Presentation is loading. Please wait.

Presentation is loading. Please wait.

Final PRIVACY RULE Presentation by Richard Campanelli, Director OCR/HHS at 5 th National HIPAA Summit Washington, D.C. October 31, 2002.

Published byHannah Webster Modified over 8 years ago

Similar presentations

Presentation on theme: "Final PRIVACY RULE Presentation by Richard Campanelli, Director OCR/HHS at 5 th National HIPAA Summit Washington, D.C. October 31, 2002."— Presentation transcript:

1 Final PRIVACY RULE Presentation by Richard Campanelli, Director OCR/HHS at 5 th National HIPAA Summit Washington, D.C. October 31, 2002

2 2 Some of the Key Modifications to the Privacy Rule: August 14, 2002  Consent made voluntary & notice strengthened  Clearer rules for marketing uses of information  Permits incidental uses and disclosures with reasonable safeguards  Facilitates research activities  Simplifies and consolidates authorization requirements  Continues reporting of adverse events related to FDA regulated products/activities  Defers to state law on parental access to medical information of minors  Gives covered entities up to an additional year to conform business associate contracts

3 3 OCR HIPAA Privacy Resources  Available at: http://www.hhs.gov/ocr/hipaa/ http://www.hhs.gov/ocr/hipaa/  Resources include:  Complete Privacy Rule Text, as modified  Fact Sheets and Press Releases on modifications  Frequently Asked Questions about the Privacy Rule  Sample Business Associate Contract Provisions

4 4 Privacy Rule Modifications Uses and Disclosures for Treatment, Payment and Health Care Operations (TPO) Consent no longer mandated, but is permitted  Consent no longer mandated, but is permitted Voluntary consent permits providers to retain existing consent mechanisms Voluntary consent permits providers to retain existing consent mechanisms  PHI sharing allowed for treatment, payment, and quality related health care operations of others  Strengthened notice and right to request restrictions maintain values public attributed to consent

5 5 Privacy Rule Modifications Notice  Notice strengthened by requiring direct treatment providers to make good faith effort to get acknowledgement of receipt of notice preserves “initial moment” to discuss privacy issues preserves “initial moment” to discuss privacy issues emergency exception to good faith effortemergency exception to good faith effort  Otherwise retains Notice of information practices and individual rights at first service delivery for direct treatment providers

6 6 Privacy Rule Modifications Marketing Definition (1)  MARKETING IS: to make a communication that encourages a person to purchase or use a product or service to make a communication that encourages a person to purchase or use a product or service  MARKETING IS ALSO: Arrangements where covered entity is paid to disclose PHI to a 3rd party for that party to market its own products or services directly to individuals Arrangements where covered entity is paid to disclose PHI to a 3rd party for that party to market its own products or services directly to individuals  Authorization is always required for marketing, unless Communication is face-to-face or involves promotional gifts of nominal value Communication is face-to-face or involves promotional gifts of nominal value

7 7 Privacy Rule Modifications Marketing Definition (2)  MARKETING IS NOT a communication about : A covered entity’s own health-related products and services A covered entity’s own health-related products and services The individual’s treatment The individual’s treatment Care coordination, case management, or recommending treatment alternatives for an individual Care coordination, case management, or recommending treatment alternatives for an individual  Eliminates remuneration as condition for these exceptions

8 8 Privacy Rule Modifications Incidental Disclosures  Adds express permission to use/disclose PHI that is incidental to an otherwise permitted use or disclosure, provided minimum necessary and safeguard standards are met Allows for common practices if reasonably performedAllows for common practices if reasonably performed Examples: Talking to patient in semi-private room;Examples: Talking to patient in semi-private room; Talking to other providers if passers-by are present; Waiting room sign in sheets; Patient chart at bedside, etc.

9 9 Privacy Rule Compliance and Enforcement Compliance and Enforcement

10 10 Privacy Rule Compliance and Enforcement  Technical Assistance from OCR/HHS FAQs FAQs Privacy Rule Guidance Privacy Rule Guidance Sample Business Associate Contract Provisions Sample Business Associate Contract Provisions Technical assistance for targeted audiences, including patients Technical assistance for targeted audiences, including patients OCR website: http://www.hhs.gov/ocr/hipaa/ OCR website: http://www.hhs.gov/ocr/hipaa/ http://www.hhs.gov/ocr/hipaa/ Public education – conferences, seminars Public education – conferences, seminars Secretary’s Regional HIPAA Conferences Secretary’s Regional HIPAA Conferences

