SlideShare a Scribd company logo

Hipaa final enforcement rule

‱Download as PPTX, PDF‱
‱
York County School of Technology
York County School of Technology
TechnologyBusiness
1 of 59
HIPAA Final Enforcement Rule Chapter 5
Who’s In CharGe HERE? ,[object Object]
Center for Medicare/Medicaid Services (CMS),
Office of Inspector General (OIG),
U.S. Department of Justice (DOJ). .
U.S. Health & Human Services (HHS),,[object Object]
A Brief Review. . . ,[object Object]
Make Standards for Electronic PHI Txns;
Make Rules for CE’s and Time Tables;
Recommend PHI Privacy Standards to Congress;
Determine Pre-Emption scenarios for State Laws; and
Provide for Penalties when HIPAA violations occur. ,[object Object]
Centers for Medicare/Medicaid Services (CMS)
Office of Inspector General (OIG),[object Object]
Let’s Look at the Nature of the Alleged HIPAA Violation. . . Employee has an unencrypted laptop with the PHI of 5,000 veterans. Laptop is stolen from employee’s car. Which Rule has been violated. . . HIPAA Privacy Rule or HIPAA Security Rule
Answer: The HIPAA Privacy Rule. . . Because there has been an unauthorized “disclosure”, as the PHI of thousands of people has been made available to people outside the CE and its associates.
Remember, Privacy is Considered a Civil Right in the U.S. Which Agency is Responsible to Ensure that the Civil Rights of U.S. Citizens are Protected? ,[object Object]
Center for Medicare & Medicaid Services. . . or
Office of Civil Rights ,[object Object]
BTW, Remember the many Privacy Rule Violations we heard about in class. .
Privacy Violations from the OCR Website. . . . ,[object Object]
And the multiple cases of laptop theft from employees who had disabled password security or did not have encryption on their devices.,[object Object]
Published the losses in the media;
Notified citizens whose PHI was in danger;
Made New Policies
Educated Employees
No Mention of Civil Money Penalties. . . .Bearing this in mind, answer the following. . . .
Most complaints regarding violations of the HIPAA Privacy Standard have been resolved without. . . Legal Action Civil Money Penalties Audit Reports Upcoding
YES, The answer that makes the most sense is. . . B. Civil Money Penalties. Not A. Legal Action b/c, remember, violations of the Privacy Rule are generally CIVIL violations. . . (true but not best answer) Not C. Audit Reports b/c the CE’s have to do some kind of follow-up audit to determine the extent of the violation. Answer D is just plain dumb.
Alleged Privacy Rule Violations that abuse a patient’s privacy rights (and do not violate state or federal laws) are CIVIL VIOLATIONS and are investigated by the O.C.R.
Another Scenario. . . Employee of a CE gives her ID and Password to a reporter friend, who uses it to look at PHI of a famous individual with the intent to exploit the information for financial gain. What HIPAA Rule has been violated by the giving of the password. . . The Privacy Rule or the Security Rule?
YEP, It’s the Security Rule. All HIPAA Non-Privacy Rule violations are investigated by the Center for Medicare/Medicaid Services (CMS). So, this issue will be investigated by CMS. CMS has a great deal of responsibility and authority when it comes to HIPAA. . .
HHS has also authorized CMS to enforce these HIPAA Standards: ,[object Object]
The National Employer Identifier Number (EIN) Rule;
The Security Rule;
The National Provider Identifier Rule; and
the National Plan Identifier Rule.,[object Object]
What does the Office of Inspector General (OIG) do, in terms of HIPAA Enforcement? ,[object Object]
In terms of HIPAA, the OIG investigates alleged incidents of fraud and abuse.,[object Object]
Fraud is “an act of deception to take financial advantage of another person.”Fraud is an INTENTIONAL act.
ABUSE In federal law, “abuse” means actions that are not sound medical, business, or fiscal practices AND that misuse U.S. Government money, such as Medicare funds.
“ABUSE” ,[object Object]
Example: Billing for services that, although provided, were not medically necessary.
Abuse may be committed without intent.,[object Object]
Civil Money Penalties (CMP) NOTE: CMP’s cannot exceed $25,000 for all violations of an identical type in a single year. (exam.)
The GREATEST Criminal Penalty can be imposed when the crime is: Using PHI for profit, gain, or harm; Offenses done under false pretenses; Knowingly obtaining PHI in violation of HIPAA; or None of the Above
Answer: A. Using PHI for profit, gain, or harm.
What Happens when a HIPAA violation becomes a criminal matter? The Agency investigating the alleged violation refers it to the U.S. Department of Justice (DOJ)for criminal investigation and follow-up. Example: The OIG or the OCR may refer criminal matters to the DOJ. (See the nice chart, page 127 of Newby)
And MORE About the OIG. . . The Deficit Reduction Act (DRA) of 2005 gave the OIG authority to review and evaluate: 1. State false claim laws, 2. The compliance plans of prescription drug plan sponsors, 3.Reported deaths of patients in restraint or seclusion, and 4. The responses of public health personnel to emergencies created by Hurricanes Katrina and Rita.
THE OIG Issues Fraud Alerts to Covered Entities And, in so doing, advises CE’s about compliance problems that the OIG is finding in its investigations.
Acts AND Omissions. . . Remember, HIPAA standards apply to both wrongful acts as well as failure to act when an act is called for (omissions). This is provided for in the HIPAA Final Enforcement Rule.
Who Can be Charged with a HIPAA Violation? Covered Entities. -Individual Employees do not get charged with HIPAA Violations. . . -Business Associates (BA’s) do not get charged with HIPAA violations. . . -UNLESS. . . .
When do CE Employees or BA’s get charged for a HIPAA violation?
Answer: When the act in question also violates other laws. . Example: Jack, employee of a CE, provides Jill (his girlfriend) with names, d.o.b.’s, and SS# and together they set up a credit card number selling operation. (violation of Credit Card Fraud Laws)
Is Health Care Fraud a REAL Problem in the U.S.? YES. . . The National Health Care Anti-Fraud Association estimates that about 3% of our country’s health care expenses is lost due to fraud. That’s about $60,000,000,000 a year. (or, 60 Billion dollars. ) Wow.
More U.S Laws to Protect Us from Fraud and Abuse
The Health Care Fraud and Abuse Control Program ,[object Object]
Gives the OIG the task of detecting health care fraud and abuse and enforcing all laws relating to them
Provides a collaborative context for the OIG and the U.S. Attorney General to prosecute offenders in a criminal procedure,[object Object]

