Presentation is loading. Please wait.

Presentation is loading. Please wait.

Rhonda Anderson, RHIA, President  …is a PROCESS, not a PROJECT 2.

Published byPaul Peters Modified over 9 years ago

Similar presentations

Presentation on theme: "Rhonda Anderson, RHIA, President  …is a PROCESS, not a PROJECT 2."— Presentation transcript:

1

2 Rhonda Anderson, RHIA, President

3  …is a PROCESS, not a PROJECT 2

4  Nursing Staff  Nursing Assistants  Staff from other depts.  Generalized information for staff 3

5 Anderson Health Information Systems, Inc. 4

6  Will identify requirements for:  Notice of Privacy Practices  Personnel Designations  Minimum Necessary  What needs to be done, when and by who 5

7  Will leave the workshop with information to protect the residents health information as that is your responsibility as an employee known in HIPAA as a member of the workforce. 6

8  Notice of PRIVACY PRACTICES & RIGHTS written in plain English and:  Acknowledgement by Resident/Responsible Party  Resident RIGHTS – Access to Records manual and electronic  Restrict certain release  Authorization for Discussion of PHI  Right to request Amendment / Addendum (CA)  Right to receive Accounting of Disclosure 7

9  Allows the individual control over how PHI is used and disclosed  Describe practice related to use and disclosure of PHI  Minimum Necessary – use by staff  Covered entities responsibilities under HIPA  Other such as marketing & research and the rule around that  Alternative means of communication 8

10 9

11  Prepare Notice of Privacy Practices – given to the resident as part of the admission process. This is audited by MRD as part of the admission audit. 10

12  Notice must include:  Information regarding uses and disclosures  Explanation of individual’s privacy rights  Covered entities responsibilities under HIPAA 11

13  Indicates how the use and disclosure will be used for treatment, payment and operations.  How to file a complaint (Covered entity or Health and Human Services - Office for Civil Rights has been delegated as the responsible office)  Name, title and phone of contact person, privacy official  Effective date of notice 12

14  Post Notice at the facility, on the web – notify update  Make copies available  May use e-mail if Resident agrees (get a signed consent recommended  Attempt to obtain acknowledgment of Notice of Privacy Practice -- at admit  Provide notice for current residents via notice and/or signature 13

15  Notice of Organizations “PHI” Privacy Practices  Request Restrictions on Disclosures to Others of their “PHI”  Request alternative means of communicating “PHI”  Authorization to disclosure PHI  Right to restrict access to records of the resident/responsible party paid in full for services/supplies 14

16  May inspect and get a copy of “PHI”  May request Amendments to their “PHI”  Must be given an accounting of organization’s disclosures of their “PHI”  Notified of breaches of PHI 15

17  Make good faith efforts to obtain written acknowledgment of Receipt of Notice of Privacy Practices – at time of ADMIT  “I ACKNOWLEDGE THAT I HAVE BEEN PROVIDED A COPY OF THE NOTICE OF PRIVACY PRACTICES, DATE, SIGN” 16

18  The facility shall limit the amount of PHI:  Disclosed or requested to documentation/related to protected health information that is reasonably necessary to carry out the job or fulfill the request for information.  To employees only to the extent they need the information to carry out their JOB DUTIES [what does this mean to you??] 17

19  WHAT DOES THIS MEAN TO YOU?  Discuss those items that would be needed to know for different jobs, i.e.., Social Services needs access to all information that would impact the decisions re: advanced decisions for health care, transportation, family involvement health condition, etc., also as a team member she/he needs access too --- specify ….(identify additional info. needed) 18

20  Examples  As a team member you would need access to the health information to make resident care plan decisions.  Certified Nursing Assistant – What information do you need to do your job? 19

21  The facility shall limit the amount of PHI available to each employee – role based  Employees shall be identified – in general at least as to what information they have available to them and under what circumstances.  Computerized EHR – a grid should be prepared. 20

22  The facility shall limit the amount of PHI:  Used or disclosed…and only the entire record will be sent to the requestor only when needed and reasonably necessary to accomplish the request, i.e.., attorney requests information.  Also, all responses to requests shall consider – release of minimum necessary to carry out the specific reason for the request. 21

23  Does NOT apply:  When sending to another health care provider; however, you only need to give the information that is needed!  Disclosure to the individual  Uses and disclosures made pursuant to an authorization  To Dept. of Public Health L & C, required for compliance, otherwise required by law, i.e.., law enforcement, public health, Office of Inspector General 22

