2. What is it???
• The act protects the privacy of an individuals
identifiable health information
• Designed to ensure
confidentiality, integrity, and availability
3. Who must abide to it??
Covered Entities:
Those who are involved in the handling, storing, using
of, and/or the exchange of an individuals health
information.
This includes any health care provider, health care
plans, and health care clearinghouses
4. All Employees
Does everyone within the organization need to
follow HIPAA rules?
– The answer is YES!
This includes not only the staff but
volunteers, trainees, agents and contractors.
5. Questions
1. What is HIPAA?
2. What are covered entities?
3. Who within the covered entity needs to
follow HIPAA rules?
6. What Information is Covered?
Identifiable Information:
(this includes demographic data)
- An individual’s past, present, or future
physical or mental health or condition
- Provision of health care to the individual
- Past, present, or future payment for health
care
8. Who Enforces HIPAA?
The Department of Health and Human Services
Office for Civil Rights (OCR)
They administer and enforce by conducting
investigations on complaints and
conducting compliance reviews.
9. Civil Penalties
$100 up to $50,000 or
more per violation.
Yearly cap of $1,500,000
10. Criminal Penalties
Up to $50,000 and 1 year imprisonment
or
$100,000 and 5 year imprisonment involving
false pretenses
or
$250,000 and 10 year imprisonment if conduct
involves intent to sell, transfer, or use
information for commercial
advantage, personal gain, or malicious harm
11. How Can I protect information?
What can you do to protect a patient’s
information?
Shield computer screens
Close laptop lids
Frequently change passwords (monthly or bi-
monthly)
Other Ideas??
12. What not to do?
Do not share passwords
Do not discuss a patients information in front of
others
Do not blog, text, of post on social media any
information about a patient (even if no name
is given)
Do not snoop! If you are not caring for the
patient you do not need to read their
information
13. Review
What are the civil penalties for violations?
What are the criminal penalties for violations?
Who regulates HIPAA?
Identify what information is protected?
14. Review
Identify two things you can do to prevent a
HIPAA violation.
Identify two things that might constitute a
HIPAA violation.
15. Remember
Our business is health care
Privacy is a must.
Violations can result in fines and imprisonment
and termination of employment.
16. Review your HIPAA regulations regularly.
If you do not know if something is acceptable
under HIPAA regulations – ASK!
If you see a violation – Report It.