Recommended

Hr Star Immigration In An Obama Era
Hr Star Immigration In An Obama EraHr Star Immigration In An Obama Era
Hr Star Immigration In An Obama EraCharles Kuck
 
Fa qs
Fa qsFa qs
Fa qslmrickman
 
HIPAA HiTech Regulations: What Non-Medical Companies Need to Know
HIPAA HiTech Regulations: What Non-Medical Companies Need to KnowHIPAA HiTech Regulations: What Non-Medical Companies Need to Know
HIPAA HiTech Regulations: What Non-Medical Companies Need to KnowNetwork 1 Consulting
 
2hourhealthcarefraud
2hourhealthcarefraud2hourhealthcarefraud
2hourhealthcarefraudcccpfc
 
Persuasion
PersuasionPersuasion
PersuasionJason Kegerreis
 
White Paper HIPAA Enforcement 04
White Paper HIPAA Enforcement 04White Paper HIPAA Enforcement 04
White Paper HIPAA Enforcement 04Daniel Solove
 
Legal & Regulatory Powerpoint
Legal & Regulatory PowerpointLegal & Regulatory Powerpoint
Legal & Regulatory PowerpointKendall Brune
 
C:\Fakepath\Secprimodule
C:\Fakepath\SecprimoduleC:\Fakepath\Secprimodule
C:\Fakepath\SecprimoduleBrenda Kershaw
 

Recommended

Hr Star Immigration In An Obama Era
Hr Star Immigration In An Obama EraHr Star Immigration In An Obama Era
Hr Star Immigration In An Obama EraCharles Kuck
 
