Patient confidentiality


Published on

Patient Confidentiality

Published in: Education, Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Patient confidentiality

  1. 1. Patient Confidentiality HIPAA Guidelines
  2. 2. New Omnibus HIPAA Rule New rights for patient Tighter definition of HIPAA violations (breaches) New emphasis by Office of Civil Rights (OCR) Government to audit HIPAA compliance New emphasis to on sanctions and fines when HIPAA breaches are serious
  3. 3. The HIPAA Law HIPAA, which stand for the America Health Insurance Portability and Accountability Act, is a set of rules to be followed by doctors, hospital and other health care providers. HIPAA helps ensure that all medical records, medical billing, and patient accounts meet certain consistent standards with regard to documentation, handling and privacy. Ref:
  4. 4. Your Facility HIPAA Compliant for 2014? Any healthcare provider that electronically stores, processes or transmits medical records, medical remittances, or certificates must comply with HIPAA regulations. HIPAA does not require a practice to purchase a computer-based system as it applies only to electronic medical transactions. Ref:
  5. 5. Why do I care? • Once you are a part of a covered entity, you are responsible to safeguard all Protected Health Information (PHI). Whether it is transmitted electronically, in paper format or transmitted orally. As an employee one is responsible to protect PHI.
  6. 6. Minimum Necessary PHI • An organization may share only minimum amount of PHI necessary, except for request made: • By the patient or as requested by the patient to others • By the Secretary of the Department of Health & Human Services (DHHS) • As required by law • To complete standardized electronic transactions as required by HIPAA But • An organization is a covered entity and may share PHI for: • Treatment, payment and health care operation • Disclosures required by law • Public health and other governmental reporting
  7. 7. When can you use PHI? Only to do your job! And on a “NEED To KNOW BASIS? Ref:
  8. 8. For many other uses and disclosures of PHI… An organization must get a sign consent of release from the patient to release any PHI set by the guidelines by the organization. It is very important for all employees to know “When in doubt ask!” Disciplinary Actions Sanctions policy Individuals who breach HIPAA policies for any organization will be subjected to the appropriate discipline. Including termination, loss of job. As a reminder it is not worth it.
  9. 9. HIPAA Changes in 2013 • Updated notices of Privacy Practices • Patients can request an accounting of all access to their records • Patients can change their visitation requests as often as they like • We can use some PHI for fundraising as long as the patient can opt out • Allowed to disclose student immunizations • PHI can’t be sold unless patients are told • Changes in fines for breaches
  10. 10. What are some steps I can take to ensure I am safeguarding PHI? • Do not remove PHI from the office, except as necessary to perform you job • Use caution when faxing information, including verifying the receiver, double- checking the fax number, use a cover sheet, and calling to confirm that the fax was sent. • When discussion PHI, talk with a low voice to ensure that no other than the intended can here what you are discussing.
  11. 11. Workstation procedures • When walking away from you workstation “Do not leave the screen open with patient information on”. • Log – off or lock work stations when not in use • Do not share passwords or work on someone else’s computer • Keep offices secure • Keep all portable storages locked up • When sending PHI out side of the facility use encryption
  12. 12. When in doubt Ask management, supervisor or compliance officer.
  13. 13. References Hilo Medical Center, Education Department, 5, September, 2013, 2013 HIPAA Omnibus Rule Training, Retrieved September 30, 2013 from handout