Presentation is loading. Please wait.

Presentation is loading. Please wait.

August 10, 2001 NESNIP PRIVACY WORKGROUP HIPAA’s Minimum Necessary Standard Presented by: Mildred L. Johnson, J.D.

Published byCaroline Barton Modified over 9 years ago

Similar presentations

Presentation on theme: "August 10, 2001 NESNIP PRIVACY WORKGROUP HIPAA’s Minimum Necessary Standard Presented by: Mildred L. Johnson, J.D."— Presentation transcript:

1 August 10, 2001 NESNIP PRIVACY WORKGROUP HIPAA’s Minimum Necessary Standard Presented by: Mildred L. Johnson, J.D.

2 GENERAL RULE Implement reasonable procedures to ensure that only the minimum necessary of protected health information (PHI) is USED, DISCLOSED OR REQUESTED when conducting payment activities and health care operations.

3 APPLICABILITY Covered Entities Healthcare providers Health insurers Clearing houses Uses, Disclosures and Requests Payment and Healthcare Operations Activities where authorizations are required

4 EXCEPTIONS Treatment of the Individual Permitted or Required Disclosures to the Individual Pursuant to the Individual’s authorization Disclosures to the Secretary of HHS for compliance and enforcement purposes

5 EXCEPTIONS Disclosures Required by Law: Public Health Activities Abuse, Neglect or Domestic Violence to the extent authorized by statute or regulation Health Oversight Activities Excludes Private Accreditation Organizations Judicial & Administrative Proceedings Law Enforcement Purposes

6 USE STANDARDS Identify persons (or classes of persons) in the workforce who need to access PHI to carry out their duties. Identify the categories of PHI to which access is needed and any conditions appropriate to such access. Make reasonable efforts to limit access by those identified above to PHI that they do not need to carry out their duties. No case-by-case review ever required for USE.

7 USE STANDARD CHECKLIST  Identify and classify all employees & contractors who need access to PHI  Identify the PHI each can access  Provide justification for those allowed access to entire PHI  Identify the conditions when certain PHI is accessible.  Job Descriptions identify access levels

8 DISCLOSURE AND REQUESTS ROUTINE Requires policies and procedures, which may be standardized protocols. NON-ROUTINE Establish criteria to limit PHI to that reasonably necessary to accomplish the purpose. Individual review using the criteria.

9 DISCLOSURE STANDARDS Routine v. Non-Routine Disclosures. Reasonable Reliance For Requests Made by: Public Officials Another Covered Entity Professional member of workforce/business associate Researcher (IRB/Privacy Board)

10 DISCLOSURE: REASONABLE RELIANCE Representation that PHI requested is the minimum amount necessary. Who Public Officials Professional in the Workforce or B.A. Written v. Oral Tracking System

11 DISCLOSURE: REASONABLE RELIANCE Researchers Requires Written IRB/Privacy Board determination Must describe PHI Must include voting procedures Review Preparatory to Research or for research on PHI of decedents. Copy of death certificate Documentation from researcher Necessity Minimum Necessary

12 DISCLOSURE CHECKLIST  Identify PHI not subject to an exception or reasonable reliance  Identify individuals/entities that would request PHI  Identify conditions that would apply for disclosure.  Justification for routine disclosures of entire PHI

13 DISCLOSURE CHECKLIST  Written criteria to limit non- routine disclosure of PHI to that reasonably needed.  Designate individual(s) to review non-routine disclosures.  Written tracking process for each non-routine disclosure reviewed.

14 REQUEST Applies to Requests made by covered entities to covered entities Key Items Burden is on the requesting party Recipient can use the reasonable reliance standard when disclosing PHI to the requesting covered entity. Routine v. Non-routine

15 REQUEST CHECKLIST  Identify individual(s) responsible for making requests.  Identify routine requests  Justification for requests requiring the entire medical record.  Designated individual(s) responsible for making determinations of minimal necessary for non-routine requests.

Download ppt "August 10, 2001 NESNIP PRIVACY WORKGROUP HIPAA’s Minimum Necessary Standard Presented by: Mildred L. Johnson, J.D."