Fa qs
Fa qsFa qs
Fa qslmrickman
 
HIPAA HiTech Regulations: What Non-Medical Companies Need to Know
HIPAA HiTech Regulations: What Non-Medical Companies Need to KnowHIPAA HiTech Regulations: What Non-Medical Companies Need to Know
HIPAA HiTech Regulations: What Non-Medical Companies Need to KnowNetwork 1 Consulting
 
2hourhealthcarefraud
2hourhealthcarefraud2hourhealthcarefraud
2hourhealthcarefraudcccpfc
 
Persuasion
PersuasionPersuasion
PersuasionJason Kegerreis
 
White Paper HIPAA Enforcement 04
White Paper HIPAA Enforcement 04White Paper HIPAA Enforcement 04
White Paper HIPAA Enforcement 04Daniel Solove
 
Legal & Regulatory Powerpoint
Legal & Regulatory PowerpointLegal & Regulatory Powerpoint
Legal & Regulatory PowerpointKendall Brune
 
C:\Fakepath\Secprimodule
C:\Fakepath\SecprimoduleC:\Fakepath\Secprimodule
C:\Fakepath\SecprimoduleBrenda Kershaw
 
Immigration Compliance and E-Verify for Federal contractors
Immigration Compliance and E-Verify for Federal contractorsImmigration Compliance and E-Verify for Federal contractors
Immigration Compliance and E-Verify for Federal contractorsEliot Norman
 
cis11
cis11cis11
cis11Rashid Rashid
 
HITECH-Changes-to-HIPAA
HITECH-Changes-to-HIPAAHITECH-Changes-to-HIPAA
HITECH-Changes-to-HIPAAGurvinder Singh, CISSP, CISA, ITIL v3
 
AAN Seniors National Health Care Survey - February 2014
AAN Seniors National Health Care Survey - February 2014AAN Seniors National Health Care Survey - February 2014
AAN Seniors National Health Care Survey - February 2014AmericanActionNetwork
 
Preventing Fraud, Waste, and Abuse in Health Care
Preventing Fraud, Waste, and Abuse in Health CarePreventing Fraud, Waste, and Abuse in Health Care
Preventing Fraud, Waste, and Abuse in Health CareDr. Zabian Crosby, D.H.Ed.
 
EY Reining-in-sexual-harassment-at-the-workplace-in-india survey
EY Reining-in-sexual-harassment-at-the-workplace-in-india surveyEY Reining-in-sexual-harassment-at-the-workplace-in-india survey
EY Reining-in-sexual-harassment-at-the-workplace-in-india surveyAkhilesh Krishnan
 
The Health Care Law Power Point Slides
The Health Care Law Power Point SlidesThe Health Care Law Power Point Slides
The Health Care Law Power Point SlidesStrategic Healthcare Resources
 
Fraud, Waste & Abuse in Health Care
Fraud, Waste & Abuse in Health CareFraud, Waste & Abuse in Health Care
Fraud, Waste & Abuse in Health CareGreenway Health
 
Fifth Annual Study on Medical Identity Theft
Fifth Annual Study on Medical Identity TheftFifth Annual Study on Medical Identity Theft
Fifth Annual Study on Medical Identity Theft- Mark - Fullbright
 
DATA BREACH CHARTS
DATA BREACH CHARTSDATA BREACH CHARTS
DATA BREACH CHARTS- Mark - Fullbright
 
Medical fraud and its implications Dr Vaikuthan Rajaratnam
Medical fraud and its implications Dr Vaikuthan RajaratnamMedical fraud and its implications Dr Vaikuthan Rajaratnam
Medical fraud and its implications Dr Vaikuthan RajaratnamVaikunthan Rajaratnam
 
Hipaa Goes Hitech
Hipaa Goes HitechHipaa Goes Hitech
Hipaa Goes HitechCandy Matheny
 
Hazed and Confused
Hazed and ConfusedHazed and Confused
Hazed and ConfusedKegler Brown Hill + Ritter
 
HIPAA Privacy, Security, Breach Overview
HIPAA Privacy, Security, Breach OverviewHIPAA Privacy, Security, Breach Overview
HIPAA Privacy, Security, Breach OverviewHealthCare Too, LLC
 
Hippa training v2
Hippa training v2Hippa training v2
Hippa training v2Suzanne Guggenheim
 
