Presentation is loading. Please wait.

Presentation is loading. Please wait.

HIPAA Training Presentation for New Employees How did we get here? HIPAA Police 1.

Published byRyley Loner Modified over 9 years ago

Similar presentations

Presentation on theme: "HIPAA Training Presentation for New Employees How did we get here? HIPAA Police 1."— Presentation transcript:

1 HIPAA Training Presentation for New Employees How did we get here? HIPAA Police 1

2 Goals of this session To answer the following question: What is HIPAA? Health Insurance Portability and Accountability Act (HIPAA) 1996 2

3 Portable health insurance 1992 The Origin of HIPAA + 3

4 Portability Enable people to easily change from one health insurance plan to another when changing jobs or becoming unemployed Accountability Enable federal government to increase authority for fraud enforcement Administrative Includes patient privacy, confidentiality and security of health information H I P A A Health Insurance Portability and Accountability Act 1996 Our Focus: 4

5 HIPAA Privacy Rule Privacy Rule Accountability Privacy Rule Accountability Portability Our Focus: 5

6 HIPAA Privacy Rule Enacted to:  increase the privacy protection of health information identifying individuals who are living or deceased 6

7 7 What does HIPAA require? Use patient information for Treatment, Payment and routine business Operations (TPO) only Limit access to patient information to Minimum Necessary to perform job duties Provide patient right to view own medical record, obtain copies and request amendments

8 8 1) You cannot access or use patients’ identifiable health information without their knowledge and consent. Main Principles of HIPAA Privacy Rule 2) If you learn patients’ private health information, you must keep it confidential.

9 9 Implications for you Privacy Rule As a patient As an employee

10 10 Goals of this session To answer the following question: What is HIPAA? How does it affect me as a patient?

11 11 Your rights as a patient  You have the right to view your own medical record, obtain copies and request amendments  You have the right to receive notification as to how healthcare providers use your information  You have to provide authorization for uses other than Treatment, Payment or routine business Operations  You have the right to rescind that authorization

12 12 Goals of this session To answer the following questions: What is HIPAA? How does it affect me as a patient? How does it affect me as an employee?

13 13 Milton S. Hershey Medical Center and College of Medicine are Covered Entities under HIPAA

14 14 Covered Entity a health care provider a health care clearinghouse a health plan

15 15 Your obligations as an employee of a covered entity  Respect the confidentiality of patients, co- workers, and Penn State Milton S. Hershey Medical Center/College of Medicine  Keep confidential information confidential

16 16 What is meant by “confidential information”? Patient healthcare and financial records Employee records and information Business or system information related to PSMSHMC/COM

17 Obligations of the employee All MSHMC/PSCOM employees are expected to follow the terms of the HMC Privacy Notice. http://www.hmc.psu.edu/visitors/privacynotice.pdf 17

18 Failure to follow the terms of the Privacy Notice will result in disciplinary action, including termination, expulsion, and possible pursuit of legal action! Signing and adhering to the conditions of the Confidentiality Statement are conditions of employment Report violations to Privacy Officer, Jim Bifano, x8059 Obligations of the employee 18

19 19 Special considerations for electronic communications Follow security policies on Infonet. Keep your passwords private, hidden. Do not open email of unknown origin. Confirm e-mail address prior to sending. Maintain current anti-virus software. Report violations or concerns to:  Information Security Officer Matt Weber x5904

20 20 How does this affect my work as an employee in Public Health Sciences? I don't treat patients!

21 21 Train future researchers PHS Design, conduct, and support research

22 22 HIPAA and Research Privacy Rule not originally enacted to regulate research; Code of Federal Regulations in place HIPAA does not apply to health information collected by a basic scientist solely for research purposes. Adoption of a common set of standards for patients and clinical research subjects Research at CoM treated the same as patient care with regard to privacy and confidentiality Oversight by the Human Subjects Protection Office

23 23 HIPAA Privacy Rule: Definitions What is protected health information (PHI)? Any information created or received by a healthcare provider related to past, present, or future physical or mental health condition of an individual. Examples: history of cardiovascular disease, measles, psychiatric illness,...

