Recommended
More Related Content
What's hot
What's hot (19)
Similar to 5 hipaa training
Similar to 5 hipaa training (20)
More from JasonPickerill1
More from JasonPickerill1 (20)
Recently uploaded
Recently uploaded (20)
5 hipaa training
- 1. What Every Healthcare Worker Needs to Know About HIPAA and Privacy
- 2. What is HIPAA? • Health Insurance Portability and Accountability Act (HIPAA) is broad federal legislation that includes rules to protect the privacy and confidentiality of patient information. • Does not replace existing confidentiality laws • Establishes a minimum requirement
- 3. Protected Health Information • HIPAA regulates the use and disclosure of what is known as protected health information or “PHI.” • PHI is any information that can be used to identify the past, present, or future healthcare of an individual or the payment for that care.
- 4. Protected Health Information This is virtually all information about a patient, whether written on paper, saved on a computer, or spoken aloud. This includes their: • Name • Address • Age • Social Security number • Other personal information • License plate numbers • Fax machine numbers
- 5. HIPAA Confidentiality HIPAA privacy also protects the following: • The reason the patient is sick or in the hospital • The treatments and medication he or she receives • Caregivers’notes • Information about past health conditions
- 6. Use of Protected Health Information • In general, a healthcare provider can access and use PHI without specific patient authorization, if it is to be used for treatment, payment, or healthcare operations (TPO). • Before looking at a patient’s health information, ask yourself, “Do I need to know this to do my job?”
- 7. Use of Protected Health Information A healthcare provider can also disclose PHI without patient authorization as follows: • As required by law • Public Health Activities • Law Enforcement • Other national priorities - funeral directors, organ donation, research, prevent a disaster, special government functions, workers compensation
- 8. Use of Protected Health Information • Minimum Necessary Standard – Always use or disclose only the Minimum amount of information necessary to honor the request • If you are not sure whether you should disclose any form of PHI, ASK your supervisor, department compliance representative or the compliance officer • Once the disclosure is made it’s too late to get it back.
- 9. What Every Healthcare Worker Needs to Know About HIPAA Security
- 10. Use of Electronic Protected Health Information(ePHI) 49 • HIPAA security rules apply only to ePHI stored, maintained or transmitted in an electronic format • ePHI is the same information as PHI; it is anything that could identify the patient, their medical condition or method of payment • Security rules require additional compliance
- 11. 50 • Workforce members cannot use their computers or access to review personal or family PHI. • If you use a laptop, flash drive, PDA or other storage media, it is your responsibility to: – Obtain approval before transferring ePHI to a portable device – It is your responsibility to protect ALL ePHI from theft both electronic and physical Use of Electronic Protected Health Information (ePHI)
- 12. Use of Electronic Protected Health Information (ePHI) 51 • Monitor the use of cellular phones – information and images (ePHI) can be sent over Internet. This ePHI is not encrypted • It is not allowed to send ePHI over the text message • Use E-mail and Internet access appropriately – workforce members should remember that e-mails sent to or from work computers are not considered private. Your employer may audit e-mail and Internet usage
- 13. Use of Electronic Protected Health Information (ePHI) • HIPAA and PHI says that you should not disclose anything more specific than the State in which they live • You may send PHI, ePHI in emails if you are using your work assigned email, but DO NOT place sensitive information such as patient name in the Subject field because the subject field is not encrypted when it travels over the internet. 52
- 14. What Does HIPAA Mean To Me? 53 • Our patients have a right to expect we will keep their information confidential. This information includes anything that could identify Or be used to find out the identity of the patient or their medical condition. • As employees, volunteers, and physicians, we come in contact with many forms of patient information. We need to understand what are acceptable uses of this information. • Follow the “need to know” rule. Ask yourself “do I need to see patient information to perform my job”. If the answer is “Yes”, you have nothing to worry about. If the answer is “no”, STOP.
- 15. What Does This All Mean To Me? • The cafeteria, the elevator or any of the social media sites are notthe place to discuss the medical condition or other aspects of a patient’s care. • Information you have access to must not be the subject of conversation with family, friends or neighbors. • The minimum necessary standard needs to be applied to all disclosures except for treatment purposes, disclosures to the patient or as required by law.
- 16. What Does This All Mean To Me? • Never send ePHI to anyone unless you have verified who will receive the information and how the information will be used. If it doesn’t seem right to you, it probably isn’t. • Remember follow the “need to know” rule. Ask yourself “do I need to see patient information to perform my job”. If the answer is “Yes”, you have nothing to worry about. If the answer is “no”, STOP. • Use e-mail and Internet services in the proper manner.
- 17. What Does This All Mean To Me? • Always protect your password. NEVER give your password or sign-on to anyone.If you think your password or sign-on has been compromised, notify the Administrator immediately. • Violations can also result in personal civil penalties of up to $25,000 per person and criminal penalties of up to $250,000 and/or 10 years in prison. • Violations of confidentiality and privacy policies can result in disciplinary action up to and including discharge.
- 18. What Does This All Mean To Me? • If you know of any violation of our existing confidentiality policies or the Privacy Policy, it is your obligation to bring the violation to the attention of your supervisor, Administrator, or Compliance Officer. Compliance is the responsibility of every employee!