CSI 2008, Legal Developments In Security and Privacy Law
CSI 2008, Legal Developments In Security and Privacy Law CSI 2008, Legal Developments In Security and Privacy Law
CSI 2008, Legal Developments In Security and Privacy Law padler01
 
PSOW 2016 - Compliance
PSOW 2016 - CompliancePSOW 2016 - Compliance
PSOW 2016 - CompliancePSOW
 
Corruption
CorruptionCorruption
CorruptionAnoop Kumar
 
Response to EnodoRights Assessment
Response to EnodoRights AssessmentResponse to EnodoRights Assessment
Response to EnodoRights AssessmentMcDiyan Yapari
 
Employee Background Checks: Avoid the Pitfalls
Employee Background Checks: Avoid the PitfallsEmployee Background Checks: Avoid the Pitfalls
Employee Background Checks: Avoid the PitfallsHuman Resources & Payroll
 
Hipa Health Insurance Portability And Accountability Act
Hipa Health Insurance Portability And Accountability ActHipa Health Insurance Portability And Accountability Act
Hipa Health Insurance Portability And Accountability ActAmy Williams
 
Fraud And Abuse In The U.S. Healthcare System
Fraud And Abuse In The U.S. Healthcare SystemFraud And Abuse In The U.S. Healthcare System
Fraud And Abuse In The U.S. Healthcare SystemKendra Cote
 

More Related Content

What's hot

Immigration Compliance and E-Verify for Federal contractors
Immigration Compliance and E-Verify for Federal contractorsImmigration Compliance and E-Verify for Federal contractors
Immigration Compliance and E-Verify for Federal contractorsEliot Norman
 
AAN Seniors National Health Care Survey - February 2014
AAN Seniors National Health Care Survey - February 2014AAN Seniors National Health Care Survey - February 2014
AAN Seniors National Health Care Survey - February 2014AmericanActionNetwork
 
Preventing Fraud, Waste, and Abuse in Health Care
Preventing Fraud, Waste, and Abuse in Health CarePreventing Fraud, Waste, and Abuse in Health Care
Preventing Fraud, Waste, and Abuse in Health CareDr. Zabian Crosby, D.H.Ed.
 
EY Reining-in-sexual-harassment-at-the-workplace-in-india survey
EY Reining-in-sexual-harassment-at-the-workplace-in-india surveyEY Reining-in-sexual-harassment-at-the-workplace-in-india survey
EY Reining-in-sexual-harassment-at-the-workplace-in-india surveyAkhilesh Krishnan
 
Fraud, Waste & Abuse in Health Care
Fraud, Waste & Abuse in Health CareFraud, Waste & Abuse in Health Care
Fraud, Waste & Abuse in Health CareGreenway Health
 
Fifth Annual Study on Medical Identity Theft
Fifth Annual Study on Medical Identity TheftFifth Annual Study on Medical Identity Theft
Fifth Annual Study on Medical Identity Theft- Mark - Fullbright
 
Medical fraud and its implications Dr Vaikuthan Rajaratnam
Medical fraud and its implications Dr Vaikuthan RajaratnamMedical fraud and its implications Dr Vaikuthan Rajaratnam
Medical fraud and its implications Dr Vaikuthan RajaratnamVaikunthan Rajaratnam
 
Hipaa Goes Hitech
Hipaa Goes HitechHipaa Goes Hitech
Hipaa Goes HitechCandy Matheny
 
HIPAA Privacy, Security, Breach Overview
HIPAA Privacy, Security, Breach OverviewHIPAA Privacy, Security, Breach Overview
HIPAA Privacy, Security, Breach OverviewHealthCare Too, LLC
 
CSI 2008, Legal Developments In Security and Privacy Law
CSI 2008, Legal Developments In Security and Privacy Law CSI 2008, Legal Developments In Security and Privacy Law
CSI 2008, Legal Developments In Security and Privacy Law padler01
 
PSOW 2016 - Compliance
PSOW 2016 - CompliancePSOW 2016 - Compliance
PSOW 2016 - CompliancePSOW
 
