5. GuidelinesTo
Follow
Discard Confidential InformationAppropriately
Do Not Leave Patient Files Unattended
Do Not Discuss Confidential MattersWhere Others Might Over
Hear
Access Patient Information Only IFThere Is A “NeedTo Know”
6. HIPAA
Federal
Laws
Establish rules on disclosure and use of protected health
information
Balance patients rights regarding disclosure and use of their PHI
while providing effective treatment
Privacy Rule – Deals with General PHI
Security Rule – Deals with electronic PHI
7. The Role of
PrivacyAnd
HIPAA
Regulations Is
To:
Establish National StandardsTo Protect Health Information
Protect Patient Privacy
Ensure Patient Confidentiality
Encourage Development of an Electronic Health Record
Establish National Standards For ElectronicTransmissionOf
Health Information
Improve Efficiencies And Effectiveness OfThe Health Care System
Build Loyalty AndTrust
Ensure ExceptionalCustomer Service
8. Privacy
And PHI
Protected Health Information (PHI) IsThe CombinationOf Health
InformationAnd Personally Identifiable Information It:
RelatesToThe Past, Present, Or Future Physical Or Mental Health
Condition Of An Individual
DescribesThe Past, Present, Or Future Payment ForThe Provision
Of Health CareTo An Individual
Is Created Or Received By A Health Care Provider, Employer, Health
Plan Or Healthcare Clearinghouse
9. Who Must
ComplyWith
HIPAA Privacy
Standards ?
Health Plans
Health Care Providers Including, Doctors,
Hospitals, Clinics, Pharmacies,And
Nursing Homes
Health Care Clearinghouses
10. Security
Rule
Ensure Confidentiality,Availability and Integrity Of All PHIThat Is
Created, Received, MaintainedOrTransmitted.
Identify And Protect Against ReasonablyAnticipatedThreatsTo
Security Of Information
Protect Against reasonablyAnticipated, Impermissible, Disclosure
And Uses
Ensure Compliance ByWorkforce
11. BreachOf
Data
Data Breaches OccurWhenThere Is An UnauthorizedAccess,
DisclosureOr Use Of PHI
Data Breach Can Be Intentional or Unintentional
Data Breaches PoseA Significant Risk Of Financial, Reputational,
Or Other HarmTo A Patient
12. ExamplesOf
Privacy and
Security
Incidents
Faxing PHI to the wrong destination
Disclosing PHI to persons not authorized to have it
Viewing records that are not part of your job
Throwing documents that contain PHI into a regular
trash can instead of a shredding bin
Including private health information in an email or over
the internet
Telling friends or relatives about patients in the
hospital
Taking pictures of patients
13. Enforcement
And
Consequences
For
Inappropriate
Access of PHI
Can Result in Criminal Or Professional SanctionsAccordingTo
Federal LawsAnd State Regulatory Agencies
EmployeesWho FailTo FollowAnd UpholdThe Hospital Security
And Privacy PoliciesWill Be SubjectedTo DisciplinaryActions, Up
To and IncludingTermination
14. References
Fox News. (2008). Report Over 120 Hospital Staff Saw Celebrity
Health Records. Retrieved From:
http://www.foxnews.com/story/0,2933,398784,00.html
Kam, Rick. (2012). Five Steps to Protect Patient Privacy. Retrieved
From: https://www.healthcareitnews.com/news/5-steps-protect-
patient-privacy