computer when not in use and not at your desk Knock on doors before entering a room Knock on doors before entering a room Keep patient information out of public view Keep patient information out of public view Keep medical records locked and away Keep medical records locked and away Treatments should be carried out in private areas Treatments should be carried out in private areas Discussions about patient financial information should be done in a private area Discussions about patient financial information should be done in a private area Never discuss patient information in elevators and public dining rooms Never discuss patient information in elevators and public dining rooms

cont. Do not release information without proper authorization to anyone unless covered by our NOPP Do not release information without proper authorization to anyone unless covered by our NOPP Contact the Facility Privacy Officer when ever you are in doubt and not sure of any privacy issue Contact the Facility Privacy Officer when ever you are in doubt and not sure of any privacy issue

HIPAA Violations Failure to comply with HIPAA standards may result in civil and criminal penalties Failure to comply with HIPAA standards may result in civil and criminal penalties

Civil Penalties The Health and Human Services Office for Civil Rights (OCR) is responsible for enforcing civil penalties. The Health and Human Services Office for Civil Rights (OCR) is responsible for enforcing civil penalties. Fines range from no more $100 for each violations and not more than $25,000. These are penalties against the covered entity

Criminal Penalties The Department of Justice (DOJ) is responsible for enforcing the criminal side and these fines imposed when a an entity knowingly discloses or obtains PHI. The Department of Justice (DOJ) is responsible for enforcing the criminal side and these fines imposed when a an entity knowingly discloses or obtains PHI. Fine $50,000 1 year prison Fine $50,000 1 year prison Knowingly obtain or disclose Knowingly obtain or disclose Fine $100,000 5 years prison Fine $100,000 5 years prison Obtain or disclose under false pretense Obtain or disclose under false pretense Fine $250, years prison Fine $250, years prison For profit, gain or harm obtain or disclose For profit, gain or harm obtain or disclose

Patient Authorization to Release A patient may sign an authorization for us to release their PHI for reason other than PTO A patient may sign an authorization for us to release their PHI for reason other than PTO The authorization must… The authorization must… * be signed and dated by patient or legally * be signed and dated by patient or legally authorized representative authorized representative * valid for 180 in the State of Texas * valid for 180 in the State of Texas * must provide reason for release * must provide reason for release * must state who information is to be released * must state who information is to be released to and address to and address * Can only be in writing and may be revoked by patient * Can only be in writing and may be revoked by patient In order to use a patient information to print in a newsletter, sell for marketing purposes or for research outside of our NOPP, we must obtain a valid written authorization Only the patient or legal representative may give this authorization, not their physician.

Privacy is everyone’s responsibility