Roundtable on Privacy in Transition: Is Privacy Policy Working in the Healthcare Sector?

Slides:



Advertisements
Similar presentations
Health IT & Privacy: Is there a path to consensus? Anyone today who thinks the privacy issue has peaked is greatly mistaken… we are in the early stages.
Advertisements

Todd Frech Ocius Medical Informatics 6650 Rivers Ave, Suite 137 North Charleston, SC Health Insurance Portability.
HIPAA Privacy Practices. Notice A copy of the current DMH Notice must be posted at each service site where persons seeking DMH services will be able to.
HIPAA Basics Brian Fleetham Dickinson Wright PLLC.
HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.
HIPAA Privacy Rule Training
Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.
National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) ; Victoria Nemerson.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.
Davis Wright Tremaine LLP Non-HIPAA Governmental Regulation of Healthcare Privacy and Security Sixteenth HIPAA Summit/The Privacy Symposium August 21,
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.
COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.
HIPAA THE PRIVACY RULE Reviewed December HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti-
Are you ready for HIPPO??? Welcome to HIPAA
Health IT Privacy and Security Policy Jodi Daniel, J.D., M.P.H. Director, Office of Policy and Research, Office of the National Coordinator for Health.
Health Insurance Portability & Accountability Act (HIPAA)
HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.
HIPAA Collaborative of Wisconsin PAYMENT, COLLECTIONS, AND ACCEPTED BENEFITS FURTHER DEFINITION OF THE PRIVACY RULE Copyright HIPAA Collaborative.
HIPAA PRIVACY AND SECURITY AWARENESS.
HIPAA The Privacy Rule Health Insurance Portability and Accountability Act of 1996 (HIPAA) The 104 th Congress passed the Act, Public Law ,
DSDS Quality Assurance Unit State of Alaska, Dept. of Health and Social Services Division of Senior and Disabilities Services (DSDS) Quality Assurance.
Computerized Networking of HIV Providers Workshop Data Security, Privacy and HIPAA: Focus on Privacy Joy L. Pritts, J.D. Assistant Research Professor Health.
Averting the Collision: Privacy Doctrine & Health Information Exchange Katherine L. Ball, MD, MSc William A. Yasnoff, MD, PhD, FACMI e-Health Initiative.
HIPAA Michigan Cancer Registrars Association 2005 Annual Educational Conference Sandy Routhier.
Privacy and the Civil Commitment Process Allyson K. Tysinger Assistant Attorney General June 4-5, 2008.
Medical Law and Ethics, Third Edition Bonnie F. Fremgen Copyright ©2009 by Pearson Education, Inc. Upper Saddle River, New Jersey All rights reserved.
Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill Chapter 6 The Privacy and Security of Electronic Health Information.
Health Insurance Portability and Accountability Act of 1996 HIPAA Privacy Training for County Employees.
© 2013 The McGraw-Hill Companies, Inc. All rights reserved. Ch 8 Privacy Law and HIPAA.
PricewaterhouseCoopers 1 Administrative Simplification: Privacy Audioconference April 14, 2003 William R. Braithwaite, MD, PhD “Doctor HIPAA” HIPAA Today.
FleetBoston Financial HIPAA Privacy Compliance Agnes Bundy Scanlan Managing Director and Chief Privacy Officer FleetBoston Financial.