24  Administrative Requirements  Business Associates – Contractors, subcontractors are required to adhere to the Privacy, Security and Enforcement Rules  Privacy Official – Medical Record Designee  Security Official – Administrator or Designee  Enforcement and Costs 23

25 24

26  Addressed in the Administrative Requirements 45 C.F.R. 164.530  COVERED ENTITY (CE) must designate a privacy official who is responsible for the development and implementation of the privacy policies and procedures of the entity 25

27  Health Information Designee  Administrator, alternate  DSD – Provides training and orientation with assistance from the ‘MRD’ an the HIM Consultant HIM-CONSULTANT  The AHIS HIM-CONSULTANT 26

28  164.530 requires Facility to  Provide a process for individuals to make complaints regarding privacy violations(d)  File complaints without fear of retaliation (g)  Designate a contact person for receiving complaints(a)(1)(ii)  Document complaints received and their disposition 27

29  Cooperate with Federal Investigations of complaints  Sanction Members of the Workforce who violate privacy(e)  Mitigate to the extent feasible any harm caused by the violation( f) 28

30  What are other complaints that are happening in the facility from your residents/family, etc., that may extend to Privacy complaints. How are they handled? Are they discussed at standup?  How are complaints reported? Are complaints followed up/resolution doc? 29

31  The Security Official shall be responsible for the electronic requirements, the encryption, security of all types of e-equipment that includes resident identifiers and Protected Health Information  Conduct risk assessment re: breach and impermissible use  As sure with coordination of Privacy Official Notice to Office of Civil Rights of any breach of unprotected PHI 30

32 Conduct exercise here… 31

33 TOGETHER WE PROTECT PHI 32

34  Ongoing training, and specific training to key personnel as it relates to their duties NEW EMPLOYEES 33

35 34

Download ppt "Rhonda Anderson, RHIA, President  …is a PROCESS, not a PROJECT 2."

Similar presentations

HIPAA Privacy Practices. Notice A copy of the current DMH Notice must be posted at each service site where persons seeking DMH services will be able to.

HIPAA Privacy Practices. Notice A copy of the current DMH Notice must be posted at each service site where persons seeking DMH services will be able to.
Minimum Necessary Standard Version 1.0

Minimum Necessary Standard Version 1.0
Independent Contractor Orientation HIPAA What Is HIPAA? Health Insurance Portability and Accountability Act of 1996 The Health Insurance Portability.

Independent Contractor Orientation HIPAA What Is HIPAA? Health Insurance Portability and Accountability Act of 1996 The Health Insurance Portability.
HIPAA Basics Brian Fleetham Dickinson Wright PLLC.

HIPAA Basics Brian Fleetham Dickinson Wright PLLC.
Steps to Compliance: Managing Business Associates PRESENTED BY.

Steps to Compliance: Managing Business Associates PRESENTED BY.
Confidentiality and HIPAA

Confidentiality and HIPAA
HIPAA Privacy Rule Training

HIPAA Privacy Rule Training
Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.

Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.
COBB/DOUGLAS COMMUNITY SERVICES BOARD Confidentiality and Privacy of Consumer Information.

COBB/DOUGLAS COMMUNITY SERVICES BOARD Confidentiality and Privacy of Consumer Information.
National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.

National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
P E N N S Y L V A N I A C O A L I T I O N A G A I N S T D O M E S T I C V I O L E N C E P E N N S Y L V A N I A C O A L I T I O N A G A I N S T RAPE HIPAA.

P E N N S Y L V A N I A C O A L I T I O N A G A I N S T D O M E S T I C V I O L E N C E P E N N S Y L V A N I A C O A L I T I O N A G A I N S T RAPE HIPAA.
The HIPAA Privacy Training Video for EMS Field Providers

The HIPAA Privacy Training Video for EMS Field Providers
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna 412-396-4419.

Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna
NAU HIPAA Awareness Training

NAU HIPAA Awareness Training
WHAT IS HIPAA? The Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides certain protections for any of your health information.

WHAT IS HIPAA? The Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides certain protections for any of your health information.
Health Insurance Portability and Accountability Act (HIPAA) Presented by: APS Healthcare Southwestern PA Health Care Quality Unit (HCQU) December 2010.

Health Insurance Portability and Accountability Act (HIPAA) Presented by: APS Healthcare Southwestern PA Health Care Quality Unit (HCQU) December 2010.
COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.

COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.
2014 HIPAA Refresher Omnibus Rule & HIPAA Security.

2014 HIPAA Refresher Omnibus Rule & HIPAA Security.

Similar presentations

Ads by Google