HIPPA and Patient Privacy Education • This e-learning module has been designed to inform staff about patient privacy and the rules surrounding HIPPA. • This module will describe what is considered protected health information and the organizational compliance expectations. • Trust between our patients and the organization is paramount for quality outcomes and effective patient care. When the organization and its staff fail to protect a patient’s privacy, there can be significant organizational and employee consequences. • At the conclusion of this e-learning module, the employee’s knowledge will be tested via multiple choice questions. A 100% score is required for successful completion. HIPPA compliance and patient privacy must be exercised 100% of the time, by 100% of our employees.
HIPPAThe Health Insurance Portability and AccountabilityAct of 1996 • Key Points for HIPPA and Patient Privacy – Provide strong Federal protections for privacy rights – Preserve quality health care ♦Provide strong Federal protections for privacy rights ♦Preserve quality health care
Protected Health Information (PHI) What is considered private… - Individually identifiable health informationWhat is covered - Transmitted or maintained in any form or medium by an entity or its business associate - Health information, including demographic information Individually - Relates to an individual’s physical or mental health or the indentifiable provision of or payment for health care health - Identifies the individual information - Entities may use/disclose PHI to carry out essential health care Treatment, functions which include: payment, •Treatment healthcare •Payment operations •Healthcare operations
Viewing a Patient’s PHIAcceptable Use The Privacy Rule sets rules and limits on who can look at and receive PHI; and to make sure that Nurse health information is protected in a way that does Reviewing not interfere with healthcare and how information His/Her Patient can be used and shared appropriately. Orders Acceptable Use: - Those providing treatment and care coordination Billing Clerk - To pay doctors and hospital for health care Physician Reviewing - With family, relatives, friend, or others Providing Chart Prior identified, by the patient, who are involved Care to Submitting with the healthcare or healthcare bills a Claim - To make sure doctors give good care and nursing homes are clean and safe - To protect the publics health, such as by reporting when epidemics are present within a community -To make required reports to the police, such as reporting gunshot wounds
Family and Friends at the BedsidePresences does not equal consent• Healthcare providersshould verify with thepatient who can receivePHI.• Family, friends, andvisitors can be at thebedside at any time. Theirpresences does not equateto the patient’s consent toshare information regardingcare and treatment.• A patient might object tohis/her pastor knowingabout their past sexualhistory.
•Conversations Be aware of your surroundings -Do not discuss patient information in public cooridoors, elevators, or in the cafeteria. You never know who might over hear your conversation. What happens in the facility, stays in the facility -Do not discuss who you see in the facility receiving care with family or friends.
HIPPA ViolationsWhen in doubt, stay out! If you have no reason to If you discover access PHI, you have DON’T access to PHI and you should Disclose only the not, report it to minimal amount your supervisor of information IMMEDIATELY necessary for care and treatment
HIPPA VIOLATIONSConsequences for non-compliance Employee disciplinary action may include a written warning, suspension, or termination of employment. All breaches of patient privacy are subject to review and further action by the U.S. Office of Civil Rights. The U.S. Office of Civil Rights is the agency responsible for investigating complaints and HIPPA violations. Criminal penalties for wrongful disclosures include: - Up to $50,000 & 1 year imprisonment - Up to $100,000 & 5 years if done under false pretenses - Up to $250,000 & 10 years if intent to sell, transfer, or use for commercial advantage, personal gain or malicious harm
Reporting Violations andBreaches• If you discover a breach in PHI or patient confidentiality, immediately report it to your supervisor.• You may also report any breach to the facility’s HIPPA Compliance Officer, or anonymously to the organization’s 24- hour ethics line.
Let’s Maintain Patient Confidentialityand Hit the HIPPA Compliance Bulls-eye, it’s everyone’s job
THANK YOU!Reference: U.S. Department of Health and Human Services. www.hhs.gov/ocr/hipaa/