HIPAA THE PRIVACY RULE. 2 HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti- depressant medications.
Policies for Information Sharing April 10, 2006 Mark Frisse, MD, MBA, MSc Marcy Wilder, JD Janlori Goldman, JD Joseph Heyman, MD.
Copyright ©2014 by Saunders, an imprint of Elsevier Inc. All rights reserved 1 Chapter 02 Compliance, Privacy, Fraud, and Abuse in Insurance Billing Insurance.
HIPAA Privacy The Morning After Panel What do we do now? William R. Braithwaite, MD, PhD (moderator) Washington, DC Ross Hallberg, Corporate Compliance.
C HAPTER 34 Code Blue Health Sciences Edition 4. Confidentiality of sensitive information is an important issue in healthcare. Breaches of confidentiality.
A Road Map to Research at Jefferson: HIPAA Privacy and Security Rules for Researchers Presented By: Privacy Officer/Office of Legal Counsel October 2015.
Welcome….!!! CORPORATE COMPLIANCE PROGRAM Presented by The Office of Corporate Integrity 1.
HIPAA Privacy for Pharma Audioconference 5/29/2002 pwC.
Copyright © 2015 by Saunders, an imprint of Elsevier Inc. All rights reserved. Chapter 3 Privacy, Confidentiality, and Security.
1 Changes to Privacy Regulations under ARRA May 4, 2009 Melissa Goldstein, J.D. The George Washington University School of Public Health and Health Services.
HIPAA Overview Why do we need a federal rule on privacy? Privacy is a fundamental right Privacy can be defined as the ability of the individual to determine.
PwC Issues in HIPAA Research Compliance William R. Braithwaite, MD, PhD “Dr. HIPAA” HIPAA Summit 6 Washington, DC 27 March 2003.
Human Subjects Update E. Wethington, Chair, UCHS.
1 Administrative Simplification: The Last Word National HIPAA Summit 8 Baltimore, MD March 9, 2004 William R. Braithwaite, MD, PhD “Doctor HIPAA”
Final PRIVACY RULE Presentation by Richard Campanelli, Director OCR/HHS at 5 th National HIPAA Summit Washington, D.C. October 31, 2002.
AND CE-Prof, Inc. January 28, 2011 The Greater Chicago Dental Academy 1 Copyright CE-Prof, Inc
HIPAA TRIVIA Do you know HIPAA?. HIPAA was created by?  The Affordable Care Act  Health Insurance companies  United States Congress  United States.
Disclaimer This presentation is intended only for use by Tulane University faculty, staff, and students. No copy or use of this presentation should occur.
The Health Insurance Portability and Accountability Act (HIPAA) requires Plumas County to train all employees in covered departments about the County’s.
HIPAA Training Workshop #3 Individual Rights Kaye L. Rankin Rankin Healthcare Consultants, Inc.
HIPAA Privacy Rule Training
Health Insurance Portability and Accountability Act of 1996
What is HIPAA? HIPAA stands for “Health Insurance Portability & Accountability Act” It was an Act of Congress passed into law in HEALTH INSURANCE.
HIPAA Administrative Simplification
HIPAA PRIVACY AWARENESS, COMPLIANCE and ENFORCEMENT
Disability Services Agencies Briefing On HIPAA
Health Care: Privacy in a Digital Age
National Congress on Health Care Compliance
HIPAA SECURITY RULE Copyright © 2008, 2006, 2004 by Saunders an imprint of Elsevier Inc. All rights reserved.
Enforcement and Policy Challenges in Health Information Privacy
Issues in HIPAA Research Compliance
Non-HIPAA Governmental Regulation of Healthcare Privacy and Security
HIPAA Privacy and Security Update - 5 Years After Implementation
Presentation transcript:

