HIPAA 2010                                                                                                    2/17/12 2:57...
HIPAA 2010                                                                                                                ...
HIPAA 2010                                                                                                       2/17/12 2...
HIPAA 2010                                                                                                                ...
Upcoming SlideShare
Loading in …5

“Hipaa 2010”


Published on

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

“Hipaa 2010”

  1. 1. HIPAA 2010 2/17/12 2:57 PM Search Upload Go PRO Login or Signup Email Favorite Download Embed Like Tweet 0 0 Share Related HIPAA Basics HIPAA Aware ness Training HIPAA Compl iance Nursing Stu dents October 2009 Hipaa 2010 interp reter HIPAA training ! HIPAA and R HIOs HIPAAhttp://www.slideshare.net/barbarabenson/hipaa-2010 Page 1 of 4
  2. 2. HIPAA 2010 2/17/12 2:57 PM HIPAA 2010 382 by barbarabenson on Jun 14, 2010 views+ Follow More… No comments yet Notes on Slide 1 Write a comment... Post Comment Subscribe to commentsHIPAA 2010 — Presentation Transcript1. HIPAA Health Insurance Portability and Accountability Act Barbara Benson, R.T.2. History of Medical Ethics Hippocrates 460 BC Practice medicine for the benefit of patients Primum nonnocere First, do no harm Abstain from mischief and corruption Maintain doctor-patient confidentiality3. History of Medical Ethics Thomas Percival 1803 Published the first code of medical ethics Later adoptedby the AMA in 1847 Moral authority and independence of physicians, responsibility to care for the sick, andindividual honor4. Declaration of Geneva 1948 Meant to update the Hippocratic Oath Health and conscience Voluntaryconsent Access without discrimination History of Medical Ethics5. Commonalities Honesty Integrity Confidentiality6. HIPAA -Kennedy-Kassenbaum Bill Health Information Portability and Accountability Act Protects theprivacy and security of patient information Sets limits on who can look at and receive health information Finalrule issued 8 -14 -02 requiring compliance by 8 -14 -037. HIPAA Enforcement Civil Penalties Up to $100 per violation per individual Criminal Penalties “ Egregiousviolations”… the sale of information, gaining access under false pretenses, or releasing information withharmful intent included Up to $250,000 fine and possible incarceration8. What is Protected? Protected Health Information PHI Individually identifiable health informationInformation that can be linked to a particular person originating from a health care service event A physicalor mental health condition at any time9. HIPAA Identifiers Geographic subdivisions smaller than a State Dates (except year) directly related topatient Telephone numbers, Fax numbers, E-mail addresses, SS numbers Medical record numbers , Healthplan beneficiary numbers Account numbers , Certificate/license numbers , Vehicle identifiers Device identifiersand serial numbers, Web URLs , IP address numbers Biometric identifiers, including finger and voice printsFull face photos Any other unique identifying number, characteristic, or code, except as permitted underHIPAA to re-identify data10. PHI Communication Methods HIPAA governs where and how PHI is communicated between all TPO’sElectronic communication Written communication including the medical record Verbal communicationbetween healthcare workers or between healthcare workers and the patient11. Privacy of Communication Access, Use or Disclosure of all Protected Health Information is based on : •Need to Know and • Minimum Necessary12. Who Must Protect it? Covered Entities • A Health Plan or a Healthcare Provider who transmits any healthhttp://www.slideshare.net/barbarabenson/hipaa-2010 Page 2 of 4
  3. 3. HIPAA 2010 2/17/12 2:57 PMinformation in electronic form in connection with a transaction • Business Associates with whom they sharePHI13. “ Need to Know” Individually identifiable information should be made available only to persons whose jobrequires access to that information.14. “ Minimum Necessary” • Only information that is the minimum necessary to get the job done no matterhow much access is provided or available • Having access to patient information does not give the right toaccess or disclose regardless of intent15. “ Minimum Necessary” Before looking at information, ask yourself “ Do I need to know this to do myjob? ” Before sharing information, ask yourself “ Do they need to know this information to do their job? ”16. “ Minimum Necessary” Clinicians may look at and share with other clinicians the entire medical record ofpatients they are treating17. Patient Rights18. Notice of Privacy Practices NPP Governs the uses of PHI as permissible by the patient withinTreatment, Payment and Healthcare Operations (TPO’s) Once the patient is given a NPP at the first treatmentencounter, PHI can be used for any TPO purpose NPP is a once in a lifetime requirement19. NPP Requirements Post NPP prominently The patient signs a separate acknowledgement document thatcontains the privacy officer contact information for that facility Copies of NPP and acknowledgement sheet topatent20. Patient Rights NPP Includes the patients right to: Restrict Access Amend Accounting AlternativeCommunication Methods Complain21. Patient Rights Minors (under 18) have a right to confidential treatment with respect to the followingwithout a parents consent or notice: Abortion Birth control STD testing HIV/AIDS testing Mental healthcounseling22. Permitted by Law Outside of TPO or patient authorization, the only other permitted use of PHI are thoserequired by law: Investigations by HHS Reporting about victims of abuse, neglect or domestic violenceAdverse Event Reporting Reporting to Public Health Authorities23. HIPAA Authorization Patient Authorization Elements The information Who may use or disclose theinformation Who may receive the information Purpose of the use or disclosure Expiration date or eventIndividual’s signature and date Right to revoke authorization Right to refuse to sign authorizationRedisclosure statement24. Record Keeping Good record keeping is a must Authorizations for use of PHI should be kept for at leastsix years Additionally, a record of what information was sent, and to whom.25. Privacy Protection26. Acceptable to use the patient’s full name on sign in sheets but not the reason for the visit Acceptable topage a patient using their full name Ask companions to honor the patient’s privacy by waiting in anotherroom Privacy Protection27. Privacy Protection Do not leave medical information on answering machines Do not leave the medicalrecord unattended Dispose of patient information properly28. Computer Privacy Protection Use 7 character alpha numeric passwords Do not share passwords Securewritten passwords Log off Use screen savers Keep monitor facing away from onlookers Avoid sending thepatient information using e-mail29. Practical Privacy Tips Be aware of your surroundings and who’s listening Close doors whenever possibleSpeak as softly as possible Knock before entering Secure the privacy of all medical records before walkingaway30. HIPAA and Research An authorization must be signed by patients for all clinical research HIPAADisclosure Universe Authorization signed by patient for all clinical research Waiver Criteria applied beforerecords research Exceptions Documented De-identified Limited Dataset TPO Public Safety and otherexceptionshttp://www.slideshare.net/barbarabenson/hipaa-2010 Page 3 of 4
  4. 4. HIPAA 2010 2/17/12 2:57 PM31. Research Authorization Who can use or disclose PHI To whom PHI may be disclosed What PHI may beused or disclosed The purposes of the used or disclosed PHI The duration of the authorization (expirationdate or event) LEARN ABOUT US USING SLIDESHARE PRO & MORE DEVELOPERS & API Search About SlideShare 101 Go PRO new Developers Section Careers Terms of Use Business Solutions Developers Group SlideShare Follow us on Our Blog Privacy Policy Advertise on Engineering Blog on mobile Twitter SlideShare Press Copyright & DMCA Blog Widgets Contact us Community Guidelines Find us on Connect on Help & Support Facebook LinkedIn© 2012 SlideShare Inc. All rights reserved.http://www.slideshare.net/barbarabenson/hipaa-2010 Page 4 of 4