Mha 690 w1 discussion 2


Published on

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • As noted by Vogt (2005), The Health Insurance Portability and Accountability Act (HIPAA) privacy rule can be complex and somewhat confusing for some employees. Training employees is a requirement under the HIPAA privacy rule, but some employees do not retain all the components of the training. A useful approach is to develop specialized guidelines and tools. Training employees is a requirement under the HIPAA privacy rule, but some employees do not retain all the components of the training. It is especially difficult, if not impossible, for employees to remember complex rules regarding when written authorization is required, unless they frequently exercise those rules in the course of performing their job duties.
  • As noted by Vogt (2005), a useful approach to teach staff of these laws is to develop specialized guidelines and tools. These can be made widely available on the organization's Intranet site; a special HIPAA or privacy Web site is a great distribution and storage method for these types of tools. When staff are faced with a non-routine issue, these tools can be very valuable in helping them identify the compliant method for handling the situation.
  • There are a lot of ways in which patients information can be spread and potentially violated. There are many medical professionals that come in to contact with this information that need to be aware of how to handle patients information with compliance.
  • A flowchart can make the navigation of these rules much simpler than a long, complicated policy statement. A similar flowchart defining the authority for minors' records can also be valuable (Vogt, 2005). I think also a simple flowchart can be used as a decision guide to help guide staff understand these requirements would be helpful to understand the main points of the rules of HIPAA.
  • A guidelines document in the form of questions and answers for varying circumstances can be very useful in increasing staff confidence in exercising those allowances (Vogt, 2005) This could also be presented in a video where certain scenarios are acted out, this might be a good way for employees to have a better understanding of the guidelines of HIPAA and its intricate details. As noted by Vogt (2005), questions directed to the privacy officer can be a wonderful source of continuing education for other staff. If it is possible to develop intranet functionality to allow staff to post questions, and to allow the privacy officer to respond, the encounter may be posted for all staff to view in the future as needed. It is important to be able to categorize the questions, so that staff can easily peruse the advice that is already available before posting a new question. If the web-based functionality is a constraint, posting a weekly spreadsheet that can be searched may also be an effective option. Include a link to the Office for Civil Rights FAQ. website.
  • Through effective training of employees through various methods, including documents, videos of trainings, and opportunities for questions and answers, confidentiality can be obtained. Although HIPAA and state privacy laws can be complex but by making decisional and educational tools widely available to staff, an organization will improve compliance with these regulations and will increase the comfort level of staff when performing their assigned job duties. This approach is a win for patients, employees, and health care organizations (Vogt, 2005).
  • Mha 690 w1 discussion 2

    1. 1. Confidentiality And the importance of HIPAA
    2. 2. HIPAA Laws and Patient Privacy  The Office for Civil Rights enforces the HIPAA Privacy Rule, which protects the privacy of individually identifiable health information; the HIPAA Security Rule, which sets national standards for the security of electronic protected health information
    3. 3. Protection of patients  The Privacy Rule protects individually identifiable health information from uses and disclosures that unnecessarily compromise the privacy of an individual. The Rule is carefully designed to protect the privacy of health information, while allowing important health care communications to occur.
    4. 4. Patients Profile and personal information  Don’t talk to anyone about patients personal information even though you may have a relationship with that patient, their information is private and you have a responsibility to protect that information  Protect passwords, charts, and any paperwork or electronic record that might expose any personal information to any unknown personnel  Lock any unused computer for password safety and confidentiality when unused
    5. 5. Why are these laws in place?
    6. 6. Security Safeguard
    7. 7. Q & A
    8. 8. Q & A  Q: I work in a department that does not directly treat patients. Does HIPAA apply to me?
A: Yes, in that the University is a covered entity under HIPAA. The extent to which HIPAA applies to your daily activities will vary depending on the function of your department. If your students or residents treat patients through affiliated hospitals and clinics, you need to ensure that they are educated on how HIPAA affects them. If you have any health information under your control that identifies a patient, it must be maintained according to HIPAA, even if it is not original health information, such as when used for education or research. If you do not have any type of patient information anywhere in your department and are not exposed to it in any way (e.g., animal research, statistical analysis), then HIPAA will probably not affect operations in your department.  Q: We refer our patients to various agencies in the city. How do I know if another agency is covered by HIPAA?
A: If they are a healthcare provider that receives payment for services, and bills electronically for any portion of payment, they are a covered entity and will need to comply with all HIPAA regulations. If they don't meet the definition of a covered entity, they still need to know about HIPAA because they will probably be dealing with organizations like ours that are covered entities, which impacts how information passes between the two organizations.
    9. 9. References  U.S. Department of Health and Human Services. 2013. Health Information Privacy. Retrieved from   Vogt, N. (2005). Simplifying HIPAA for staff is one way to ensure good decisions are made about patient privacy. Journal of Health Care Compliance, 7(5), 75-76. Retrieved from 415?accountid=32521