Similar presentations

SIMPLIFYING PRIVACY: HIPAA PRIVACY STANDARDS AND RESEARCH Angela M. Vieira General Counsel Childrens Hospital and Health Center June 5, 2004.

SIMPLIFYING PRIVACY: HIPAA PRIVACY STANDARDS AND RESEARCH Angela M. Vieira General Counsel Childrens Hospital and Health Center June 5, 2004.
HIPAA Privacy Practices. Notice A copy of the current DMH Notice must be posted at each service site where persons seeking DMH services will be able to.

HIPAA Privacy Practices. Notice A copy of the current DMH Notice must be posted at each service site where persons seeking DMH services will be able to.
Responding to Subpoenas and Law Enforcement Demands for PHI: An Overview Janet A. Newberg Chair, Health Law Section Felhaber Larson Fenlon & Vogt, P.A.

Responding to Subpoenas and Law Enforcement Demands for PHI: An Overview Janet A. Newberg Chair, Health Law Section Felhaber Larson Fenlon & Vogt, P.A.
Minimum Necessary Standard Version 1.0

Minimum Necessary Standard Version 1.0
HIPAA Privacy Rule “Standards for Privacy of Individually Identifiable Health Information” 45 CFR 160 and 164* *http://www.hhs.gov/ocr/combinedregtext.pdf.

HIPAA Privacy Rule “Standards for Privacy of Individually Identifiable Health Information” 45 CFR 160 and 164* *
1 The HIPAA Privacy Rule and Research This presentation will probably involve audience discussion, which will create action items. Use PowerPoint to keep.

1 The HIPAA Privacy Rule and Research This presentation will probably involve audience discussion, which will create action items. Use PowerPoint to keep.
NATIONAL FORUM ON YOUTH VIOLENCE PREVENTION: HIPAA PRIVACY RULE CONSIDERATIONS November 1, 2011 Iliana L. Peters, JD, LLM HHS Office for Civil Rights.

NATIONAL FORUM ON YOUTH VIOLENCE PREVENTION: HIPAA PRIVACY RULE CONSIDERATIONS November 1, 2011 Iliana L. Peters, JD, LLM HHS Office for Civil Rights.
HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.

HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
P E N N S Y L V A N I A C O A L I T I O N A G A I N S T D O M E S T I C V I O L E N C E P E N N S Y L V A N I A C O A L I T I O N A G A I N S T RAPE HIPAA.

P E N N S Y L V A N I A C O A L I T I O N A G A I N S T D O M E S T I C V I O L E N C E P E N N S Y L V A N I A C O A L I T I O N A G A I N S T RAPE HIPAA.
HIPAA Minimum Necessary: Use/Disclosure & Role-based Access  Charlene Dunbar Madonna Rehabilitation Hospital  Sheila Wrobel Nebraska Health System.

HIPAA Minimum Necessary: Use/Disclosure & Role-based Access  Charlene Dunbar Madonna Rehabilitation Hospital  Sheila Wrobel Nebraska Health System.
NAU HIPAA Awareness Training

NAU HIPAA Awareness Training
1 Louisiana Department of Health and Hospitals Basic HIPAA Privacy Training: Policies and Procedures 01/09/2009 0.

1 Louisiana Department of Health and Hospitals Basic HIPAA Privacy Training: Policies and Procedures 01/09/
TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.

TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.
 The Health Insurance Portability and Accountability Act of 1996.  Federal Law designed to protect sensitive information.  HIPAA violations are enforced.

 The Health Insurance Portability and Accountability Act of  Federal Law designed to protect sensitive information.  HIPAA violations are enforced.
COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.

COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.
Are you ready for HIPPO??? Welcome to HIPAA

Are you ready for HIPPO??? Welcome to HIPAA
Privacy, Security and Compliance Concerns for Management and Boards November 15, 2013 Carolyn Heyman-Layne, Esq. 1.

Privacy, Security and Compliance Concerns for Management and Boards November 15, 2013 Carolyn Heyman-Layne, Esq. 1.
Health Insurance Portability and Accountability Act (HIPAA)

Health Insurance Portability and Accountability Act (HIPAA)
Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.

Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.

Similar presentations

Ads by Google