HIPAA training module.

1. Rose Marie Kuntz
MHA 690 Health Care Capstone
Ashford University
Dr. Kathy Wood
September 18, 2014

2.  Annual HIPAA Training Module will be
completed by each organizational associate no
later than November 30th, to avoid suspension.
 Please obtain your unique username and
password from Betty Taylor, RN, Nursing
Educator.

3.  The U.S. Department of Health and Human
Services (“HHS”) issued the Privacy Rule to
implement the requirement of the Health
Insurance Portability and Accountability Act of
1996 (“HIPAA”).
-The HIPAA privacy rule provides federal
protections of identifiable health information
that is shared with and held by covered entities
and their business associates.

4. -It give patients an array of rights in regards to their
health records, obligating entities to provide privacy
protection at whatever cost otherwise they can face
strict fines administered by the federal government.
-Covered entities includes physicians, pharmacies,
hospitals, clinics, dentists, nursing facilities, and any other
entities which transmits patient information electronically
or otherwise.

5.  A major goal of the Privacy Rule is to assure
that individuals’ health information is properly
protected while allowing the flow of health
information needed to provide and promote
high quality health care as well as to protect the
public's health and well being. (HHS, 2013)
 For many organizations this can become a
daunting task but it is one that is mandated by
the federal government and must be monitored
by each organization. (Rodriguez, 2013)

6.  HIPAA rules apply to every single associate in
this organization. With the use of
implemented standards the hope of this
organization is that HIPAA become second
nature to all associates.
 Compliance will be monitored by directors of
each department. Each associate must receive
initial training after being hired and annually
thereafter.

7.  Do not share your username or password with
anyone, which allows access to patient protected
information.
 Only access patient records or information that is
required for you to complete your particular job
duties.
 Always log off the computer before leaving your
workstations and do not leave patient information
in plain sight for anyone to see.
 Forms or printed documents containing patient
information should be discarded into a locked
shredder box when no longer needed.

8.  Do not divulge patient information of any kind
over the telephone at any time. This includes
physician offices, pharmacies, nursing facilities, or
even to the patient themselves, if they are calling
your facility. (Rodriguez, 2013)
 Faxing of patient information must be done only
through trusted and secured networks as
established by the department of information
technology.
 Associates of all levels must refrain from speaking
about patients in public areas such as hallways,
elevators, parking lots, restrooms, or cafeterias.
Remember: someone is always listening in.

9.  Positive identification
of recipients must
also be established
prior to transmission,
to avoid transmission
of the wrong patient
to the wrong
facility/entity.

10.  Protected patient information includes: personal
patient demographics, diagnosis, medications, or any
other information which can disclose the identity of
the patient.

11.  Whether or not disclosures are made accidentally,
patients must be informed of any possible breach
in security that may have compromised the
privacy of their personal or health information.
(HHS, 2013)
 Levels of federal penalties for unauthorized
disclosures, intentional or accidental are based on
the levels of security breach. (Rodriguez, 2013)
 Each entity shall implement training programs to
help associates remain compliant with HIPAA
rules, such as annual training and periodic
evaluations. Failure to comply with federally
mandated training internally can result in
termination.

12.  HHS (2013). Understanding health information
privacy, U.S. Department of Health and
Human Services,
http://www.hhs.gov/ocr/privacy/hipaa/und
erstanding/index.html
 Rodriguez, L. (2013). Patient privacy: a guide
for providers, Medscape,
http://www.medscape.org/viewarticle/78189
2?src=ocr