Wk1 discussion 2


Published on

Published in: Health & Medicine, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Wk1 discussion 2

  1. 1. Jodi M. WatkowskiMHA690- Health Care CapstoneDr. Hwang-Ji LuFebruary 2, 2012
  2. 2.  Ways to protect the privacy and security of confidential and protected health information To recognize situations in which confidential and protected health information can be mishandled That employees are held responsible for their actions HIPPA identifiers which create protected health information (PHI)
  3. 3.  It is the responsibility of every employee to protect the privacy and security of sensitive information in all forms. Sensitive information comes in several forms:  Electronic  Spoken  Printed
  4. 4.  Examples of sensitive information include the following:  Personnel information  Computer Passwords  Driver’s License Numbers  Credit Card Numbers  Social Security Numbers Without protection of the above, the risk of identity theft and invasion of privacy is greater.
  5. 5.  Access to medical records must be authorized. If an employee accesses or discloses PHI without a patient’s written authorization or without a job-related reason of doing so, the employee violates HIPPA. An employee may only access or disclose a patient’s PHI when this access is part of the employee’s job duties.
  6. 6.  An employee can never look at PHI for curiosity reasons. It also makes no difference if the person is a family member or close friend; all information is entitled to the same protection.
  7. 7.  Employees must report HIPPA breaches as part of their responsibility as an employee. Privacy or security breaches involving PHI should be reported to your supervisor. There are serious ramifications for all breaches. The cost is $50,000 per incident, $50,000 to $250,000 in fines and up to 10 years in prison.
  8. 8.  Individual rights for each patient includes:  Receiving a copy of the practice’s Notice of Privacy Practices  Request restrictions and confidential communications of their PHI  Inspect their healthcare records  To file a complaint
  9. 9.  Patients must sign an authorization form before their PHI may be released by the practice to outside parties such as a life insurer, a bank or a marketing firm. HIPPA permits use of PHI for  Providing medical treatment  Processing healthcare payments  Conducting healthcare business operations
  10. 10.  CCHS is required to have safeguards to protect the privacy of PHI.  Safeguards protect PHI from accidental or intentional unauthorized use.  Limit accidental disclosures (discussions in hallways)  Include document shredding, locking doors, locking file storage areas and use passwords and codes for access.
  11. 11.  CCHS safeguards sensitive information by ensuring the following:  Keeps browser updated and uses security settings  Uses security software  Takes extra precaution when downloading software
  12. 12.  Many security breaches come from within the organization and many of these occur because of poor password habits.  Use strong passwords (at least 8 characters with combination of letters and numbers)  Change password frequently
  13. 13.  Be aware of your surroundings and use caution. Do not discuss sensitive information or PHI in public areas.
  14. 14.  Keep passwords secret and don’t allow others access to your computer. Keep notes in a secure place and don’t leave them in open areas. Hold discussions of PHI in private areas and for job- related reasons only. Ensure that sensitive information is secure in mailings. Follow procedures for proper disposal of PHI such as shredding. When sending emails, do not include PHI unless written approval is received and the computer is encrypted.
  15. 15.  Hjort, B. (2002). HIPAA Privacy and Security Training. Journal Of AHIMA, 73(4), 60A-g. Kongstvedt, P.(2007). Essentials of Managed Care. (5th Edition). Sudbury, Mass: Jones and Bartlett Publishers.