How good we are in adhering HIPAA rules


Published on

Medical practices will have to adhere to HIPAA rules to avoid penalties. Know what the most important rules.

1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

How good we are in adhering HIPAA rules

  1. 1. HIPAARulesAnd Guidelines Presented By,
  2. 2. HIPAA Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH) (collectively “HIPAA”)
  3. 3. Some of the salient aspects of the final rules • Business associates (BAs)(along with their subcontractors) such as clearing houses, insurance, outsourced coding and billing agencies are also liable. • Non-compliance invites increased monetary penalties. • Privacy and security of PHI (personal or protected health information) whether in electronic or paper form, has been boosted up, along with disclosure limitations.
  4. 4. Golden Initiatives to Comply with HIPAA and avoid penalties • To ensure adherence with HIPAA rules, healthcare providers need to undertake following responsibilities
  5. 5. Restrict Access to Patient Data • Document and implement policies and procedures to safeguard PHI, restrict access to patient data, stipulate authorizations for disclosure of patient data, ensure secure storage and transmission of data, promptly report breaches of patient information, and ensure timely action to correct security violations and act on complaints regarding information leakage.
  6. 6. Privacy • Report violations of PHI misuse to OCR through Federal Department of Health and Human Services (HHS).
  7. 7. Annual Security Training of the Clinic • Continual on-going training of staff on HIPAA, so that they comply with the procedures. Incorporate this training as part of annual security training of the clinic/hospital.
  8. 8. Provide Information to Patients • Provide information to patients through hospital websites or directly on patients’ right to health information, and how they can be used and disclosed.
  9. 9. Ensure Privacy Policies are Followed • Designate a responsible, senior physician as security officer to ensure that privacy policy procedures are adopted and followed.
  10. 10. Integrity of Information • Accuracy-the medical record must be accurate. • Availability-the record must be essentially available without downtime. • Confidentiality-referred/seen only on need-to-know basis.
  11. 11. Monitor liability and compliance • Monitor liability and compliance of BAs (bill processing company, insurance companies, cloud service provider, etc) who access patient information and medical record (diagnosis code, charge, etc).
  12. 12. HIPAATool Kit • Usage of online tool kit that helps compliance to the HIPAA Security Rule.
  13. 13. HIPAAOmnibus Rule • Verify and monitor whether healthcare vendors and their sub vendors (sub-contractors) implement and comply with business associate agreements (BAA), as required by HIPAA Omnibus Rule.
  14. 14. Mobile Devices by Physicians • overlooking use of mobile devices by physicians. This needs periodical technical review/risk audit of mobile devices used by physicians for transmitting patient- related information. The security officer will stipulate how and when the mobile devices device will be used and by whom.
  15. 15. For more details visit our site or call 877-272-1572