Corruption
CorruptionCorruption
CorruptionAnoop Kumar
 
Response to EnodoRights Assessment
Response to EnodoRights AssessmentResponse to EnodoRights Assessment
Response to EnodoRights AssessmentMcDiyan Yapari
 
Employee Background Checks: Avoid the Pitfalls
Employee Background Checks: Avoid the PitfallsEmployee Background Checks: Avoid the Pitfalls
Employee Background Checks: Avoid the PitfallsHuman Resources & Payroll
 

What's hot (20)

Immigration Compliance and E-Verify for Federal contractors
Immigration Compliance and E-Verify for Federal contractorsImmigration Compliance and E-Verify for Federal contractors
Immigration Compliance and E-Verify for Federal contractors
 
cis11
cis11cis11
cis11
 
HITECH-Changes-to-HIPAA
HITECH-Changes-to-HIPAAHITECH-Changes-to-HIPAA
HITECH-Changes-to-HIPAA
 
AAN Seniors National Health Care Survey - February 2014
AAN Seniors National Health Care Survey - February 2014AAN Seniors National Health Care Survey - February 2014
AAN Seniors National Health Care Survey - February 2014
 
Preventing Fraud, Waste, and Abuse in Health Care
Preventing Fraud, Waste, and Abuse in Health CarePreventing Fraud, Waste, and Abuse in Health Care
Preventing Fraud, Waste, and Abuse in Health Care
 
EY Reining-in-sexual-harassment-at-the-workplace-in-india survey
EY Reining-in-sexual-harassment-at-the-workplace-in-india surveyEY Reining-in-sexual-harassment-at-the-workplace-in-india survey
EY Reining-in-sexual-harassment-at-the-workplace-in-india survey
 
The Health Care Law Power Point Slides
The Health Care Law Power Point SlidesThe Health Care Law Power Point Slides
The Health Care Law Power Point Slides
 
Fraud, Waste & Abuse in Health Care
Fraud, Waste & Abuse in Health CareFraud, Waste & Abuse in Health Care
Fraud, Waste & Abuse in Health Care
 
Fifth Annual Study on Medical Identity Theft
Fifth Annual Study on Medical Identity TheftFifth Annual Study on Medical Identity Theft
Fifth Annual Study on Medical Identity Theft
 
DATA BREACH CHARTS
DATA BREACH CHARTSDATA BREACH CHARTS
DATA BREACH CHARTS
 
Medical fraud and its implications Dr Vaikuthan Rajaratnam
Medical fraud and its implications Dr Vaikuthan RajaratnamMedical fraud and its implications Dr Vaikuthan Rajaratnam
Medical fraud and its implications Dr Vaikuthan Rajaratnam
 
Hipaa Goes Hitech
Hipaa Goes HitechHipaa Goes Hitech
Hipaa Goes Hitech
 
Hazed and Confused
Hazed and ConfusedHazed and Confused
Hazed and Confused
 
HIPAA Privacy, Security, Breach Overview
HIPAA Privacy, Security, Breach OverviewHIPAA Privacy, Security, Breach Overview
HIPAA Privacy, Security, Breach Overview
 
Hippa training v2
Hippa training v2Hippa training v2
Hippa training v2
 
CSI 2008, Legal Developments In Security and Privacy Law
CSI 2008, Legal Developments In Security and Privacy Law CSI 2008, Legal Developments In Security and Privacy Law
CSI 2008, Legal Developments In Security and Privacy Law
 
PSOW 2016 - Compliance
PSOW 2016 - CompliancePSOW 2016 - Compliance
PSOW 2016 - Compliance
 
Corruption
CorruptionCorruption
Corruption
 
Response to EnodoRights Assessment
Response to EnodoRights AssessmentResponse to EnodoRights Assessment
Response to EnodoRights Assessment
 
Employee Background Checks: Avoid the Pitfalls
Employee Background Checks: Avoid the PitfallsEmployee Background Checks: Avoid the Pitfalls
Employee Background Checks: Avoid the Pitfalls
 

Similar to Hipaa final enforcement rule

Hipa Health Insurance Portability And Accountability Act
Hipa Health Insurance Portability And Accountability ActHipa Health Insurance Portability And Accountability Act
Hipa Health Insurance Portability And Accountability ActAmy Williams
 
