Presentation is loading. Please wait.

Presentation is loading. Please wait.

©2006 All rights reserved. Health Information Management Technology — Second Edition — An Applied Approach Chapter 15 Legal Issues in Health Information.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "©2006 All rights reserved. Health Information Management Technology — Second Edition — An Applied Approach Chapter 15 Legal Issues in Health Information."— Presentation transcript:

1 ©2006 All rights reserved. Health Information Management Technology — Second Edition — An Applied Approach Chapter 15 Legal Issues in Health Information Technology

2 ©2006 All rights reserved. HIM Legal Issues Compilation and maintenance of health records Ownership and control of health records, including use and disclosure Use of health records and health information in judicial proceedings

3 ©2006 All rights reserved. U. S. Legal System How are laws classified? Public law Private law How are laws made? Constitutions Statutes Administrative law Judicial decisions

4 ©2006 All rights reserved. U.S. Legal System (continued) How are legal disputes handled? U.S. court system District courts Courts of appeals Supreme Court State court systems Trial courts Appellate courts State supreme court

5 ©2006 All rights reserved. U.S. Legal System: How are legal disputes handled? (Continued) Dispute resolution Administrative agencies Arbitration Mediation

6 ©2006 All rights reserved. U.S. Legal Process Bringing a lawsuit Plaintiff(s) Defendant(s) Counterclaim Joinder Crossclaim Complaint Summons

7 ©2006 All rights reserved. U.S. Legal Process (continued) Discovery period Deposition Subpoena Subpoena ad testificandum Subpoena duces tecum Trial Post-Trial: appeal and collection of the judgment

8 ©2006 All rights reserved. Medical Malpractice What is professional liability? Medical malpractice Physician-patient relationship Contract Express Implied Tort Intentional tort Negligence

9 ©2006 All rights reserved. Medical Malpractice Types of negligence Nonfeasance Malfeasance Misfeasance Elements of negligence Duty Breach Causation Injury/Harm

10 ©2006 All rights reserved. Form and Content of the Health Record What legal requirements affect the form and content of the health record? Statutory laws such as state and federal statutes Regulatory laws such as Medicare, HIPAA, and public health reporting requirements Standards by accrediting bodies such as the JCAHO Failure to comply results in some type of penalty

11 ©2006 All rights reserved. Form and Content of the Health Record (continued) Guidelines for complying with statutory and regulatory laws and accreditation standards: Policies and procedures should comply with all laws and standards Health records should be systematically organized Only authorized persons should document in the health record Policies should specify who can receive and transcribe verbal orders

12 ©2006 All rights reserved. Form and Content of the Health Record (continued) Guidelines for complying with statutory and regulatory laws, and accreditation standards (continued) Health record entries should be documented at the time service is provided Authors of all entries should be clearly identified Only approved abbreviations and symbols should be used in the health record All entries should be permanent

13 ©2006 All rights reserved. Form and Content of the Health Record (continued) Guidelines for complying with statutory and regulatory laws, and accreditation standards (continued) Policies and procedures for error correction should be in place Policies and procedures for addenda to the record should be in place Quantitative and qualitative analyses of health records should be conducted All laws and other requirements should be reviewed and understood

14 ©2006 All rights reserved. Retention of Health Records When developing retention policies, consider: Federal, state, and local statutes and regulations for your institution type Statutes of limitation for malpractice and other claims Retention standards of pertinent accreditation body Use of records within the organization

15 ©2006 All rights reserved. AHIMA Retention Guidelines Ensure that patient information is available to meet patient care needs, legal requirements, research, education, and other legitimate uses Develop a retention schedule that meets needs of patients, physicians, researchers, and other legitimate users and complies with all regulations and laws Develop guidelines that specify what information should be retained, the retention period, and the storage medium Maintain compliance documentation and develop policies and procedures for compliance documentation

16 ©2006 All rights reserved. HIPAA Definition Health Insurance Portability and Accountability Act (HIPAA) of 1996 Focus of Title II (1 of 5 titles) Medical liability reform Health care fraud and abuse prevention Administrative simplification Privacy standards Security standards Transactions, identifiers and code set standards

17 ©2006 All rights reserved. HIPAA Terminology Protected Health Information (PHI) Designated Record Set (DRS) Use Disclosure Requests Minimum Necessary Treatment, Payment, and Operations (TPO) Preemption

18 ©2006 All rights reserved. Entities Covered by HIPAA Covered entities Healthcare providers, such as hospitals, pharmacies, physician office practices, long-term care facilities, and clinics Health plans, such as insurance plans Healthcare clearinghouses, such as billing companies

19 ©2006 All rights reserved. HIPAA Applicability The HIPAA privacy rule applies to covered entities who engage in transmitting or performing any electronic transaction specified in HIPAA Health claims and encounter information Health plan enrollment and disenrollment Eligibility for a health plan Healthcare payment and remittance advice Health plan premium payments Health claim status Referral certification Coordination of benefits

20 ©2006 All rights reserved. HIPAA Applicability (continued) Business Associates (BAs) What is a business associate? Disclosures of PHI to BAs Business associate agreement (BAA) Content of BAA

21 ©2006 All rights reserved. HIPAA Applicability (continued) Workforce Members Who is considered a workforce member of a covered entity? Are contractors working in a covered entity considered workforce members or business associates?

