2. What is HIPAA?
Health Insurance Portability and Accountability Act
• HIPAA is a federal law
• A set of privacy and security standards created
to protect patient information from
inappropriate use
• Applies to ALL employees of the organization
• ALL of our patients are protected by HIPAA.
3. What information is protected by HIPAA?
• Name
• Address
• Any dates related to the patient
• Telephone numbers, fax numbers, and e-mail
addresses
• Identifying numbers that are specific to the
patient
• Pictures of the patient
ALL PATIENT INFORMATION AND DEMOGRAPHIC
INFORMATION IS PROTECTED.
4. What is Protected Health Information (PHI)?
• Any patient medical, scheduling, and billing
information in any type of format such as:
– Appointment information
– Billing information
– Clinical information
– Financial information
– Prescriptions
– Test results
– Education information
5. CONFIDENTIALITY: Is the information that a
certain patient is in your facility confidential?
• ABSOLUTELY!! There are prominent
individuals who trust us to keep their
presence confidential
• If you recognize a patient, DO NOT share
• DO NOT talk about a patient even with your
co-workers unless it is necessary to do your
job
• It is also inappropriate to discuss a patient
outside of the workplace
6. How to use patient information
• For treatment: To manage care for the
patient
• For payment: To obtain reimbursement for
services rendered.
• For operations: Quality assurance, medical
review, legal, auditing functions, and general
administration
7. How much patient information can be
used
Based on a “need-to-know” as required to do
your job
• Clinical staff required to view only the patients
they are treating
• Non-clinical staff would be limited to just the
information needed to complete their job task
NOTE: Curiosity viewing of patient information
is ABSOLUTELY PROHIBITED!
8. What can you do to ensure you are protecting our
patients 'private health information?
• Do not leave your PC open unattended. Be sure to
lock your computer when you step away from your
area.
• Do not leave copies of medical information on your
desktop or laying around common work areas.
• Ensure accuracy in identifying patients when mailing
any correspondence
• Report any breach to your supervisor immediately
9. Basic Security Requirements
• The Security department is responsible for
setting up the security to limit access to
employees to only what they need to do their
job
• Federal law requires our organization to have
security policies in place to protect patient
information against unauthorized access
• YOU are responsible for keeping confidential
information out of sight so unauthorized
personnel do not see it
10. Enforcement for Inappropriate
Access to PHI
• Unauthorized access of PHI is PROHIBITED
• Will result in immediate disciplinary action up
to and including termination
• Could also result in criminal or professional
sanctions according to regulatory agencies of
the state and federal laws.
11. CONCLUSION
• Do NOT give patient information to anyone unless
there is a “need-to-know” reason for their job
duties
• When there is a need to discuss patient
information, go to a private place so others do
not overhear
• Keep patient information out of public areas
• Be sure to appropriately dispose of protected
health information