Patient confidentiality is very important in healthcare. Healthcare members of all capacity, are exposed to a multitude of information, and access to obtain information on many individuals. This presentation stresses those important factors as well as communicates the various ways we can protect PHI.
3. HIPPA and Its Importance
• HIPAA stands for Health Insurance Portability
and Accountability Act of 1996 and is
composed of three components:
• Insurance Portability
• Fraud Enforcement
• Administrative Simplification
4. HIPPA and Its Importance Cont.
• The Health Insurance Portability and Accountability Act
(HIPAA) of 1996 established guidelines and regulations for the
use and disclosure of information about patients’ records
(www.hippa.gov).
• HIPAA also requires that electronic health transactions be
standardized to improve the efficiency and effectiveness in
the United State’s health care system via strengthening the
use of electronic data (Kongstvedt, P. R.,2007).
• Department of Health and Human Services (HHS) Office for
Civil Rights (OCR) is responsible for enforcing the Privacy and
Security Rules enforcement of HIPAA (www.hippa.gov).
5. HIPPA and Its Importance Continued
• This session will focus on the Security Rule
section of HIPAA and the responsibilities of
units or entities to protect and safeguard the
confidentiality of PHI that is either created,
maintained, and transmitted in electronic
form.
6. HIPPA Presentation Goals
• Increase your knowledge and understanding of what is protected health
information (PHI) and how to maintain its security
• Enhance your awareness of your role in assisting in following the HIPAA
Security Rule
• Learn about privacy and the security of information created, maintained,
and transmitted in electronic format, and Inform the workforce about
their reporting responsibilities for HIPAA violations and the possible
penalties for violation of HIPAA law for both you and the this hospital
• Protect the confidentiality and security of PHI
7. Requirement of HIPPA in Healthcare
• The increasing use of the internet, involving
the storing and transferring of electronic
information, advances in genetic science, and
the concern about WHO would have access to
WHAT information, and HOW it would be used
created great concern and speculation
8. Requirement of HIPPA in Healthcare Cont.
• Protected Health Information (PHI) is individually identifiable health
information that is held or disclosed by a covered entity that can be
communicated electronically, verbally, or written
• Electronic Protected Health Information (EPHI) is protected health
information (PHI) that is transmitted by electronic media or maintained by
electronic media
• Sensitive Data is protected health information that can be used to
determine the identity of an individual and/or their diagnosis
9. Golden Security Rules
• Follow the fundamentals of secure password management
• Remember Security impacts privacy
• Adhere to Policies and Procedures regarding safeguarding buildings,
systems, and information
• Report any suspected violations of policies and procedures to your
Security Officer
• Incorporate daily work habits that protect the security and privacy of the
information you have access to
We all can support and implement to safeguard the
security and confidentiality of EPHI at our organization.
10. Key Practices in Handling PHI
• It is YOUR responsibility to safeguard PHI
• Assist with anticipating reasonable threats or
hazards and protect against use or disclosure
of EPHI that is not permitted or required
under the Privacy Rule
• We must ensure and monitor compliance with
the Security Rule by our faculty and staff.
11. Actions Taken to Safeguard PHI
• When PHI is in public’s view, cover the file, turn it over. (i.e. screen cover for the
computer screen, colored paper over files)
• When speaking of patients, try to prevent others from overhearing the
conversation
• Hold conversations about patients in private areas, and do not discuss patients
while you are in elevators or other public areas
• When medical records are not in use, store them in offices, shelves or filing
cabinets.
• Remove patient documents from faxes and copiers as soon as you can.
• When disposing documents containing PHI, follow the procedures for disposal of
such documents
• Use only the MINIMUM Information necessary
• Check the motive/reasoning behind usage of the information
12. Consequences Of Breaching Patient
Confidentiality
• This company has ZERO tolerance for the
breach of PHI not used by the authorized staff
and authorized reasons.
• It is an AUTOMATIC TERMINATION once
investigation confirms breach of usage of
patients’ PHI.
• So, please follow the guidelines in place as we
care for our patients.
13. References
• Kongstvedt, P. R. (2007) Essentials of managed
health care. Sudbury, MA: Jones and Bartlett
• www.hippa.gov