24 24 HIPAA Privacy Rule Enacted to increase the privacy protection of health information of identifiable individuals who are living or deceased

25 25 Protection of Health Information Identifying Individuals Health Information +Identifier Protected Health Information (PHI) Subject to Privacy Rule

26 26 What is meant by “identifier”?

27 27 Individual Identifiers 1.Names 2. All geographic subdivisions smaller than a State street address city county precinct zip code

28 28 Individual Identifiers (continued) 3. All elements of dates (except year): birth date admission date discharge date date of death All elements of dates for ages over 89

29 29 Individual Identifiers (continued) 4.Telephone number 5.Fax number 6.Email address 7.Social security # 8.Medical Record Number 9.Health plan beneficiary #

30 30 Individual Identifiers (continued) 10. Account numbers 11.Certificate/license #s 12.Vehicle identifiers and serial #s, including license plates 13. Device identifiers & serial #s

31 31 Individual Identifiers (continued) 14. Web Universal Resource Locators (URLs) 15. Internet Protocol (IP) address #s 16. Finger & voice prints 17. Full face photos 18. Any other unique identifying number, characteristic, or code

32 32 Breakdowns in Confidentiality Accessing PHI not directly related to your job Leaving confidential information unattended Conversations in public areas Sending confidential information unsecured Co-mingling of confidential and general information Improper disposal of confidential records, both paper and electronic

33 33 Implications of Privacy Rule For investigators Does the study involve health information about human subjects? Does the study involve health information about human subjects?

34 34 HIPAA algorithm

35 35 HIPAA algorithm Does the study involve health information about human subjects? No

36 36 HIPAA algorithm Does the study involve health information about human subjects? No No HIPAA issues

37 37 HIPAA algorithm Does the study involve health information about human subjects? Yes No No HIPAA issues

38 38 HIPAA algorithm Does the study involve health information about human subjects? Yes No No HIPAA issues Are any of the18 identifiers present?

39 39 HIPAA algorithm Does the study involve health information about human subjects? Yes No No HIPAA issues Are any of the18 identifiers present? No No HIPAA issues

40 40 HIPAA algorithm Does the study involve health information about human subjects? Yes No No HIPAA issues Are any of the18 identifiers present? No No HIPAA issues Yes

41 41 HIPAA algorithm Does the study involve health information about human subjects? Yes No No HIPAA issues Are any of the18 identifiers present? No No HIPAA issues Yes HIPAA issues

42 42 HIPAA algorithm Does the study involve health information about human subjects? Yes No No HIPAA issues Are any of the18 identifiers present? No No HIPAA issues Yes HIPAA issues

43 43 What does this mean to investigators? Health information + Identifier

44 44 What does this mean to investigators? Does the study involve living human subjects? Health information + Identifier

45 45 What does this mean to investigators? Does the study involve living human subjects? Yes HIPAA issues Health information + Identifier

46 46 What does this mean to investigators? Does the study involve living human subjects? Yes HIPAA issues Use of non-living human subjects? No HIPAA issues only Health information + Identifier

47 47 What does this mean to investigators? Does the study involve living human subjects? Yes IRB and HIPAA issues Use of non-living human subjects? No HIPAA issues only Unsure ? Health information + Identifier

48 48 Is my research subject to the Privacy Rule? health data + personal identifiers health data – personal identifiers NOT subject to Privacy Rule Subject to Privacy Rule

49 49 Quick Review We know: what HIPAA stands for that the Privacy Rule of HIPAA is of utmost concern to Milton S. Hershey Medical Center/Penn State College of Medicine what is meant by Confidentiality, Protected Health Information, and Identifiers the standards you are held to as an employee of Penn State College of Medicine that research at PSCoM is treated the same as patient care with respect to HIPAA regulations

50 50 When can an investigator use PHI? When he/she: 1.Seeks authorization from study subject to use subject’s PHI 2.Seeks waiver of authorization from HSPO because it would be impossible to get authorization from subject 3.Uses a limited data set 4.Uses data only as preparation for research project

51 51 Implications of Privacy Rule For investigators For staff

52 52 PHS Employees who work with PHI Study datasets: What PHI is contained? What identifiers are contained? Who has access to them?

