• Save
Upcoming SlideShare
Loading in...5







Total Views
Views on SlideShare
Embed Views



1 Embed 3,299

http://bso.onlinetesting.net 3299



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Hipaa Hipaa Presentation Transcript

    • HIPAA
    • Who does it Cover?o Healthcare providerso Health planso Healthcare clearinghouseso Business associates who have access to patient records
    • What does HIPAA do?o Imposes new restrictions on the use and disclosure of Protected Health Information (PHI)o Gives patients greater access to their medical recordso Gives patients greater protection of their medical records
    • What is Protected Health Information (PHI)?o Any information about a patient’s physical or mental health, services rendered or payment for those services.o Includes verbal, recorded, written, or electronic information
    • Use and Disclosureo You are permitted to use and disclose PHI without written authorization: • For treatment, payment, and health operations • With verbal authorization or agreement from the individual patient • For disclosure to the specific individual patient • For incidental uses such as physicians talking to patients in a semi-private room
    • Use and Disclosureo You are required to release PHI for use and disclosure without authorization: • When requested or authorized by the patient (some exceptions apply) • When required by the Department of Health and Human services (HHS) for compliance or investigation • When the facility is required by law
    • Authorizationo Written authorization is required: • For any purposes other than treatment, payment, or healthcare operations • For use and disclosure of psychotherapy notes • For research purposes • For marketing activities
    • Authorizationo Written authorization is not required: • To maintain WCMC’s patient directory • To inform family members or other identified persons involved in the patient’s care or notify them on patient location, condition, or death • To inform appropriate agencies during disaster relief efforts • Public health activities related to disease prevention or control
    • Authorization: Continued...• To report victims of abuse, neglect, or domestic violence• Health oversight activities such as audits, legal investigations, licensure or for certain law enforcement purposes or government functions• For coroners, medical examiners, funeral directors or tissue/organ donations• To avert a serious threat to health and safety
    • Clergyo Those who have been designated as “clergy” by their church will be able to view a list of patients in the hospital who have agreed to be included in the directory and who have indicated their religious affiliation to be that of the clergy member reviewing the listo For example: the Baptist clergy member can only look at the Baptist list of patients
    • Minimum Necessary Standardo The use and/or disclosure of PHI is limited to the minimum amount of health information necessary to get the job done right. • WCMC has policies and practices that ensure the least amount of PHI is shared • Employees must be identified who regularly access PHI along with the types of PHI needed and the conditions of access
    • Notice of Privacy Practiceso The patient has the right to have adequate notice concerning the use and disclosure of their PHIo This includes: • The patient’s rights and WCMC’s legal duties • Being available in print • Being displayed at the site of service
    • The Patient’s Privacy Rightso The Patient has the right to : • Request restricted uses and disclosures, although the covered entity is not required to agree • Have PHI communicated to them by alternate means and at alternate locations to protect confidentiality
    • The Patient’s Privacy Rightso The Patient has the right to : • Inspect and amend PHI, and obtain copies, (with some exceptions) • Receive the Notice of Privacy Practices at the time of the first delivery of service • Request a history of disclosures for six years prior to the request, except for disclosures made for treatment, payment, healthcare operations or with prior authorization
    • The Patient’s Privacy Rights : Continued...• Contact WCMC Privacy Officer regarding any privacy concern or breach of privacy within the facility or contact HHS with the information• Parents have the right to access and control the PHI of their minor children, except when state law overrides parental control
    • Non-Complianceo If you violate the HIPAA Privacy Rule you could face: • A civil penalty of up to $50,000 per offense, up to a maximum of $1.5 Million per year depending on the type of violation • A criminal penalty for knowingly disclosing PHI that may escalate to a maximum of $250,000 for conspicuously bad offenses and could include up to a 10 year prison term
    • What can you do?o Make sure you fully understand WCMC’s privacy practiceso Only use and disclose PHI when you need to do so to perform your jobo Only use and disclose the minimum amount of PHI needed to accomplish your jobo Make sure you handout the WCMC Notice of Privacy Practices to every patient
    • What can you do?o Ask patients before talking to family members about their conditiono Speak softly when discussing PHI in open areaso Avoid discussing patient issues in the cafeteria, on elevators, etc.o Do not leave PHI laying out in open view - such as lab work, progress notes, or any patient recordo Shred any extra copies of PHI not neededo Medical records should not be taken off campus
    • What can you do?o Don’t leave messages concerning a patient’s condition or test results on any answering machineo When releasing patient information over the phone, verify the identity of the callero Don’t share your password with anyoneo Log off your computer when you will be away from your work areao Report privacy violations to our Compliance Officer, Debbie Hare,380-1062