2. HIPAA
The Health Insurance Portability
and Accountability Act of 1996
(HIPAA) was created to protect the
freedom, security, privacy, and
confidentiality of an individuals
health care information.
(U.S. Department of Health & Human Services, 2011).
3. protects individual’s private
health information
establishes security standards for
health care information systems
(U.S. Department of Health & Human Services, 2011).
4. The Privacy Rule within
HIPAA defines the federal
protection for personal
health information held by
covered entities and outlines
specific situations where it is
permitted for disclosure of
personal health information
needed for patient care and
other important purposes.
The Security Rule specifies a
series of administrative,
physical, and technical
safeguards for covered
entities to use to assure the
confidentiality, integrity, and
availability of electronic
protected health
information.
(U.S. Department of Health & Human Services, 2011).
5. Health Plans: including health insurance companies,
HMOs, company health plans and government
programs that pay for health care, such as Medicare,
Medicaid, and the military and veterans health care
programs
Health Providers: including doctors, clinics,
psychologists, dentists, chiropractors, nursing homes,
pharmacies
Healthcare Clearing Houses: including entities that
process nonstandard health information they receive
from another entity into a standard (i.e., standard
electronic format or data content), or vice versa.
(U.S. Department of Health & Human Services, 2011).
6. HIPAA Sanctions
· Civil
- $100 each violation, up to $25,000/person/year
· Criminal
- “knowing”- up to $50,000, 1 year in prison
- “under false pretenses”- $100,00, 5 years in prison
- with “malice” or intent for “personal or commercial gain” - $250,000,
10 years in prison
Other Sanctions
· Institutional reputation – loss of business, profits
· Employee suspension or termination
· Loss of license to practice
· Civil fines
· Criminal fines and imprisonment
(Mercy Hospital, 2011).
7. I certify that I have completed the HIPAA privacy training provided by
UCLA Medical Center. Further acknowledge by signature below, that I
will comply with the specific policies and procedures of HIPAA and
Privacy of Protected Information for each client of UCLA Medical Center
in which I am assigned. I understand and will follow all of the
organization’s privacy policies and procedures. I am aware that violations
of the privacy policies and procedures may result in disciplinary action
up to including Termination of my employment/assignment/affiliation
with UCLA Medical Center and /or suspension in accordance with
UCLA Medical Center policies, as well as potential personal civil and
criminal legal penalties.
___________________________________ ___________________
Signature Date
__________________________________
Print Your Name
(Medplusstaffing , 2011)
8. Medplusstaffing. (2011). HIPAA signature sheets. Retrieved February
24, 2011, from
http://www.medplusstaffing.cc/documents/MP%20HIPAA%20Signatu
re%20Sheets.pdf
Mercy Hospital. (2011). HIPAA confidentiality and privacy training.
Retrieved February 24, 2011, from
http://www6.miami.edu/sonhs/students/studentinfopdf/HIPPA_Conf
identiality_and_Privacy_Training.pdf
U.S. Department of Health & Human Services. (2011). Health information
privacy. Retrieved February 24, 2011, from
http://www.hhs.gov/ocr/privacy/hipaa/understanding/index.html