Fraud And Abuse In The U.S. Healthcare System
Fraud And Abuse In The U.S. Healthcare SystemFraud And Abuse In The U.S. Healthcare System
Fraud And Abuse In The U.S. Healthcare SystemKendra Cote
 
Confidentiality
ConfidentialityConfidentiality
ConfidentialityLfsadie
 
HIPAA Part I the Law Test
HIPAA Part I the Law TestHIPAA Part I the Law Test
HIPAA Part I the Law TestSachiko Hurst
 
Hipaa presentation
Hipaa presentationHipaa presentation
Hipaa presentationcjkonsella
 
Hippa training on confidentiality
Hippa training on confidentialityHippa training on confidentiality
Hippa training on confidentialitycraig45365
 
Hippa training on confidentiality
Hippa training on confidentialityHippa training on confidentiality
Hippa training on confidentialitycraig45365
 
I D Theft Employee Presentation2
I D Theft Employee Presentation2I D Theft Employee Presentation2
I D Theft Employee Presentation2Heather Smith
 
What is HIPAA Compliance?
What is HIPAA Compliance?What is HIPAA Compliance?
What is HIPAA Compliance?Power Admin LLC
 
Fraud and Abuse 2017
Fraud and Abuse 2017Fraud and Abuse 2017
Fraud and Abuse 2017faemont
 
Risk Management and Volunteerism
Risk Management and VolunteerismRisk Management and Volunteerism
Risk Management and Volunteerismkll27
 
APR Ethics, Law &Technology
APR Ethics, Law &TechnologyAPR Ethics, Law &Technology
APR Ethics, Law &TechnologyJoel Kline
 

Similar to Hipaa final enforcement rule (12)

Hipa Health Insurance Portability And Accountability Act
Hipa Health Insurance Portability And Accountability ActHipa Health Insurance Portability And Accountability Act
Hipa Health Insurance Portability And Accountability Act
 
Fraud And Abuse In The U.S. Healthcare System
Fraud And Abuse In The U.S. Healthcare SystemFraud And Abuse In The U.S. Healthcare System
Fraud And Abuse In The U.S. Healthcare System
 
Confidentiality
ConfidentialityConfidentiality
Confidentiality
 
HIPAA Part I the Law Test
HIPAA Part I the Law TestHIPAA Part I the Law Test
HIPAA Part I the Law Test
 
Hipaa presentation
Hipaa presentationHipaa presentation
Hipaa presentation
 
Hippa training on confidentiality
Hippa training on confidentialityHippa training on confidentiality
Hippa training on confidentiality
 
Hippa training on confidentiality
Hippa training on confidentialityHippa training on confidentiality
Hippa training on confidentiality
 
I D Theft Employee Presentation2
I D Theft Employee Presentation2I D Theft Employee Presentation2
I D Theft Employee Presentation2
 
What is HIPAA Compliance?
What is HIPAA Compliance?What is HIPAA Compliance?
What is HIPAA Compliance?
 
Fraud and Abuse 2017
Fraud and Abuse 2017Fraud and Abuse 2017
Fraud and Abuse 2017
 
Risk Management and Volunteerism
Risk Management and VolunteerismRisk Management and Volunteerism
Risk Management and Volunteerism
 
APR Ethics, Law &Technology
APR Ethics, Law &TechnologyAPR Ethics, Law &Technology
APR Ethics, Law &Technology
 

More from York County School of Technology

Chapter 1 the goal of hipaa administrative simplification
Chapter 1 the goal of hipaa administrative simplificationChapter 1 the goal of hipaa administrative simplification
Chapter 1 the goal of hipaa administrative simplificationYork County School of Technology
 

More from York County School of Technology (6)

Addiction powerpoint q ^l0 a format
Addiction powerpoint q ^l0 a formatAddiction powerpoint q ^l0 a format
Addiction powerpoint q ^l0 a format
 
Substance abuse during pregnancy
Substance abuse during pregnancySubstance abuse during pregnancy
Substance abuse during pregnancy
 
Tort powerpoint from slideshare
Tort powerpoint from slideshareTort powerpoint from slideshare
Tort powerpoint from slideshare
 