22 ©2006 All rights reserved. HIPAA Applicability (continued) De-identified information Does not identify the individual Not subject to the HIPAA privacy rule What elements must be removed to de- identify an individual? Reidentification

23 ©2006 All rights reserved. HIPAA: Individual Rights The HIPAA privacy rule provides individuals with rights to provide some control over their health information Right of access Right to request amendment Right to accounting of disclosures Right to request restrictions Right to request confidential communications Right to complain of privacy rule violations

24 ©2006 All rights reserved. HIPAA: Individual Rights - Access Right of access Own PHI contained in a designated record set Exceptions to access Psychotherapy notes Information compiled for civil or criminal actions Denial of access Not subject to review Subject to review

25 ©2006 All rights reserved. HIPAA: Individual Rights - Access (continued) Access request Provide request in writing (if previously informed of this) Timely response is required by the covered entity 30 days from receipt of request Extension of time period 30-day extension Must provide individual with written statement within original 30-day time period Written statement must include reason for delay and date covered entity will complete its action Time period for records not maintained on site

26 ©2006 All rights reserved. HIPAA: Individual Rights - Access (continued) Charges Reasonable fee may be imposed Copying, including supplies and labor Postage, when individual has requested information to be mailed Preparation of an explanation summary, if agreed to by the individual in advance Stricter state laws apply to fees

27 ©2006 All rights reserved. HIPAA: Individual Rights – Request Amendment Right to request amendment May require the amendment request to be in writing Allowed reasons for denial of amendment request Timely response to the request by the covered entity Process for denial of requests for amendment

28 ©2006 All rights reserved. HIPAA: Individual Rights – Accounting of Disclosures Right to accounting of disclosures Disclosures that do not require an accounting Disclosures for TPO purposes Individuals provided their own PHI Incidental or otherwise permitted or required Pursuant to an authorization Use in a facility directory To meet national security or intelligence requirements

29 ©2006 All rights reserved. HIPAA: Individual Rights – Accounting of Disclosures (continued) Disclosures that do not require an accounting (continued) To correctional institutions or law enforcement officials Disclosures that occurred before the HIPAA privacy compliance date

30 ©2006 All rights reserved. HIPAA: Individual Rights – Accounting of Disclosures (continued) Information included in an accounting Date of disclosure Name and address of entity or person who received the information Brief statement of the purpose of the disclosure or copy of individual’s written authorization or request Timely response to request for accounting Fees for accounting of disclosures Required documentation

31 ©2006 All rights reserved. HIPAA: Individual Rights – Request Restrictions Right to request restrictions on uses and disclosures of PHI to carry out TPO Covered entity must permit such a request, but does not have to agree to the requested restriction Termination of requested restrictions Covered entity’s responsibilities

32 ©2006 All rights reserved. HIPAA: Individual Rights – Confidential Communications Right to request confidential communications Alternative routing/destination or by alternative method Requests may be refused if information is not provided as to how payment will be handled

33 ©2006 All rights reserved. HIPAA: Individual Rights – Complain of Violations Right to complain of privacy rule violations Must inform individuals of right to complain at covered entity level and to the U.S. Department of Health and Human Services

34 ©2006 All rights reserved. HIPAA Privacy Rule Documents: Notice of Privacy Practices Notice of Privacy Practices Purpose Availability of the notice Required content Acknowledgement by individual

35 ©2006 All rights reserved. HIPAA Privacy Rule Documents: Consent Consent To use or disclose PHI for treatment, payment and operations (TPO) Optional document Required content Revocation

36 ©2006 All rights reserved. HIPAA Privacy Rule Documents: Authorization Authorization Definition Purpose Content Situations requiring an authorization

37 ©2006 All rights reserved. Authorization Not Required Required uses and disclosures without authorization Access or accounting of disclosures requested by individual or personal representative U.S. Department of Health and Human Services investigation, review, or enforcement action

38 ©2006 All rights reserved. Authorization Not Required (continued) Permitted uses and disclosures without authorization (patient HAS opportunity to informally agree or object) Directory of patients Notification of family or friends

39 ©2006 All rights reserved. Authorization Not Required (continued) Permitted uses and disclosures without authorization (patient does NOT HAVE opportunity to agree or object). These uses and disclosures are permissive only and must not violate a stricter or more protective state law. Treatment, payment, and operations To the individual Incidental disclosures Limited data set Twelve public interest and benefit purposes