11 11 Privacy Rule Standards for Civil Money Penalties  CMPs may be imposed on a “person who violates a provision of this part.”  CMPs may not be more than – –$100/violation –$25,000/calendar year/same violation  CMPs may not be imposed if – –The act is punishable as criminal offense –HHS determines that the person “did not know, and by exercising reasonable diligence would not have known” of the violation, or –The failure to comply was due to reasonable cause and not willful neglect and is corrected in the 30-day cure period (or longer period as determined by Secretary)

Download ppt "Final PRIVACY RULE Presentation by Richard Campanelli, Director OCR/HHS at 5 th National HIPAA Summit Washington, D.C. October 31, 2002."

Similar presentations

Frequently Asked Questions…. …about HIPAA Notice of Privacy Practices and Acknowledgement.

Frequently Asked Questions…. …about HIPAA Notice of Privacy Practices and Acknowledgement.
“Reaching across Arizona to provide comprehensive quality health care for those in need” Our first care is your health care Arizona Health Care Cost Containment.

“Reaching across Arizona to provide comprehensive quality health care for those in need” Our first care is your health care Arizona Health Care Cost Containment.
1 The HIPAA Privacy Rule and Research This presentation will probably involve audience discussion, which will create action items. Use PowerPoint to keep.

1 The HIPAA Privacy Rule and Research This presentation will probably involve audience discussion, which will create action items. Use PowerPoint to keep.
HIPAA Basics November 1, 2014.

HIPAA Basics November 1, 2014.
HIPAA and Public Health 2007 Epi Rapid Response Team Conference.

HIPAA and Public Health 2007 Epi Rapid Response Team Conference.
Anne Arundel County Fire Department

Anne Arundel County Fire Department
HIPAA Privacy Rule Training

HIPAA Privacy Rule Training
North Carolina State University Health Information Privacy 4/16/03.

North Carolina State University Health Information Privacy 4/16/03.
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
Health Insurance Portability and Accountability Act (HIPAA) Presented by: APS Healthcare Southwestern PA Health Care Quality Unit (HCQU) December 2010.

Health Insurance Portability and Accountability Act (HIPAA) Presented by: APS Healthcare Southwestern PA Health Care Quality Unit (HCQU) December 2010.
COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.

COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.
Are you ready for HIPPO??? Welcome to HIPAA

Are you ready for HIPPO??? Welcome to HIPAA
HIPAA HIPAA Health Insurance Portability and Accountability Act of 1996.

HIPAA HIPAA Health Insurance Portability and Accountability Act of 1996.
Health IT Privacy and Security Policy Jodi Daniel, J.D., M.P.H. Director, Office of Policy and Research, Office of the National Coordinator for Health.

Health IT Privacy and Security Policy Jodi Daniel, J.D., M.P.H. Director, Office of Policy and Research, Office of the National Coordinator for Health.
1 Electronic Transactions and Code Sets Enforcement CMS Office of HIPAA Standards.

1 Electronic Transactions and Code Sets Enforcement CMS Office of HIPAA Standards.
March 19, 2009 Changes to HIPAA Privacy and Security Requirements Joel T. Kopperud Scott A. Sinder Rhonda M. Bolton.

March 19, 2009 Changes to HIPAA Privacy and Security Requirements Joel T. Kopperud Scott A. Sinder Rhonda M. Bolton.
HIPAA Compliance Strategies for Employers, METs, MEWAs and Taft Hartley Union Trust Funds The HIPAA Colloquium at Harvard University Presented by: Melissa.

HIPAA Compliance Strategies for Employers, METs, MEWAs and Taft Hartley Union Trust Funds The HIPAA Colloquium at Harvard University Presented by: Melissa.
Version 6.0 Approved by HIPAA Implementation Team April 14, 2003 1 HIPAA Learning Module The following is an educational Powerpoint presentation on the.

Version 6.0 Approved by HIPAA Implementation Team April 14, HIPAA Learning Module The following is an educational Powerpoint presentation on the.
HIPAA As It Applies To The DENTAL OFFICE PRESENTED TODAY BY Marybeth Crouch, RDH Executive Director Doral Dental Services of Ky, Inc.

HIPAA As It Applies To The DENTAL OFFICE PRESENTED TODAY BY Marybeth Crouch, RDH Executive Director Doral Dental Services of Ky, Inc.
HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.

HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.

Similar presentations

Ads by Google