Hipaa.ppt2

344 views

Published on

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
344
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
3
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Hipaa.ppt2

  1. 1. HIPAA Health Insurance Portability and Accountability Act • Federal law passed by Congress in 1996 • Regulations promulgated by the Dept of Health and Human Services • Guidelines implemented in April, 2003 What part do students play in implementing HIPAA? How does this law affect your student role? Click ‘Slide Show’ and View Show’ Begin Program1 of 70
  2. 2. HIPAA regulations were designed to: 1) protect individuals’ rights to privacy and confidentiality and 2) assure the security of electronic transfer of personal information The first, protecting privacy and confidentiality rights, is the subject of this instructional program.2 of 70 Click here to advance
  3. 3. Health information is used by multiple agents in the course of a single episode with a health problem. Below are some of the agencies and individuals who may handle health information. You could, no doubt, add several more. • Admitting clerks • Transport techs • Caregivers from the • Respiratory therapists ED to the morgue • Billing clerks • Physical therapists • Insurance agents/clerks • Nutritionists • School teachers/nurses • Lab personnel • Home health personnel • Receptionists in • Medical records clerks MD offices • Website managers3 of 70 Click here to advance
  4. 4. HIPAA applies to us all--in all settings. That means at school, at home, on the shuttle buses, as well as the hospitals and clinics.4 of 70 Click here to advance
  5. 5. Objectives • After completing this program you will be able to: – Discuss the general concepts of HIPAA guidelines – Adapt HIPAA guidelines for the various settings in which you might practice throughout the curriculum – Discuss the seven patient/client rights regarding his/her health information – Differentiate individuals who have a ‘need to know’ from those who don’t. This determines those with whom you can discuss protected health information – Discuss application of HIPAA to the student role – List legal, professional, and academic consequences of violating HIPAA rules5 of 70 Click here to advance
  6. 6. Why HIPAA?? • Genetic advancements - as more is known about our genetic predisposition to diseases, HIPAA will ensure that, for example, an individual is not denied insurance because the company knows that she may eventually develop MS. • Marketing - as information is more easily captured concerning, for example, the prescriptions we purchase, HIPAA is designed to prevent marketing of unsolicited products or services based on harvested marketing data. • Technology - as information is quickly and sometimes loosely moved around networks, HIPAA standards will hold violators accountable for accidental or intentional ‘interception’ of protected health information (PHI).6 of 70 Click here to advance
  7. 7. Why HIPAA? • An Atlanta truck driver lost his job in early 1998 after his employer learned from his insurance company that he had sought treatment for a drinking problem. • The late tennis star Arthur Ashe’s positive HIV status was disclosed by a healthcare worker and published by a newspaper without his permission. • Tammy Wynette’s medical records were sold to National Enquirer by a hospital employee for $2,610.7 of 70 Click here to advance
  8. 8. When and How Often do I need to be Certified? • The law requires that we comply with the regulations and adhere to agency guidelines. • The ‘certificate of compliance’ you will receive upon the completion of this program will be sufficient until new or updated policies are developed by the Dept. of Health and Human Services. • Be aware that individual agencies may have unique HIPAA policies, and it is your responsibility to know and implement those policies.8 of 70 Click here to advance
  9. 9. What Objectives do the Privacy Regulations Accomplish for Patients? • Give patients more control over their health information. • Set boundaries on the use and disclosure of health records. • Establish appropriate safeguards for all people who participate in or are associated with the provision of healthcare to ensure that they honor patients’ rights to privacy of their PHI. • Hold violators accountable through civil and criminal penalties. • Strike a balance when public responsibility requires disclosure of some forms of data--for example, to protect public health.9 of 70 Click here to advance
  10. 10. With HIPAA we now have new terms and abbreviations to learn!! • Protected Health Information (PHI) or Protected Medical Information (PMI) This is any data about the patient that would tend to identify the individual: name, hospital #, SSN, diagnosis, lab results, past or current photos, etc, etc. • Privacy Officer (PO) Each facility will have an employee who is responsible for implementing and enforcing this law. Some may have one over a multi-facility network (Seton) others one at each site (St. David’s Partnership). As a nursing student this individual (after your instructor or preceptor) could be your point of information regarding HIPAA. • Covered Entity (CE) This includes any health plan, healthcare provider, agency that processes claims, and any company that subcontracts with them are covered by this law.10 of 70 Click here to advance
