HIPAA Privacy for Pharma Audioconference 5/29/2002 pwC.

Slides:

Advertisements

Similar presentations

Advanced Issues in HIPAA Research Compliance The Sixth National HIPAA Summit March 27, 2003 Kim P. Gunter Senior Consultant.

Advertisements

SIMPLIFYING PRIVACY: HIPAA PRIVACY STANDARDS AND RESEARCH Angela M. Vieira General Counsel Childrens Hospital and Health Center June 5, 2004.

HIPAA Privacy Practices. Notice A copy of the current DMH Notice must be posted at each service site where persons seeking DMH services will be able to.

Presented by Elena Chan, UCSF Pharm.D. Candidate Tiffany Jew, USC Pharm.D. Candidate March 14, 2007 P HARMACEUTICAL C ONSULTANTS, I NC. P RO P HARMA HIPAA.

1 The Health Insurance Portability and Accountability Act (HIPAA) A guided tutorial for GVSU employees.

HIPAA Basics Brian Fleetham Dickinson Wright PLLC.

HIPAA: Privacy, Security, and HITECH, Oh My! Presented by Stephanie L. Ganucheau, Special Assistant Attorney General.

HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.

HIPAA Privacy Rule Training

National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.

HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

P E N N S Y L V A N I A C O A L I T I O N A G A I N S T D O M E S T I C V I O L E N C E P E N N S Y L V A N I A C O A L I T I O N A G A I N S T RAPE HIPAA.

What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna

Reviewing the World of HIPAA Stephanie Anderson, CPC October 2006.

HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.

COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.

HIPAA THE PRIVACY RULE Reviewed December HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti-

Are you ready for HIPPO??? Welcome to HIPAA

August 10, 2001 NESNIP PRIVACY WORKGROUP HIPAA’s Minimum Necessary Standard Presented by: Mildred L. Johnson, J.D.

HIPAA Compliance Strategies for Employers, METs, MEWAs and Taft Hartley Union Trust Funds The HIPAA Colloquium at Harvard University Presented by: Melissa.

HIPAA – Health Insurance Portability & Accountability Act and the Privacy Act MSgt Nechele M. Chambers Senior Enlisted Liaison TRICARE Area Office-Europe.

Notice of Privacy Practices Nebraska SNIP Privacy Subgroup July 18, 2002 Michael J. Brown, MHA, CPA Vice-President, Administrative & Regulatory Affairs,

HIPAA PRIVACY AND SECURITY AWARENESS.

“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.

HIPAA The Privacy Rule Health Insurance Portability and Accountability Act of 1996 (HIPAA) The 104 th Congress passed the Act, Public Law ,

PricewaterhouseCoopers Transaction Compliance Date Extension & Privacy Standards NPRM Audioconference April 19, 2002 HIPAA Administrative Simplification.

Office of the Secretary Office for Civil Rights (OCR) Indian Health Service HIPAA Training Hosted by the Aberdeen Area Office July 24, 2012.

Health Insurance Portability and Accountability Act (HIPAA)

“HIPAA Beyond April 14, 2003” n “BUILDING HIPAA COMPLIANCE” Beyond April 14, 2003”

Computerized Networking of HIV Providers Workshop Data Security, Privacy and HIPAA: Focus on Privacy Joy L. Pritts, J.D. Assistant Research Professor Health.

HIPAA – How Will the Regulations Impact Research?.

HIPAA’s Medical Privacy Standards: The Long and Really Winding Road Michael D. Bell, Esq. Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C. Washington,

HIPAA Michigan Cancer Registrars Association 2005 Annual Educational Conference Sandy Routhier.

© 2009 The McGraw-Hill Companies, Inc. All rights reserved. 1 McGraw-Hill Chapter 2 The HIPAA Privacy Standards HIPAA for Allied Health Careers.

Speak HIPAA Like a Native A Guide to Common HIPAA Nomenclature University of Miami Ethics Programs.

Health Insurance Portability and Accountability Act (HIPAA) CCAC.

Health Insurance Portability and Accountability Act of 1996 HIPAA Privacy Training for County Employees.

Understanding HIPAA (Health Insurandce Portability and Accountability Act)

PricewaterhouseCoopers 1 Administrative Simplification: Privacy Audioconference April 14, 2003 William R. Braithwaite, MD, PhD “Doctor HIPAA” HIPAA Today.