Chapter 2 class exam exercise
Chapter 2 class exam exerciseChapter 2 class exam exercise
Chapter 2 class exam exercise
 
Chapter 1 the goal of hipaa administrative simplification
Chapter 1 the goal of hipaa administrative simplificationChapter 1 the goal of hipaa administrative simplification
Chapter 1 the goal of hipaa administrative simplification
 
Scope of practice
Scope of practiceScope of practice
Scope of practice
 

Recently uploaded

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel AraĂșjo
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 

Recently uploaded (20)

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 

Hipaa final enforcement rule

  • 1. HIPAA Final Enforcement Rule Chapter 5
  • 2.
  • 4. Office of Inspector General (OIG),
  • 5. U.S. Department of Justice (DOJ). .
  • 6.
  • 7.
  • 8. Make Standards for Electronic PHI Txns;
  • 9. Make Rules for CE’s and Time Tables;
  • 10. Recommend PHI Privacy Standards to Congress;
  • 11. Determine Pre-Emption scenarios for State Laws; and
  • 12.
  • 14.
  • 15. Let’s Look at the Nature of the Alleged HIPAA Violation. . . Employee has an unencrypted laptop with the PHI of 5,000 veterans. Laptop is stolen from employee’s car. Which Rule has been violated. . . HIPAA Privacy Rule or HIPAA Security Rule
  • 16. Answer: The HIPAA Privacy Rule. . . Because there has been an unauthorized “disclosure”, as the PHI of thousands of people has been made available to people outside the CE and its associates.
  • 17.
  • 18. Center for Medicare & Medicaid Services. . . or
  • 19.
  • 20. BTW, Remember the many Privacy Rule Violations we heard about in class. .
  • 21.
  • 22.
  • 23. Published the losses in the media;
  • 24. Notified citizens whose PHI was in danger;
  • 27. No Mention of Civil Money Penalties. . . .Bearing this in mind, answer the following. . . .
  • 28. Most complaints regarding violations of the HIPAA Privacy Standard have been resolved without. . . Legal Action Civil Money Penalties Audit Reports Upcoding
  • 29. YES, The answer that makes the most sense is. . . B. Civil Money Penalties. Not A. Legal Action b/c, remember, violations of the Privacy Rule are generally CIVIL violations. . . (true but not best answer) Not C. Audit Reports b/c the CE’s have to do some kind of follow-up audit to determine the extent of the violation. Answer D is just plain dumb.
  • 30. Alleged Privacy Rule Violations that abuse a patient’s privacy rights (and do not violate state or federal laws) are CIVIL VIOLATIONS and are investigated by the O.C.R.
  • 31. Another Scenario. . . Employee of a CE gives her ID and Password to a reporter friend, who uses it to look at PHI of a famous individual with the intent to exploit the information for financial gain. What HIPAA Rule has been violated by the giving of the password. . . The Privacy Rule or the Security Rule?
  • 32. YEP, It’s the Security Rule. All HIPAA Non-Privacy Rule violations are investigated by the Center for Medicare/Medicaid Services (CMS). So, this issue will be investigated by CMS. CMS has a great deal of responsibility and authority when it comes to HIPAA. . .
  • 33.
  • 34. The National Employer Identifier Number (EIN) Rule;
  • 36. The National Provider Identifier Rule; and
  • 37.
  • 38.
  • 39.
  • 40. Fraud is “an act of deception to take financial advantage of another person.”Fraud is an INTENTIONAL act.
  • 41. ABUSE In federal law, “abuse” means actions that are not sound medical, business, or fiscal practices AND that misuse U.S. Government money, such as Medicare funds.
  • 42.
  • 43. Example: Billing for services that, although provided, were not medically necessary.
  • 44.
  • 45. Civil Money Penalties (CMP) NOTE: CMP’s cannot exceed $25,000 for all violations of an identical type in a single year. (exam.)
  • 46. The GREATEST Criminal Penalty can be imposed when the crime is: Using PHI for profit, gain, or harm; Offenses done under false pretenses; Knowingly obtaining PHI in violation of HIPAA; or None of the Above
  • 47. Answer: A. Using PHI for profit, gain, or harm.