  11. 11. And more new terms and abbreviations to learn!! • Release/Disclosure These are terms used in describing the release of PHI to other CEs for TPO, treatment. payment, or health care operations. • Accounting of Disclosure (AOD) The patient has the right to have an AODs for his PHI or PMI. • Directory This is CE’s census or list of patients used by volunteers and operators to direct visitors. Different agencies may have other terms they use to communicate HIPAA policies. You will need to keep alert to these instances to comply with the spirit of the law.11 of 70 Click here to advance
  12. 12. The next few slides will present the basic principles of HIPAA as it applies to the student role: • The seven rights in the HIPAA privacy guidelines • Using equipment--computers, printers, fax, and similar machines to transmit patient data • Identifying patients/clients PHI in school papers • Discarding or destroying papers containing patient PHI • Communicating privacy questions/concerns in the agency • Describing the consequences of violating HIPAA guidelines12 of 70 Click here to advance
  13. 13. What are the Seven Patient Rights RegardingPrivacy of PHI (Protected Health Information) Individuals have the right to: • Receive notice of an agency’s privacy practices. • Know that an agency will use its PHI ONLY for treatment, payment, operations (TPO), certain other permitted uses and uses as required by law • Consent to and control the use and disclosure of their PHI.13 of 70 Click here to advance
  14. 14. Seven Rights…continued • Access their protected health information (PHI), except for psychotherapy notes (they might be charged for copies) • Request amendment or addendum to their PHI (not always granted) • Receive accountings of disclosures • File privacy complaints to agency officer14 of 70 Click here to advance
  15. 15. HIPAA Restricts Sharing PHI Personal information cannot be released to individuals or companies interested in marketing ventures, without the patient’s written permission. For example: – Names of patients on antihypertensive drugs cannot be released to a company marketing nutritional products to lower blood pressure. – Names and addresses of pregnant women cannot be provided to infant formula companies. – Contact information of previous patients cannot be used to raise money for a hospital building campaign.15 of 70 Click here to advance
  16. 16. How do students assure patients’ rights to privacy and confidentiality?16 of 70 Click here to advance
  17. 17. Who has Access to PHI? The ‘Need-to-Know’ Principle PHI should be shared with as few individuals as needed to ensure patient care and then only to the extent demanded by the individual’s role. For example, the nursing assistant ‘needs to know’ only the facts concerning the patient’s current admission. As a nursing student, you will discuss PHI only as it applies to your education or your patient’s care.17 of 70 Click here to advance
  18. 18. Protecting your patient’s PHI • Take all reasonable steps to make sure that individuals without the ‘need to know’ do not overhear conversations about PHI. • DO NOT conduct discussion about PHI in elevators or cafeterias. • Do not let others see your computer screen while you are working. Be sure to log out when done with any computer file.18 of 70 Click here to advance
  19. 19. Protecting your patient’s PHI When preparing care plans or other course required documents take extra care to: • identify the patient/client by initials only • use other demographic data only to the extent necessary to identify the patient and his/her needs to the instructor. • protect the computer screen, PDA, clip board, or notes from other individuals who don’t have a ‘need to know’ • protect your printer output from others who don’t have a ‘need to know’ • protect your floppy/zip/CD-ROM/PDA from loss • consider using Webspace to save your documents19 of 70 Click here to advance
  20. 20. Protecting your patient’s PHI In the student role you are NOT to photoduplicate or fax patient documents in the process of working with your patient’s PHI. As an employee of an agency you must use the agencies’ security procedures to transmit PHI.20 of 70 Click here to advance
  21. 21. Destroying PHI/PMI DO NOT put notes with PHI/PMI in the trash or paper recycle cans. A paper shredder is available in the Learning Center for these materials.21 of 70 Click here to advance
  22. 22. Consequences of HIPAA Violations In addition to federal laws, failure to comply with HIPAA also violates • Nursing’s Code of Ethics • Texas Board of Nurse Examiners Standards of Practice • School of Nursing’s academic and scholarly policies22 of 70 Click here to advance
  23. 23. Potential Consequences of HIPAA Violations Legal consequences • Civil or criminal penalties • Fines plus imprisonment Professional consequences: • Disciplinary action by the Board of Nurse Examiners Academic consequences: • Reprimands • Loss of points toward grade or failure of course • Dismissal from School of Nursing23 of 70 Click here to advance
  24. 24. Application of HIPAA to Common Situations Facing Nursing Students24 of 70 Click here to advance