40 ©2006 All rights reserved. Authorization Not Required (continued) Twelve public interest and benefit purposes As required by law (e.g. reporting specified wounds) Public health activities Victims of abuse, neglect, or domestic violence Healthcare oversight activities Judicial and administrative proceedings Law enforcement purposes Decedents Cadaveric organ, eye or tissue donation Research Threat to health or safety Specialized government functions Workers’ Compensation

41 ©2006 All rights reserved. HIPAA: Marketing Definition General rule: use or disclosure of PHI for marketing requires authorization Marketing activities that do not require an authorization Occurs face-to-face with the individual Concerns products or services of nominal value

42 ©2006 All rights reserved. HIPAA: Marketing Activities not defined as marketing per HIPAA (authorization not required) Communications by covered entity about health-related products and services provided by or covered as a benefit by the covered entity or a third party (must meet requirements) Communications for treatment of individual Communications for case management/care coordination or alternative treatments Remuneration to the covered entity must be disclosed Opt-out instructions

43 ©2006 All rights reserved. HIPAA: Fundraising Must inform individuals in Notice of Privacy Practices that PHI may be used for fundraising Instructions on opting out in future are required Prior authorization required if fundraiser targets individuals based on diagnosis, for instance, kidney patients targeted to raise funds for new kidney dialysis center

44 ©2006 All rights reserved. HIPAA Privacy Standards: Administrative Requirements Designation of privacy officer Workforce training Process for establishing privacy safeguards Process for handling privacy complaints Standards for policies and procedures

45 ©2006 All rights reserved. Medical Staff Appointments and Privileges Facility is responsible for establishing policies and procedures to ensure reasonable care in medical staff appointments Credentialing for appointment and reappointment National Practitioner Data Bank formed by the Health Care Quality Improvement Act of 1986 HIT role in medical staff privileges

46 ©2006 All rights reserved. Labor Laws and Unionized Personnel Collective bargaining defined National Labor Relations Act and other federal labor laws Fair Labor Standards Act Equal Pay Act Equal Employment Opportunity Act Age Discrimination in Employment Act Occupational Safety and Health Act Rehabilitation Act

47 ©2006 All rights reserved. Labor Laws and Unionized Personnel (continued) State Labor Laws Right-to-work laws Workers’ Compensation Child labor laws Minimum wage laws

48 ©2006 All rights reserved. Americans With Disabilities Act Federal law Scope of the law “Reasonable accommodations”: When is a requested accommodation not reasonable? Practical application of the law

Download ppt "©2006 All rights reserved. Health Information Management Technology — Second Edition — An Applied Approach Chapter 15 Legal Issues in Health Information."

Similar presentations

Medical Ethics, Law and compliance

Medical Ethics, Law and compliance
HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.

HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.
HIPAA Privacy Rule Training

HIPAA Privacy Rule Training
HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.

HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.

The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
P E N N S Y L V A N I A C O A L I T I O N A G A I N S T D O M E S T I C V I O L E N C E P E N N S Y L V A N I A C O A L I T I O N A G A I N S T RAPE HIPAA.

P E N N S Y L V A N I A C O A L I T I O N A G A I N S T D O M E S T I C V I O L E N C E P E N N S Y L V A N I A C O A L I T I O N A G A I N S T RAPE HIPAA.
HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) 252-9321; Victoria Nemerson.

HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) ; Victoria Nemerson.
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna 412-396-4419.

Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna
North Carolina State University Health Information Privacy 4/16/03.

North Carolina State University Health Information Privacy 4/16/03.
TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.

TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.
 Original Intent: ◦ Act passed in 1996 with two main goals: 1.Ensure individuals would be able to maintain their health insurance between jobs (the “portability”

 Original Intent: ◦ Act passed in 1996 with two main goals: 1.Ensure individuals would be able to maintain their health insurance between jobs (the “portability”
Copyright 2006 Rubin Law Firm, LLC Drafting HIPAA Compliant Subpoenas & Discovery Presented by:RACHEL B. RUBIN Kansas Bar Association Annual Meeting June.

Copyright 2006 Rubin Law Firm, LLC Drafting HIPAA Compliant Subpoenas & Discovery Presented by:RACHEL B. RUBIN Kansas Bar Association Annual Meeting June.
HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.

HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.
HIPAA THE PRIVACY RULE Reviewed December 2012 2 HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti-

HIPAA THE PRIVACY RULE Reviewed December HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti-
Are you ready for HIPPO??? Welcome to HIPAA

Are you ready for HIPPO??? Welcome to HIPAA
Health Insurance Portability and Accountability Act (HIPAA)

Health Insurance Portability and Accountability Act (HIPAA)
Overview of HIPAA Administrative Simplification and Privacy Regulations Darrel J. Grinstead, Partner Amy B. Kiesel, Associate Hogan & Hartson L.L.P.

Overview of HIPAA Administrative Simplification and Privacy Regulations Darrel J. Grinstead, Partner Amy B. Kiesel, Associate Hogan & Hartson L.L.P.
Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.

Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.

Similar presentations

Ads by Google