Hipaa basics pp2


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Hipaa basics pp2

  1. 1. The basics of HIPAA<br />
  2. 2. HIPAA: What is it? <br />HIPAA does the following:<br />Creates standards for protecting the privacy of health information <br />Creates standards for the security of health information <br />Creates standards for electronic exchange of health information <br />
  3. 3. What is Covered by hipaa?<br />Protected Health InformationThe HIPAA privacy rule covers and sets standards for the collecting, sharing and storing of a person’s Protected Health Information, or PHI, for short. PHI is information that:<br />Relates to past, present or future physical or mental health or condition, payments and provisions about healthcare.<br />Identifies the individual in a personal way. <br />Provides a reasonable basis to be used to identify the individual.<br />Is created or received by a Covered Entity.<br />
  4. 4. What is private health information?<br />Protected health information (PHI) is:<br />Individually identifiable health information <br />Transmitted or maintained in any form or medium by a Covered Entity or its Business Associate <br />Health information, including demographic information <br />Relates to an individual’s physical or mental health or the provision of or payment for health care <br />Identifies the individual <br />
  5. 5. Types Of PHI<br />Billing Information<br />Medical Insurance Forms<br />Prescriptions<br />Patient Charts/Records (Paper or Electronic)<br />
  6. 6. What does hipaa apply to?<br />Forms<br />Spoken Communication<br />E-mails<br />Faxes<br />
  7. 7. Protecting phi with hipaa means:<br />Removal of certain identifiers so that the individual who is subject of the PHI may no longer be identified <br />Application of statistical method or <br />Stripping of listed identifiers such as: <br />Names <br />Geographic subdivisions < state <br />All elements of dates <br />SSNs <br />Not discussing PHI with anyone, other than those directly responsible for providing health care (provider, clinician, technician, etc.)<br />
  8. 8. Patient’s Rights<br />Patients have the right to obtain and amend their PHI to: Request restrictions on uses and disclosures, Request more confidential communications, Receive an accounting of disclosures, Complain about privacy violations <br />Use and disclosure of PHI:<br /> Patients have the right to know how their PHI Patients are entitled to know how their PHI will be used and who will receive their PHI. <br />Patients have a right to see privacy disclosures regarding their PHI<br />
  9. 9. Special Rules of Hipaa<br />Special rules for certain types of entities:<br />Some Covered Entities have additional privacy regulations covering areas like directories, marketing and fund raising. <br />Administrative requirements of Covered Entities may keep details record-keeping and procedural compliance issues.<br />
  10. 10. Enforcement of hipaa<br />There are potential penalties and fines for noncompliance.<br />Penalties start at $100, and can be as strict as $25,000 per year<br />If an employee or patient makes a complaint, it will be investigated, and if necessary, subsequent corrective action will follow.<br />Covered Entities or programs will have a process to receive and investigate complaints. <br />
  11. 11. Anti-Retaliation policy<br />Retaliation against anyone who may file a complaintis strictly prohibited<br />Individuals may file a complaint with either the Covered Entity or the U.S. Department of Health and Human Services.<br />
  12. 12. Reasonable Physical and Technological Safeguards<br />Telephones – How do you know the person you are talking to is authorized to receive an employee’s PHI?<br />Disposing of PHI – When you dispose of PHI (both hard copy and electronic) how can you be certain that it is appropriately destroyed?<br />E-mail – How can you be sure PHI is secure when it’s sent via e-mail?<br />Fax machines – When faxing PHI, how can you be sure the right person will read it on the other end?<br />Mail – Sending PHI through the mail may have restrictions.<br />Storing PHI – Safeguarding PHI on computer databases, file cabinets, even laptop computers will have to follow procedure.<br />
  13. 13. What does this mean to you?<br />Do not let anyone use your username and password<br />Log off of your computer, when you walk away from it, <br />Do not use anyone else’s username and password<br />Do not discuss private health information of any patient outside of the care setting<br />Do not discuss private health information of any patient with someone other than a direct care giver<br />Do not look up any health records, unless it is a patient under your care and the information is for the purpose of providing patient care<br />Do not look up your own private health information<br />