HIPAA PRACTICAL APPLICATION WORKSHOP Orientation Module 1B Anderson Health Information Systems, Inc.

HIPAA THE PRIVACY RULE. 2 HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti- depressant medications.

Rhonda Anderson, RHIA, President  …is a PROCESS, not a PROJECT 2.

Copyright ©2014 by Saunders, an imprint of Elsevier Inc. All rights reserved 1 Chapter 02 Compliance, Privacy, Fraud, and Abuse in Insurance Billing Insurance.

HIPAA Privacy The Morning After Panel What do we do now? William R. Braithwaite, MD, PhD (moderator) Washington, DC Ross Hallberg, Corporate Compliance.

PricewaterhouseCoopers 1 Administrative Simplification: Strategic Thinking in Compliance National HIPAA Summit Washington, DC April 25, 2002 William R.

Health Insurance portability and Accountability Act (HIPAA)‏

PricewaterhouseCoopers 1 Administrative Simplification: Privacy, Security, and Compliance NCHCC Washington, DC February 6, 2003 William R. Braithwaite,

Roundtable on Privacy in Transition: Is Privacy Policy Working in the Healthcare Sector?

HIPAA Overview Why do we need a federal rule on privacy? Privacy is a fundamental right Privacy can be defined as the ability of the individual to determine.

HIPAA Privacy Rule Positive Changes Affecting Hospitals’ Implementation of the Rule.

PwC Issues in HIPAA Research Compliance William R. Braithwaite, MD, PhD “Dr. HIPAA” HIPAA Summit 6 Washington, DC 27 March 2003.

1 Administrative Simplification: The Last Word National HIPAA Summit 8 Baltimore, MD March 9, 2004 William R. Braithwaite, MD, PhD “Doctor HIPAA”

The Medical College of Georgia HIPAA Privacy Rule Orientation.

Final HIPAA Privacy Rule: The Research Provisions Julie Kaneshiro DHHS Office for Human Research Protections Phone: Fax:

HIPAA Training Workshop #3 Individual Rights Kaye L. Rankin Rankin Healthcare Consultants, Inc.

HIPAA Privacy Rule Training

What is HIPAA? HIPAA stands for “Health Insurance Portability & Accountability Act” It was an Act of Congress passed into law in HEALTH INSURANCE.

The HIPAA Privacy Rule: Implications for Medical Research

HIPAA CONFIDENTIALITY

HIPAA Administrative Simplification

HIPAA PRIVACY AWARENESS, COMPLIANCE and ENFORCEMENT

Disability Services Agencies Briefing On HIPAA

HIPAA Administrative Simplification

HIPAA Privacy and Security Summit 2018 HIPAA Privacy Rule: Compliance Plans, Training, Internal Audits and Patient Rights Widener University Delaware.

National Congress on Health Care Compliance

Issues in HIPAA Research Compliance

Analysis of Final HIPAA Privacy Modification Rule

HIPAA Privacy and Security Update - 5 Years After Implementation

Presentation transcript:

HIPAA Privacy for Pharma Audioconference 5/29/2002 pwC

2 Faculty Bill Braithwaite, MD, PhD, Director in National HIPAA Practice PricewaterhouseCoopers LLP Washington, DC Julie Kaneshiro, Senior Policy Analyst HHS Office for Human Research Protections Rockville, MD Kevin D. Lyles, Esq., Partner Jones, Day, Reavis & Pogue Columbus, OH Jean-Paul Hepp, PhD, Director, Global Privacy Pharmacia Corporation Peapack, NJ

3 Audioconference Agenda 1:00 pm Introduction 1:05 pm Overview (Bill) 1:10 pm Update on Privacy and the Impact on the Pharmaceutical Sector (Bill) 1:20 pm Impact of HIPAA on Clinical Research (Julie) 1:40 pm Business Associates and other Legal Issues (Kevin) 1:55 pm The Privacy Officers Perspective (Jean Paul) 2:10 pm Questions for the Panel 2:30 pm Adjournment

4 Overview of Audioconference Sponsored by PwC Agenda and Faculty Materials posted on: Problems? Get materials by ing: CME credits in 17 categories: complete application and evaluation forms from CE page.

5 Update on HIPAA Privacy

6 HIPAA Requirements for Privacy “Standards with respect to the privacy of individually identifiable health information …” Final Rule published 12/28/2000 Guidance issued 7/6/01. Compliance required 4/14/2003. Modifications proposed in NPRM 3/27/02. –Proposals decrease administrative burden on providers. –No change in compliance date. –Final rule with modifications expected by October 2002.