  25. 25. Resisting the Need to Share PHI—Honoring the Patient’s right to Privacy Johnny, an active 4 year old, breaks his arm after falling from a climbing form at his daycare. As the nursing student caring for him after the casting, you know that he is HIV positive. Your daughter attends the same daycare. You alert some of the other moms at that center. What’s wrong with this scenario? Who in this setting has a ‘need to know’ the HIV status of this child? Formulate your answer Next then click the button25 of 70
  26. 26. Sharing this information with the other parents is a violation of the HIPAA statute--ensuring the child’s/family’s right to privacy and confidentiality. The other parents did not ‘need to know’ this information. Really, nobody has the ‘need to know.’ A good action on your part as a registered nurse (or student nurse) would be to look into the day care’s first aid policies and help them develop policies that observe universal precautions in the care of all children and staff. This should be done even if you didn’t know that one of the children were HIV positive Next Scenario26 of 70
  27. 27. Found PHI While working a 3-11 shift in the city/county health clinic, you see some patient data in the trash can. What should you do? Click on the best response • Remove it and take it to the document shredder. • Report it to the Agency’s HIPAA officer. • Call the toll-free number and make an anonymous violation repo • Report it to your instructor or preceptor. Next Scenario27 of 70
  28. 28. No, this is not the best response. You will want to protect the PHI better than this. Try Again28 of 70
  29. 29. Well…this is an option, but maybe over-kill at this stage. You should either tell your instructor or preceptor (tell the head nurse or unit manager only if your instructor or preceptor are not available). They will see that the individual responsible gets further education. Try Again29 of 70
  30. 30. Yes, this is the best option. You should either tell your instructor or preceptor (tell the head nurse or unit manager only if your instructor or preceptor are not available). They will see that the individual responsible gets further education. Next Scenario30 of 70
  31. 31. No, this is not the best response. You’re thinking in the correct direction, but you don’t want to stick your hand into any hospital trash can. You will want to tie up this bag, label it, and get someone to take it to a shredder. As a nursing student your best action would be to discuss with your instructor or preceptor. Try Again31 of 70
  32. 32. No, this is not the best response. This is NOT a good way to win friends for you or the School! Unless you are finding consistent HIPAA violations that after reporting are not being corrected, let the agency have a shot at re- educating its staff OR STUDENTS. Try Again32 of 70
  33. 33. Your Best Friend You work on the neuro unit at the public hospital. You were able to convince your best friend to move to Austin and work with you. In the cafeteria, she begins telling you about this handsome guy that was just admitted to her unit after a bad car wreck. She continues to tell you some of the gory details including ‘driving while intoxicated’ (DWI). What should you do? Click on the best response • Remind her of HIPAA and tell her that you shouldn’t discuss • Ask her how old he is. • Tell her to get his phone number from the chart. • Call the agencies/networks privacy official. • Report her to her head nurse33 of 70 Next Scenario
  34. 34. No, this is not the best response. Did you say she was your best friend? Unless she is consistently violating a patient’s rights to protect his/her PHI, you will want to help each other when you slip. Try Again34 of 70
  35. 35. Really now!!! I am going to get the Agency’s HIPAA Officer after the both of you! Try Again35 of 70
  36. 36. Yes, this is a good option. Help her recall her responsibilities to the patient’s right to confidentiality and privacy. Next Scenario36 of 70
  37. 37. Patient’s Question While assisting Mrs. Johnson with her bath, she tells you that she would like remove her name from the patient data that the volunteers have at the reception desk. Is this a reasonable request? What would you do with this request? Click on the best response • Not reasonable; this information must be at the info desk for • Reasonable; report it to the head nurse or the floor/agency pr • Not reasonable; help her understand that it is a protected by t • Reasonable; call the volunteer office and have her removed f37 of 70 Next Scenario
  38. 38. Yes, this is the correct response. Recall that HIPAA gives patients/clients the right (right #3) to control the use and disclosure of their PHI. It is within her rights to have her name removed from the list. Furthermore, most agencies have special forms for this. Next Scenario38 of 70
  39. 39. Correct, BUT report it and let the right person take care of the details. Most agencies will have special forms for this. The best response is ‘B’ Try Again39 of 70
  40. 40. No, this is a reasonable request. Recall that HIPAA gives patients the right (right #3) to direct use and disclosure of their PHI. It is within her rights to have her name removed from the list. Most agencies will have special forms for this. Try Again40 of 70
  41. 41. Consulting Physician Calls You are the nursing student caring for Mr. Sanchez. His physician has called in several consultants to assist with his care. One of the physicians, Dr Han, a neurologist, calls to get some information about Mr. Sanchez. Can you release information to her? Click on the best response • No, she is going to have to come in to be identified. • Her request would need to be forwarded to the unit manager. • No, she should be instructed to contact Mr. Sanchez’ primary • After obtaining sufficient info to know that it is Dr. Han, you41 of 70 Next Scenario
