HIPAA Overview and Infection Control Summer Orientation 2012 University of Miami School of Nursing and Health Studies Gloria Trujillo, RN, MSN
What is HIPAA? Health Insurance Portability and Accountability Act Established in 1996 by the Department of Health and Human Services Assure that individual’s health information is properly protected Protects people seeking care and healing
What is HIPAA? The right to confidentiality Privacy and confidentiality are basic rights in our society As health care providers and nursing students, safeguarding those rights are our ethical and legal obligation Personal records and information will be protected and kept confidential
Individually Identifiable Health Information Health Information, including demographics-Name, Date of birth, address, phone number, social security number Relates to an individuals physical or mental health or the provision of or payment for health care/insurance plans Diagnosis, medical history, results (ex. HIV status) diagnostic tests, etc.
Why was HIPAA created? Before HIPAA, there really wasn’t much standardization among health care providers regarding identification. This created a lot of problems, headaches and extra work The HIPAA regulations require health care providers who are covered by the act to develop policies and procedures to safeguard the privacy of individual health information. Agencies and individuals that have to comply with HIPAA regulations are termed a “covered entity.” A covered entity is a health plan, a health care provider, or a health care clearinghouse that transmits health information in electronic form to submit claims to Medicare, Medicaid, private insurers and/or third-party insurance for services.
HIPAA Violations Unauthorized release of information or photographs in medical records may make the person who discloses the information civilly liable for invasion of privacy, defamation or slander. Written authorization by the patient to release information is needed to allow such disclosures. HIPAA violations can exceed fines of $250,000 and possible jail time for severe violations.
HIPAA Violations It is extremely important that students do not give out unauthorized information, regardless of the urgency of the person making the request.
Examples of HIPAA Violations Talking about a patient in an elevator Gift shops Cafeterias Restaurants With your family members/friends Leaving the computer open posting pictures/updates on patient’s through social networking sites, such as facebook, twitter, MySpace YOU NEED TO BE AWARE OF YOUR SURROUNDINGS!!!
How does HIPAA affect nursing students? You will be in close, personal contact of patient’s, families and medical records You may be asked to answer phone calls You will be discussing your patients with your clinical group, as well as your clinical instructors HOW DO WE KEEP PRIVACY AND CONFIDENTIALITY WITH OUR PATIENTS?
Ways to provide privacy and confidentiality Take all reasonable steps to make sure that individuals without the ‘need to know’ do not overhear conversations DO NOT conduct discussion about patient’s in elevators, cafeteria’s, gift shop, parking lots, at home with family and friends, and/or any nursing students not pertaining to your clinical group. Do not let others see your computer screen while you are working. Be sure to log out when done with any computer file.
Ways to provide privacy and confidentiality• identify the patient/client by initials only• use other demographic data only to the extent necessary to identify the patient and his/her needs to the instructor.• protect the computer screen, PDA, clip board, or notes from other individuals who don’t have a ‘need to know’• protect your printer output from others who don’t have a ‘need to know’• protect your floppy/zip/CD-ROM/PDA from loss
Ways to provide privacy and confidentiality In the student role you are not to make copies or fax patient documents in the process of working with your patient DO NOT put notes with patient’s medical information in the trash or paper recycle cans. Get to know where to discard paper with patient information-ex. Shredder When discussing patient information with clinical instructor/group, do it in a closed, private area…ex. Classroom
In addition to federal laws, failure to comply with HIPAA also violates Nursing’s Code of Ethics Florida Board of Nurse Examiners Standards of Practice University of Miami’s School of Nursing and Health Studies academic policies
Consequences of violating HIPAA in the clinical settingLegal consequences Civil or criminal penalties Fines plus imprisonmentProfessional consequences Disciplinary action by the Board of NursingAcademic consequences Reprimands Loss of points toward grade or failure of course Dismissal from School of Nursing (refer to University of Miami School of Nursing and Health Studies handbook)
ANY QUESTIONS?Good Luck and Welcome to the University of Miami School of NURSING AND HEALTH STUDIES
ReferencesCenters for Disease Control and Prevention. (2008, April). Infection Control Practices. Retrieved from Centers for Disease Control and Prevention Website:http://www.cdc.gov/ncidod/dhqp/worker. html.Marquis, B. L. & Huston, C. J. (2009) Leadership Roles and Management Functions in Nursing (6th ed). Philadelphia: Lippincott.United States Department of Health and Human Services. (2005, May). Summary of the HIPAA privacy rule and compliance assistance. Retrieved from The United States Department of Health and Human Services. Website: http://www.hhs.gov/ocr/privacy.com