1. HIPAA How can you maintain patient privacy and confidentiality? General Medicine LCCA

2. HIPAA is… Health Insurance Portability and Accountability Act of 1996 Federal protection for privacy of health information in all states Regulated by the Department of Health and Human Services

3. HIPAA Exceptions Only exception to confidentiality rules is information that must be reported by law to protect the safety and welfare of the public. –Births and deaths –Injuries caused by violence that require police involvement –Communicable diseases –Sexually transmitted diseases

4. HIPAA Privacy Points to Remember Maintaining patient/resident confidentiality is vital to the mission of the organization. HIPAA is a federal law that protects patient’s and resident’s privacy. HIPAA is used in conjunction with state privacy laws. Violations of patients/residents confidentiality could result in termination. Violations could also subject the organization to penalties, including fines. See if you can find out how much a typical HIPAA violation fine could cost a hospital….

5. HIPAA Privacy Points to Remember Patients/Residents Protected Health Information (PHI) can be health information in any form – paper, oral, written, faxed or electronic. An authorization should be obtained if PHI is to be disclosed. Uses of a patient’s/resident’s PHI should be limited to what is needed to get the job done. A notice of privacy practices is the patient’s/resident’s right to know how his/her information will be used or disclosed. Who does a patient’s medical record belong to?

6. Privacy: Simple guidelines to follow Privacy is a patient’s right. Medical information must be shared only with those who need to know. Patient privacy can be violated when protected health information and patient names are left on voicemail messages or telephone answering machines. In a semi-private area, pull the curtain around the patient’s bed, and lower your voice before speaking about medical information. Computer printouts, and other paper records containing patient information, must be kept in a secure place and shredded when not longer needed. Never throw in a regular trash can.

7. Privacy: Simple guidelines to follow Never leave any patient information, including computer screens, charts and operating room schedules unattended. Never discuss patient information or hospital business in public areas. Shred confidential information. Knock before entering a patient room and always identify yourself by your name, your position and your reason for being there. Provide a second gown or extra blanket when a patient is ambulating, in a wheelchair or being transported. Use the most private space available when discussing patient information with a patient or family members.

8. Responsibilities of Personnel Maintain patient/resident privacy. Be familiar with the organizational policies regarding patient and resident privacy. Report any possible privacy violation to a Supervisor, Director or Privacy Officer. Forward all requests for information to the Health Information Management Department No talking to anyone about specific patients you see at LRMC. You may need to walk away from conversations to protect yourself.

9. Note about disclosure… All patients have the right to opt out of being included in the directory. This allows patients the freedom to be treated at our facility without anyone knowing they are here. Confidential patients may be identified with a “ + ” (plus sign) at the end of their name. Requestors seeking information on a confidential patient must be referred to the health information management department and no information should be disclosed. Some patients, like inmates for example, do not have a choice to have their names listed in the directory. They must be identified as confidential and no information can be given to anyone. You can’t even tell anyone they are hospitalized.

10. Know before you go… HIPAA training is provided to all employees upon being hired during the organization’s general orientation. Some facilities have HIPAA training modules that must be completed prior to work or clinical rotation. Just remember, you only have a right to know the information you need in order to do your job. Never discuss specific patient information with anyone outside of your clinical group-even your family. Using patient names is a serious No-No!! Violating HIPAA regulations can result in being pulled from the clinical rotation…or being FIRED and FINED!! So, know before you go!

11. HIPAA Quiz Answer the following questions about HIPAA in your notes. 1.What federal department regulates HIPAA? 2.Must a patient sign a HIPAA authorization form before his/her physician’s office files an insurance claim for the patient? 3.Can a physician give a son confidential information about his father’s condition without the father’s written consent? 4.Karen wants a copy of her dental x-rays. Can the dental office charge her $10 to provide her with a copy? 5.Brenda has a baby but does NOT want the information made public. Can she refuse to have the birth registered?