  • 48. What Happens when a HIPAA violation becomes a criminal matter? The Agency investigating the alleged violation refers it to the U.S. Department of Justice (DOJ)for criminal investigation and follow-up. Example: The OIG or the OCR may refer criminal matters to the DOJ. (See the nice chart, page 127 of Newby)
  • 49. And MORE About the OIG. . . The Deficit Reduction Act (DRA) of 2005 gave the OIG authority to review and evaluate: 1. State false claim laws, 2. The compliance plans of prescription drug plan sponsors, 3.Reported deaths of patients in restraint or seclusion, and 4. The responses of public health personnel to emergencies created by Hurricanes Katrina and Rita.
  • 50. THE OIG Issues Fraud Alerts to Covered Entities And, in so doing, advises CE’s about compliance problems that the OIG is finding in its investigations.
  • 51. Acts AND Omissions. . . Remember, HIPAA standards apply to both wrongful acts as well as failure to act when an act is called for (omissions). This is provided for in the HIPAA Final Enforcement Rule.
  • 52. Who Can be Charged with a HIPAA Violation? Covered Entities. -Individual Employees do not get charged with HIPAA Violations. . . -Business Associates (BA’s) do not get charged with HIPAA violations. . . -UNLESS. . . .
  • 53. When do CE Employees or BA’s get charged for a HIPAA violation?
  • 54. Answer: When the act in question also violates other laws. . Example: Jack, employee of a CE, provides Jill (his girlfriend) with names, d.o.b.’s, and SS# and together they set up a credit card number selling operation. (violation of Credit Card Fraud Laws)
  • 55. Is Health Care Fraud a REAL Problem in the U.S.? YES. . . The National Health Care Anti-Fraud Association estimates that about 3% of our country’s health care expenses is lost due to fraud. That’s about $60,000,000,000 a year. (or, 60 Billion dollars. ) Wow.
  • 56. More U.S Laws to Protect Us from Fraud and Abuse
  • 57.
  • 58. Gives the OIG the task of detecting health care fraud and abuse and enforcing all laws relating to them
  • 59.
  • 60.
  • 61.
  • 62. The law protects the relator against employer retaliation.
  • 63.
  • 65. Refer patients to an entity
  • 66. For the furnishing of designated health services
  • 67. If there is a financial r-ship between the physician Or his/her immediate family member and said entity
  • 68.
  • 71. Stark Law II Expanded the “entities” list from Stark I and provides for civil money penalties up to $100,000 for each “arrangement or scheme” that a person knows or should know would violate the statute.
  • 72. What if a physician violates the Stark Laws? In addition to CMP’s The government may withhold payments for the illegal referrals and seek to make the violator pay back past payments made under the illegal “arrangements or schemes.” Bottom line: Doctors have to be careful when they invest in other businesses!
  • 73. Stories about Fraud, Kickbacks, and Theft There are some good examples of each on page 130 of your book in the orange “FYI” box. Take a Look!
  • 74. ONE MORE LAW. . . .Sarbanes-Oxley Act of 2002 Bottom Line for Health Care: If a health care corporation operates for profit and publicly traded, then it must attest to the soundness of its financial management. (Gives another opportunity for the whistleblowers as well.)
  • 75. What is the PURPOSE of Sarbanes-Oxley? After a few Fortune 500 companies defrauded investors and the American public by lying about their worth, there was an alleged “public outcry” for the SEC to have the authority to examine records of publicly traded companies for transparency in their valuation techniques. People lost a lot of money because of the past fraudulent conduct.
  • 76.
  • 77. The Focus could be on ANY type of health care billing and finance.
  • 78.
  • 79.
  • 80. Audit and monitor compliance w/government regulations;
  • 81. Have consistent policies & procedures;
  • 82. Provide for ongoing staff training & education; AND
  • 83.
  • 84. Occupational Safety & Health Administration(OSHA)
  • 85.
  • 86. Appointment of a Compliance Officer and Committee,
  • 91.
  • 92. B is the Correct Answer
  • 93. Oh My Goodness!We’re Done with Chapter 5 Already!