HIPAA Privacy Rule Implementation Status Report Richard M. Campanelli, J.D. Director, Office for Civil Rights Before the The Tenth National HIPAA Summit.

Slides:



Advertisements
Similar presentations
The HIPAA Privacy Rule And Its Impact On Agents And Employers National Association of Health Underwriters Capitol Conference March 23, 2003 Joseph T. Holahan,
Advertisements

Procedural Safeguards
HIPAA Privacy Practices. Notice A copy of the current DMH Notice must be posted at each service site where persons seeking DMH services will be able to.
Responding to Subpoenas and Law Enforcement Demands for PHI: An Overview Janet A. Newberg Chair, Health Law Section Felhaber Larson Fenlon & Vogt, P.A.
Frequently Asked Questions…. …about HIPAA Notice of Privacy Practices and Acknowledgement.
Steps to Compliance: Managing Business Associates PRESENTED BY.
HIPAA and Public Health 2007 Epi Rapid Response Team Conference.
NATIONAL FORUM ON YOUTH VIOLENCE PREVENTION: HIPAA PRIVACY RULE CONSIDERATIONS November 1, 2011 Iliana L. Peters, JD, LLM HHS Office for Civil Rights.
Presented by Jennifer Coughlin Eugene, Oregon April 10, 2013.
Confidentiality and HIPAA
National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.
The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
NAU HIPAA Awareness Training
1 Louisiana Department of Health and Hospitals Basic HIPAA Privacy Training: Policies and Procedures 01/09/
North Carolina State University Health Information Privacy 4/16/03.
WHAT IS HIPAA? The Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides certain protections for any of your health information.
TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.
Copyright 2006 Rubin Law Firm, LLC Drafting HIPAA Compliant Subpoenas & Discovery Presented by:RACHEL B. RUBIN Kansas Bar Association Annual Meeting June.
HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.
COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.
Jill Moore April 2013 HIPAA Update: New Rules, New Challenges.
Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.
Business Associate Contracts: Time Is Running Out... Rebecca L. Williams, RN, JD Partner Davis Wright Tremaine LLP Seattle, WA
August 10, 2001 NESNIP PRIVACY WORKGROUP HIPAA’s Minimum Necessary Standard Presented by: Mildred L. Johnson, J.D.
March 19, 2009 Changes to HIPAA Privacy and Security Requirements Joel T. Kopperud Scott A. Sinder Rhonda M. Bolton.
Version 6.0 Approved by HIPAA Implementation Team April 14, HIPAA Learning Module The following is an educational Powerpoint presentation on the.
1 Sixth National HIPAA Summit The Health Lawyer as Business Associate March 28, 2003 Session VI 3:00 pm Gerald E. DeLoss, Esquire Barnwell Whaley Patterson.
HIPAA Health Insurance Portability & Accountability Act of 1996.
Implementing and Enforcing the HIPAA Privacy Rule.
Notice of Privacy Practices Nebraska SNIP Privacy Subgroup July 18, 2002 Michael J. Brown, MHA, CPA Vice-President, Administrative & Regulatory Affairs,
HIPAA Trading Partners, Legal Relationships October 2, 2001 presented by Peter B. Goldstein, Esq. Cap Gemini Ernst & Young, US LLC.
HIPAA PRIVACY AND SECURITY AWARENESS.
HIPAA The Privacy Rule Health Insurance Portability and Accountability Act of 1996 (HIPAA) The 104 th Congress passed the Act, Public Law ,
1 Disclosures © HIPAA Pros 2002 All rights reserved.
Confidentiality, Consents and Disclosure Recent Legal Changes and Current Issues Presented by Pam Beach, Attorney at Law.
Office of the Secretary Office for Civil Rights (OCR) Indian Health Service HIPAA Training Hosted by the Aberdeen Area Office July 24, 2012.
Health Insurance Portability and Accountability Act (HIPAA)
Compliance and Enforcement of the Privacy Rule. HHS/OCR February/March Compliance Date  April 14, 2003 – Compliance for all but small health plans.
1 Copyright © 2011, 2007, 2003, 1999 by Saunders, an imprint of Elsevier Inc. All rights reserved. Privacy in the Physician’s Office Chapter 17.
Computerized Networking of HIV Providers Workshop Data Security, Privacy and HIPAA: Focus on Privacy Joy L. Pritts, J.D. Assistant Research Professor Health.
© 2009 The McGraw-Hill Companies, Inc. All rights reserved. 1 McGraw-Hill Chapter 2 The HIPAA Privacy Standards HIPAA for Allied Health Careers.
Health Insurance Portability and Accountability Act (HIPAA) CCAC.
Advanced Issues in Privacy: Drafting and Negotiating Business Associate Contracts Thomas E. Jeffry, Jr. Partner Davis Wright Tremaine LLP Los Angeles,
Health Insurance Portability and Accountability Act of 1996 HIPAA Privacy Training for County Employees.
PricewaterhouseCoopers 1 Administrative Simplification: Privacy Audioconference April 14, 2003 William R. Braithwaite, MD, PhD “Doctor HIPAA” HIPAA Today.
HIPAA PRACTICAL APPLICATION WORKSHOP Orientation Module 1B Anderson Health Information Systems, Inc.
HIPAA THE PRIVACY RULE. 2 HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti- depressant medications.
Rhonda Anderson, RHIA, President  …is a PROCESS, not a PROJECT 2.
A Professional Corporation Stinson, Mag & Fizzell (402) Business Associates 101 Jennifer Wolfe Jerram, B.S.N., J.D.
C HAPTER 34 Code Blue Health Sciences Edition 4. Confidentiality of sensitive information is an important issue in healthcare. Breaches of confidentiality.
HIPAA Privacy Rules: What Are Plan Sponsors Required to Do?
1 Privacy Plan of Action © HIPAA Pros 2002 All rights reserved.
Final PRIVACY RULE Presentation by Richard Campanelli, Director OCR/HHS at 5 th National HIPAA Summit Washington, D.C. October 31, 2002.
Office of the Secretary Office for Civil Rights (OCR) Enforcement and Policy Challenges in Health Information Privacy Linda Sanches HIPAA Summit Special.
WHAT GUARDIANSHIP ATTORNEYS SHOULD KNOW BY RACHEL ANNE BROOKS MARCH 15, 2016 Health Care Privacy.
Disclaimer This presentation is intended only for use by Tulane University faculty, staff, and students. No copy or use of this presentation should occur.
HIPAA Training Workshop #3 Individual Rights Kaye L. Rankin Rankin Healthcare Consultants, Inc.
Section 1557 of the Affordable Care Act
HIPAA CONFIDENTIALITY
HIPAA Administrative Simplification
HOGAN & HARTSON, L.L.P. “Publications” “Health”
HIPAA Pros - Disclosures
National Congress on Health Care Compliance
Enforcement and Policy Challenges in Health Information Privacy
The Health Insurance Portability and Accountability Act
Compliance and Enforcement of the Privacy Rule
HIPAA Do’s and Don'ts: What is Really Behind Protected Health Information (PHI) and Health Care Privacy Rules Paul Sisler, Director, Information Services;
South Jordan City Fire Department
Presentation transcript:

HIPAA Privacy Rule Implementation Status Report Richard M. Campanelli, J.D. Director, Office for Civil Rights Before the The Tenth National HIPAA Summit April 8, 2005

2 Status of Complaints (Through March 31, 2005)  11,920 logged in nationally, 65% already closed  Most common closure reasons: –Non-jurisdictional (Not Covered Entity or Violation alleged predated 4/14/2003) –Allegation not prohibited by the Privacy Rule –Matter was resolved through voluntary compliance and technical assistance

3 Entities Most Complained Against (as of 3/31/2005)  Private Practices  General Hospitals  Pharmacies  Outpatient Facilities  Group Health Plans

4 Common Allegations (through March 31, 2005)  Impermissible Uses/Disclosures  Inadequate safeguards  Access to records denied or charged excessive fees  Failure to adhere to minimum necessary procedures  Failure to obtain a valid authorization where one is required

5 Disclosing PHI in Litigation  Permitted uses/disclosures of PHI for litigation include, for example: –Required by law (e.g., court-ordered) –Payment (e.g., collection action) –With individual’s authorization –§ (e)—judicial and administrative proceedings –For covered entity’s (CE) health care operations

6 Disclosing PHI in Litigation Whether litigation uses and disclosures fall under § (e) or health care operations (hco) depends on whether the covered entity is a party to the proceeding - CE non-party: § (e) - CE party: health care operations

7 Disclosing PHI in Litigation: CE as Non-Party  When CE is a non-party, it may disclose PHI for judicial or administrative proceedings if in response to: –Order of a court or administrative tribunal –Subpoena, discovery request, or other lawful process, on satisfactory assurance of notice or qualified protective order

8 Satisfactory Assurances: Non-Party CE Disclosures  Documentation that notice was provided to the individual’s lawyer is sufficient  Copy of subpoena/other request may be sufficient if on its face it shows –Adequate notice was provided Sufficient detail to allow objections –Time for objections lapsed without objection, or all objections resolved

9 Disclosing PHI in Litigation: CE as a Party When CE is a party to the proceeding, it may use or disclose PHI for litigation as part of its health care operations

10 Disclosing PHI in Litigation  Minimum necessary applies –CE may reasonably rely on lawyer’s minimum necessary representation when sharing information with lawyer who is workforce or business associate –Lawyer, as workforce or business associate, must apply minimum necessary to its disclosures

11 Lawyers and Minimum Necessary  When lawyer discloses minimum necessary PHI, depending on context, it may mean something more than mere relevance, e.g., –De-identification –Stripping direct identifiers –Removing certain health or treatment information not pertinent to issue raised in litigation

12 Lawyer/BAs and their Agents  BA contract requires BA/lawyers to ensure that their agents or subcontractors protect privacy, just as the lawyer must. –Includes 3rd parties that further lawyer’s legal services to CE, e.g., other legal counsel, jury consultants, file managers, investigators, litigation support personnel –Does not include opposing counsel, fact witness, others not assisting lawyer in providing legal services to client

13 Using and Disclosing PHI to an Interpreter  When interpreter is - Workforce member of CE or - BA of CE No authorization of the individual is required

14 Interpreter Identified by Individual  When interpreter is identified by individual as involved in care, CE may - Ascertain that individual agrees or does not object to disclosure to interpreter or - Exercising professional judgment, reasonably infer from the circumstances that individual does not object to disclosure to interpreter

15 Application in Provider Setting  No employee, volunteer or contractor is available to competently interpret for an individual - Provider identifies and contacts a telephone interpreter service - Interpreter explains to patient that interpreter is available to assist  From context, provider may judge whether individual wants this assistance (§ (b))  Provider may then reasonably infer that individual does not object to disclosure of PHI to interpreter

16 Title VI of Civil Rights Act of 1964  Covered entities may also have obligations under Title VI of the Civil Rights Act of 1964 to take reasonable steps to provide meaningful access to LEP persons  Consult OCR’s guidance on Title VI obligations to LEP persons for important discussion of other considerations in providing language services

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.