53 53 Implications of Privacy Rule For investigators For staff For business associates

54 54 Business Associates Person or entity that performs certain functions which involve the use or disclosure of Protected Health Information E.g., pulmonary function test quality control over-reader In this example, certain personal identifiers are required to determine age-correct values: date of birth, date of service Must sign Business Associate Agreement through Purchasing Department

55 55 End of Presentation Thank you. Thank you very much.

Download ppt "HIPAA Training Presentation for New Employees How did we get here? HIPAA Police 1."

Similar presentations

HIPAA Privacy Rule “Standards for Privacy of Individually Identifiable Health Information” 45 CFR 160 and 164* *http://www.hhs.gov/ocr/combinedregtext.pdf.

HIPAA Privacy Rule “Standards for Privacy of Individually Identifiable Health Information” 45 CFR 160 and 164* *
HIPAA and Public Health 2007 Epi Rapid Response Team Conference.

HIPAA and Public Health 2007 Epi Rapid Response Team Conference.
Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.

Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.
COBB/DOUGLAS COMMUNITY SERVICES BOARD Confidentiality and Privacy of Consumer Information.

COBB/DOUGLAS COMMUNITY SERVICES BOARD Confidentiality and Privacy of Consumer Information.
The Health Insurance Portability and Accountability Act Basic HIPAA Training For CMU workforce with access to PHI.

The Health Insurance Portability and Accountability Act Basic HIPAA Training For CMU workforce with access to PHI.
HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.

HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
HIPAA Health Insurance Portability and Accountability Act.

HIPAA Health Insurance Portability and Accountability Act.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
NAU HIPAA Awareness Training

NAU HIPAA Awareness Training
HIPAA Requirements for Patient Oriented Research

HIPAA Requirements for Patient Oriented Research
Informed Consent.

Informed Consent.
 The Health Insurance Portability and Accountability Act of 1996.  Federal Law designed to protect sensitive information.  HIPAA violations are enforced.

 The Health Insurance Portability and Accountability Act of  Federal Law designed to protect sensitive information.  HIPAA violations are enforced.
Health Insurance Portability & Accountability Act “HIPAA” To every patient, every time, we will provide the care that we would want for our own loved ones.

Health Insurance Portability & Accountability Act “HIPAA” To every patient, every time, we will provide the care that we would want for our own loved ones.
Are you ready for HIPPO??? Welcome to HIPAA

Are you ready for HIPPO??? Welcome to HIPAA
Professional Nursing Services.  Privacy and Security Training explains:  The requirements of the federal HIPAA/HITEC regulations, state privacy laws.

Professional Nursing Services.  Privacy and Security Training explains:  The requirements of the federal HIPAA/HITEC regulations, state privacy laws.
Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.

Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.
University of Miami1 HIPAA Survival Skills An Introduction to HIPAA and Research University of Miami Human Subjects Research Office October 31, 2006 Evelyne.

University of Miami1 HIPAA Survival Skills An Introduction to HIPAA and Research University of Miami Human Subjects Research Office October 31, 2006 Evelyne.
HIPAA, Researchers and the IRB Alan Homans, IRB Chair and Nancy Stalnaker, IRB Administrator.

HIPAA, Researchers and the IRB Alan Homans, IRB Chair and Nancy Stalnaker, IRB Administrator.

Similar presentations

Ads by Google