  42. 42. No, this is not the correct response. After instituting reasonable safeguards that it is Dr. Han, you should give her the information that she requests. Recall that PHI can be shared with other caregivers for TPO (treatment, payment, & agency operation) without getting additional approval from the patient. Try Again42 of 70
  43. 43. Yes, this is the correct response. It is not a violation of HIPAA if you institute reasonable assurances to protect the security of the patient information and then disclose to another person who has a ‘need to know.’ Recall that PHI can be shared with other caregivers for TPO (treatment, payment, & agency operation) without getting additional approval from the patient. Next Scenario43 of 70
  44. 44. Patient’s Spouse Wants to Read the ChartYour patient, Ms Johnson, has confided in you that she and herhusband have been having marital problems. One day while she isat x-ray, her husband asks to see the chart. You think that shemight not want him to see it, but you’re not exactly sure how tohandle the situation. What would you as the nursing student do? Click on the best response • Let him see it. • Refer the request to your instructor or preceptor. • Tell him no, that the chart belongs to his wife. • Delay him, saying that there is nothing in her chart of interes44 of 70 Next Scenario
  45. 45. No, this is not the correct response. You recall that the patient has the right to decide how her PHI can be disclosed. As a student, any question about HIPAA or how to deal with patients or their families should be referred to your faculty or preceptor. Try Again45 of 70
  46. 46. Well…you’re right, but as a student you might want to consult with your instructor or preceptor before dealing with the patient’s husband. Try Again46 of 70
  47. 47. Yes, this is the correct response. It is always the best policy that as a student you refer your questions to your instructor or preceptor. In emergencies, if they aren’t available, speak to the head nurse or unit manager. Next Scenario47 of 70
  48. 48. A FINAL REVIEW Answer the following true-false questions To Start48 of 70
  49. 49. Patients have a right to see their chart? Select your answer True False49 of 70
  50. 50. You’re right!50 of 70 Click here to advance
  51. 51. No, that’s not right. Do you need to review?51 of 70 Click here to advance
  52. 52. Patients can ask that parts of their health record be amended? True False52 of 70
  53. 53. You’re right!53 of 70 Click here to advance
  54. 54. No, that’s not right. Do you need to review?54 of 70 Click here to advance
  55. 55. All PHI is in the patient’s chart? True False55 of 70
  56. 56. You’re right!56 of 70 Click here to advance
  57. 57. No, that’s not right. Do you need to review?57 of 70 Click here to advance
  58. 58. I can talk with my instructor about my patient’s medical history? True False58 of 70
  59. 59. You’re right!59 of 70 Click here to advance
  60. 60. No, that’s not right. Do you need to review?60 of 70 Click here to advance
  61. 61. As a nursing student questions or concerns about HIPAA policies or infractions should be directed to your instructor or preceptor. True False61 of 70
  62. 62. You’re right! You can also talk with the agency’s privacy officer, but as a nursing student it is best to check with your faculty or preceptor first.62 of 70 Click here to advance
  63. 63. No, that’s not right. Do you need to review?63 of 70 Click here to advance
  64. 64. Personal digital assistants (PDAs), clipboards, floppy disks, zip disks and CD-ROMs used for storing PMI, careplans, process recordings, or patient assessments forms must be protected as we protect the patient’s chart? True False64 of 70
  65. 65. You’re right! Any format that contains PHI needs your special attention.65 of 70 Click here to advance
  66. 66. No, that’s not right. Do you need to review?66 of 70 Click here to advance
  67. 67. Complying with HIPAA guidelines is an important part of a healthcare provider’s role. As a nursing student, failure to comply can result in academic, professional, civil, or criminal consequences. True False67 of 70
  68. 68. You’re right!68 of 70 Click here to advance
  69. 69. No, that’s not right. Do you need to review?69 of 70 Click here to advance
  70. 70. The University of Texas at Austin School of Nursing HIPAA Supplemental Training for Health Care Settings Today’s Date:07/19/12 Your Name Printed I have completed this HIPAA training program. I understand the basic provisions of the law and agree to do my part to ensure the patients’ rights of privacy and confidentiality. Furthermore, I understand the consequences of failing to do so. Your Signature and EID Number TO PRINT THE CERTIFICATE: Press the Escape key to get out of this program. Next go to ‘file’ and ‘print.’ Make sure that you are printing only the CURRENT SLIDE, that you are printing in the slide mode, and then click on OK.’ Fill in the blanks and deliver the certificate to the box on the Students Affairs receptionist’s desk. As a student you will need to redo HIPAA training each academic year.70 of 70 Exit Program

×