Upcoming SlideShare
Loading in...5

Like this? Share it with your network

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads


Total Views
On Slideshare
From Embeds
Number of Embeds



Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

    No notes for slide


  • 1. Understanding HIPAA
    • Presented by:
    • Officer Frank Webb
    • Mental Health Unit
    • Houston Police Department
  • 2. Disclaimer
    • The information provided in this presentation does not constitute legal advice and is intended to be used for guidance only.
  • 3. HIPAA?
    • Helping Impede Police Action & Authority
    • or
    • Health Insurance Portability & Accountability Act
  • 4. HIPAA
    • Also known as the Kennedy-Kassenbaum Act
    • Grew out of the Clinton Health Care Administration
  • 5. HIPAA Goals
    • Insure the confidentiality of patients’ health care information
    • Simplify the prosecution of health care fraud and abuse
    • Make changing jobs easier, while providing better access to health care insurance
  • 6. Examples
    • Chief over ISD
    • Collecting data within an agency
    • HNT
    • Call-Takers not being able to ask about MI
  • 7. Examples
    • Sharing data between police departments
    • Premise histories
    • Your examples?
  • 8. Definitions
    • PHI (Protected Health Information) - All Individually Identifiable Health Information and other information on treatment and care that is transmitted or maintained in any form or medium
    • Use - The sharing, employment, application, utilization, examination, or analysis of such information within an entity that maintains such information
  • 9. Definitions
    • Disclosure - Release or divulgence of information by an entity to persons or organizations outside of that entity
    • Authorization - The mechanism for obtaining consent from a patient for the use and disclosure of health information for a purpose that is not treatment, payment, or health care operations or not for other permitted disclosures
  • 10. Definitions
    • Minimum Necessary - When using PHI, a covered entity must make all reasonable efforts to limit itself to the “minimum necessary to accomplish the intended purpose of the use, disclosure, or request”
    • Health Plan - An individual or group plan that provides, or pays the cost of, medical care
  • 11. Definitions
    • Health Care Provider - Any person or organization that furnishes, bills, or is paid for health care services or supplies (such as EMS, Mental Health, Health Departments, etc.)
  • 12. Definitions
    • Health Care Clearinghouse - A public or private entity that processes or facilitates the processing of nonstandard data elements of health information into standard data elements
    • Covered Entities - Those entities that must comply with HIPAA regulations: Health Plans, Health Care Providers, and Health Care Clearinghouses
  • 13. A Health Care Provider
    • Doctors
    • Clinics
    • Psychologists
    • Dentists
    • Chiropractors
    • Nursing Homes
    • Pharmacies
  • 14. A Health Plan
    • Health insurance companies
    • HMOs
    • Company health plans
    • Government programs that pay for health care, such as Medicare, Medicaid, and the military and veterans health care programs
  • 15. A Health Care Clearinghouse
    • This includes entities that process nonstandard health information they receive from another entity into a standard (i.e., standard electronic format or data content), or vice versa
  • 16. Covered Entities
    • The Privacy and Security Rules apply only to covered entities. If an entity is not a covered entity, it does not have to comply.
    • - U.S. Department of Health & Human Services
  • 17. The Problem
    • The potential for HIPAA problems arises when dealing with agencies that do have to comply with it.
    • Obtaining patient health information
    • Being asked to release patient health information by the press, public or other interested parties
  • 18. Permitted Law Enforcement Disclosures
    • As required by law (court orders, court-ordered warrants, subpoenas) and administrative requests
    • To identify or locate a suspect, fugitive, material witness, or missing person
    • In response to a law enforcement official’s request for information about a victim or suspected victim of a crime
  • 19. Permitted Law Enforcement Disclosures
    • To alert law enforcement of a person’s death, if the covered entity suspects that criminal activity caused the death
    • When a covered entity believes that protected health information is evidence of a crime that occurred on its premises
  • 20. Permitted Law Enforcement Disclosures
    • By a covered health care provider in a medical emergency not occurring on its premises, when necessary to inform law enforcement about the commission and nature of a crime, the location of the crime or crime victims, and the perpetrator of the crime.
    - U.S. Dept. of Health and Human Services
  • 21. Administrative Request
    • Administrative subpoena or investigative demand or other written request from a law enforcement official. Does not require judicial involvement. Must include a written statement the information requested is relevant and material, specific and limited in scope.
  • 22. Necessary to prevent/lessen an imminent threat to health or safety of a person or the public? Disclose minimum necessary to person(s) able to prevent/lessen threat Oregon Health & Science University Integrity Office
  • 23. Requesting PHI to identify or locate a suspect, fugitive, material witness or missing person?
    • Name and address
    • Date and place of birth
    • Social Security number
    • ABO blood type & rh factor
    • Type of injury
    • Date and time of treatment
    • Date and time of death
    • Distinguishing physical characteristics
    Oregon Health & Science University Integrity Office
  • 24. Necessary to identify or apprehend an individual where it appears the person escaped from custody or correctional institution? Disclose minimum necessary Oregon Health & Science University Integrity Office
  • 25. Is disclosure to report about a victim of abuse or neglect (child, elder, mentally ill/developmentally disabled? Disclose minimum necessary Oregon Health & Science University Integrity Office