Roundtable on Privacy in Transition: Is Privacy Policy Working in the Healthcare Sector?

22 Gerry Hinkley, Moderator Bill Braithwaite Karen Grant Deborah Peel Michael Phillips~Linda Sanches~Jodi G. Daniel

33 William R. "Bill" Braithwaite, MD, PhD, FACMI Chief Medical Officer Anakam Inc. Washington, DC Overview of HIPAA Privacy Rule Principles and Issues

44 Principles of Fair Information Practice  Notice  Existence and purpose of record-keeping systems must be known.  Choice – information is:  Collected only with knowledge and permission of subject.  Used only in ways relevant to the purpose for which the data was collected.  Disclosed only with permission or overriding legal authority.  Access  Subject has right to see records and assure quality of information.  Security  Reasonable safeguards for confidentiality, integrity, and availability of information.  Enforcement  Violations result in reasonable penalties and mitigation.

55 HIPAA Uses & Disclosures are Permissive  Required disclosures are limited to:  Disclosures to the individual who is the subject of information.  Disclosures to HHS to determine compliance.  All other uses and disclosures in the Rule are permissive.  Covered entities or states can provide greater protections if they want by preventing uses and disclosures that HIPAA allows.

66 HIPAA Uses & Disclosures are Limited  Limited to only what is permitted under 4 mechanisms in the Rule: 1.Treatment, payment, and health care operations (TPO) after notice and acknowledgement. 2.Uses and disclosures involving the individual’s care or directory assistance after opportunity to agree or object. 3.Specific public policy exceptions. 4.All others only when authorized by individual.  Procedural requirements protect patient confidentiality based on type of use or disclosure.

77 Controversial Areas of HIPAA Privacy Rule  Consent  Minimum Necessary  Disclosure Log  Marketing  Enforcement  Preemption  Positions were arrived at after reviewing rationale of over 53,000 public comments.

88 e.g., the ‘Consent’ Debate  One side: The information in the health record belongs to the patient. No information shall be used or disclosed to anyone without the explicit, informed consent of the patient.  Another side: Such a demand cannot be supported in the current healthcare system. It would stop healthcare in its tracks. Others also have valid rights to use and disclose patient information under appropriate protections  legal business record of provider, documentation of work for reimbursement, documentation of quality for certification, public health reporting, research to improve medical knowledge that benefits us all, …  HIPAA was a compromise: informed by Notice of Privacy Practices, patient Choice is assumed for permitted, limited uses and disclosures when patients seek care.

99 New Privacy Issues  New record handling entities are not covered by HIPAA.  Non-Covered Entities handling PHI in PHR and HIE  Banks handling PHI to pay medical expenses from HSA  New on-line services are not addressed.  BA chain to off-shore services  Marketing banners and pop-ups relating to PHI  New security risks must be countered.  Increasing theft of portable media and devices  Use of health information for identity theft  New technology must be considered.  Could enable patients to have more control of their information  New Laws must be monitored and complied with.  Federal v. State law  Regulations

10 Karen G. Grant Corporate Director, Health Information Services Partners Healthcare System, Inc. A Provider’s Perspective

11

12

13

14

15 Deborah C. Peel, M.D. Founder and Chair Patient Privacy Rights Coalition for Patient Privacy The Consumer Perspective

16 President Bush implemented the HHS HIPAA “Privacy Rule” which recognized the “right of consent”. HHS amended the HIPAA “Privacy Rule”, eliminating the “right of consent”. Congress passed HIPAA, but did not pass a federal medical privacy statute, so the Dept. of Health and Human Services (HHS) was required to develop regulations that specified patients’ rights to health privacy “… the Secretary of Health and Human Services shall submit to [Congress]…detailed recommendations on standards with respect to the privacy of individually identifiable health information.” “….a covered health care provider must obtain the individual’s consent, in accordance with this section, prior to using or disclosing protected health information to carry out treatment, payment, or health care operations.” “The consent provisions…are replaced with a new provision…that provides regulatory permission for covered entities to use and disclose protected health information for treatment, payment, healthcare operations.” Elimination of Consent

17

18 What does ‘privacy’ mean?  The NCVHS (June 2006, Report to Sec. Leavitt) defined health information privacy as “an individual’s right to control the acquisition, uses, or disclosures of his or her identifiable health data”. (Definition originally from the IOM)

19 “Anyone today who thinks the privacy issue has peaked is greatly mistaken…we are in the early stages of a sweeping change in attitudes that will fuel political battles and put once-routine business practices under the microscope.” Forrester Research an independent technology and market company that provides advice to global leaders in business and technology

20 Linda Sanches Senior Advisor HIPAA Privacy Outreach & Training Office of Civil Rights U.S. Dept. Health & Human Services Michael Phillips Health Insurance Specialist Office of E-Health Standards and Services CMS Jodi G. Daniel Director, Office of Policy and Research Office of the National Coordinator for Health Information Technology HHS’s Perspective

21 Questions for the Panel

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.