7 5 Principles of Fair Info Practices Openness Existence and purpose of record-keeping systems must be publicly known. Individual Participation Individual right to see records and assure quality of information. –accurate, complete, and timely. Security Reasonable safeguards for confidentiality, integrity, and availability of information. Accountability Violations result in reasonable penalties and mitigation. Limits on Collection, Use, and Disclosure of Information: Collected only with knowledge and permission of subject. Used only in ways relevant to the purpose for which the data was collected. Disclosed only with permission of subject or legal authority.

8 Rule #1: Don’t surprise the patient!!!

9 Key Points in Privacy Rules Required disclosures are limited to: Disclosures to the individual who is the subject of information. Disclosures to OCR to determine compliance. All other uses and disclosures in the Rule are permissive; i.e., information may be used only if specifically allowed in the rules. Covered entities can provide greater protections if they want (for competitive edge).

10 Uses and Disclosures Allowed: For Treatment, Payment, & Healthcare Operations (TPO) under prior written consent. Pursuant to and in compliance with a written, revocable authorization. For directory and involvement in care purposes where individual has the opportunity to agree to or prohibit or restrict the use or disclosure. For specific listed and controlled purposes generally in the public interest required by law, public health, abuse, oversight, law enforcement, threats, research, …

11 Individual’s Rights Individuals have the right to: A written notice of information practices from health plans and providers. Inspect and obtain a copy of their PHI. Obtain an accounting of disclosures. Amend their records. Request restrictions on uses and disclosures. Accommodation of reasonable communication requests. Complain to the covered entity and to HHS.

12 Administrative Requirements Flexible & scalable. Good structure for privacy program. Covered entities are required to: Designate a privacy official. Develop policies and procedures (P&P) –including for receiving requests for restrictions & complaints. Provide privacy training on those P&P to its workforce. Develop a system of sanctions for employees who violate the entity’s policies. Meet documentation requirements.

13 Privacy NPRM Proposed Modifications A. Uses and Disclosures for Treatment, Payment, and Health Care Operations 1. Consent 2. Disclosures for treatment, payment, or health care operations of another entity B. Notice of Privacy Practices for Protected Health Information C. Minimum Necessary and Oral Communications D. Business Associates E. Uses and Disclosures of Protected Health Information for Marketing F. Parents as Personal Representatives of Unemancipated Minors G. Uses and Disclosures for Research Purposes 1. Institutional Review Board (IRB) or Privacy Board Approval of a Waiver of Authorization 2. Research Authorizations 3. Research Transition Provisions H. Uses and Disclosures For Which Authorization Is Required I. De-Identification of Protected Health Information J. Technical Corrections and Other Clarifications

14 General Impact of HIPAA Privacy No Single Standard for Privacy HIPAA preempts or supercedes all “contrary” state laws. Exceptions: –HHS determination that State law accomplishes social responsibilities (fraud & abuse, industry oversight, health & safety). –Public health reporting. –State privacy law that has: –More restrictive use/disclosure rules. –Greater rights for individuals. HIPAA is a national floor for privacy. Different privacy environment in each state. –No ERISA preemption May Exacerbate Liability HIPAA raises industry’s “standard of care” in tort claims. New contractual and consumer protection theories based on –the terms of HIPAA, –Gramm-Leach-Bliley and –internet notices, policies, procedures, and authorizations. HIPAA increases awareness, media coverage and enforcement of a complex patchwork of laws, rules and standards. –forces everyone to get control of their channels through which individual health information flows.

15 Impact on Pharmaceutical Sector Availability of Information for Research New rules for clinical research, IRBs, de-identification Fear of liability may limit willingness of information providers Pharmacy Benefit Manager (Clearinghouse or BA) Limits on what can be done with PHI Limits on Information for Marketing to Patients Patients may have to be told when communications are remunerated. Employer Health Benefit Plans (ERISA) May need to make changes as HIPAA covered entities

16 Resources Administrative Simplification Web Site: –posting of law, process, regulations, and comments. instructions to join Listserv to receive notification of events related to HIPAA regulations. submission of rule interpretation questions. National Committee on Vital and Health Statistics ncvhs.hhs.gov Centers for Medicare and Medicaid Services Workgroup on Electronic Data Interchange snip.wedi.org

Pwc