Upcoming SlideShare
Loading in...5







Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds


Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

Confidentiality Confidentiality Presentation Transcript

  • Confidentiality Diana Fernandez MHA 6 90 September 14, 2011 Instructor: Dr. Ray Borges                                                                                                
  • What is HIPAA?
    • The Health Insurance Portability and Accountability Act (HIPAA) of 1996 Public Law 104-191 is an act that specifies the privacy, security and electronic transaction standards with regard to patient information for all health care providers. It was assigned into law on August 21, 1996 and came about in response to rapidly expanding technology and the need for standardization in the health care industry (Choi, 2006).
  • Privacy Rule
    • establishes the conditions under which individuals or organizations may use and/or disclose personal health information;
    • sets an industry standard for disclosing only the minimum amount of information necessary to satisfy an authorized request for patient information; and
    • requires organizations to appoint a privacy officer to conduct privacy assessments, create policies to protect patient privacy, train staff, and establish an internal grievance process (NGA).
    View slide
  • Security Rule
    • The Security Rule applies only to protected health information in electronic
    • form (EPHI), and requires a covered entity to ensure the confidentiality, integrity, and
    • availability of all EPHI the covered entity creates, receives, maintains, or transmits.
    • Covered entities must protect against any reasonably anticipated threats or hazards
    • to the security or integrity of such information, and any reasonably anticipated uses
    • or disclosures of such information that are not permitted or required under the
    • Privacy Rule; and ensure compliance by its workforce (USHHS).
    View slide
  • HIPAA Safeguards
    • Safeguards are the solutions and tools used to implement security policies. Individually identifiable health information should be protected with reasonable technical, physical and administrative safeguards to ensure its confidentiality, integrity, and availability to prevent unauthorized or inappropriate access, use, or disclosure (USHHS).
  • Physical Safeguards
    • Physical safeguards to ensure compliance with HIPAA’s Security Rule may be the easiest way to begin the compliance process.
    • Examples of Physical Safeguards
      • Office alarm systems
      • Sign in stations at computer terminals
      • Employee electronic swipe cards
      • Locked offices containing computing equipment that stores electronic health information (Choi, 2006).
  • Administrative Safeguards
    • The administration plays an integral part in establishing compliance with HIPAA security standards (Choi, 2006).
    • Examples of Administrative Safeguards
      • Designate a privacy officer with primary responsibility for ensuring compliance with the regulations
      • Establish training programs for all employees
      • Implement appropriate policies and procedures intentional and accidental disclosures of protected information
      • Implement appropriate sanctions for violations of the privacy guidelines (DeMuro, 2001).
  • On-going Staff Training/Education
    • Conduct orientation of new staff and on-going education
    • of existing staff on organization’s:
    • Privacy policies & procedures
    • Security
    • Policies & Procedures
    • Technical security services
    • Compliance Reviews
    • Random Audits to ensure that security and privacy measures are being put into action
    • Establish confidentiality agreements with all staff members
  • References
    • Choi, Y., Capitan, K., Krause, J., & Streeper, M.. (2006). Challenges Associated with Privacy in Health Care Industry: Implementation of HIPAA and the Security Rules. Journal of Medical Systems, 30(1), 57-64.  Retrieved September 12, 2011, from ProQuest Computing. (Document ID: 2157468781).
    • National Governors Association. Center for Best Practices. (n.d.) Retrieved September 12,2011, from World Wide Web:
    • Paul R DeMuro & W Andrew H Grant III. (2001, January). HIPAA privacy standards raise complex implementation issues. Healthcare Financial Management, 55(1), 42-7.  Retrieved September 12, 2011 from ABI/INFORM Global. (Document ID: 66093850).
    • U.S. Department of Health and Human Services. Office of Health Information Privacy. (n.d.) Retrieved September 12, 2011 from the World Wide Web: