HIPPA
Annual Refresher Training
“Health Insurance Portability and
        Accountability Act”


• Passed in 1996
• Resulted in the “Privacy Rule”
• Outlin...
Covered Entities
•   Health Care Providers
•   Health Plans
•   Health Care Clearing Houses
•   Business Associates
Protected Health Information
•   AKA “PHI”
•   Reasonably used to identify
•   Oral, electronic, written
•   Relates to pa...
Disclosures

• Written authorization required
• Certain disclosures permitted without
  consent
Permitted Disclosures

• Treatment
  – Providers involved in patient care
  – Who has a “right to know”?
  – Who does NOT ...
• Payment
  – Disclosures may be made to agency billing
    departments, insurers, Medicare/Medicaid, and
    financially ...
Incidental Disclosures
• Results from an otherwise permitted disclosure
• Restrict disclosures to “minimum amount
  necess...
Other Permitted Disclosures
• Required by law               • Decedents
• Public health activities      • Cadaveric Organ,...
A note on the “minimum”…
• “minimum necessary” does not apply
  – Disclosure is related to treatment
  – Full disclosure h...
Notice of Privacy Practices
• AKA “NPP”

How are you affected?
- Should be posted in a prominent place
- Obligated to furn...
Privacy Officer
• Every agency must appoint a Privacy
  Officer
• PO handles all requests for information
  containing PHI...
In Texas
• Texas Health and Safety Code, Chapter
  181: Medical Records Privacy
• Investigated by Attorney General
• Fines...
Federal
• HHS civil fine
  – $100 per violation up to $25,000/year
• Department of Justice
  – Up to $250,000 and ten year...
Hipaa Refresher Training
Upcoming SlideShare
Loading in …5
×

Hipaa Refresher Training

5,169 views

Published on

Published in: Health & Medicine, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
5,169
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Hipaa Refresher Training

  1. 1. HIPPA Annual Refresher Training
  2. 2. “Health Insurance Portability and Accountability Act” • Passed in 1996 • Resulted in the “Privacy Rule” • Outlines specific requirements for protecting and safeguarding personally identifiable information
  3. 3. Covered Entities • Health Care Providers • Health Plans • Health Care Clearing Houses • Business Associates
  4. 4. Protected Health Information • AKA “PHI” • Reasonably used to identify • Oral, electronic, written • Relates to past, present or future medical or mental health treatment or payment
  5. 5. Disclosures • Written authorization required • Certain disclosures permitted without consent
  6. 6. Permitted Disclosures • Treatment – Providers involved in patient care – Who has a “right to know”? – Who does NOT have a “right to know”?
  7. 7. • Payment – Disclosures may be made to agency billing departments, insurers, Medicare/Medicaid, and financially responsible individuals for billing and payment purposes • Operations – QA/QI – Materials used for training should have PHI removed – Internal investigations
  8. 8. Incidental Disclosures • Results from an otherwise permitted disclosure • Restrict disclosures to “minimum amount necessary” • Use most secure medium • Do not leave PCR unattended in the open – Locked cabinet, locked station – Includes notes (and your glove), dispatch information, etc. • Password protect workstations, networks
  9. 9. Other Permitted Disclosures • Required by law • Decedents • Public health activities • Cadaveric Organ, Eye, or • Victims of abuse, neglect, Tissue Donation or family violence • Research • Health oversight activities • Serious threat to health or • Judicial and safety administrative • Essential government proceedings functions • Law enforcement • Workers’ Compensation purposes
  10. 10. A note on the “minimum”… • “minimum necessary” does not apply – Disclosure is related to treatment – Full disclosure has been authorized by the individual – Investigation of Privacy Rule Complaint
  11. 11. Notice of Privacy Practices • AKA “NPP” How are you affected? - Should be posted in a prominent place - Obligated to furnish a copy to patient - Patient must sign acknowledgment (non- emergency) - Includes refusals, also
  12. 12. Privacy Officer • Every agency must appoint a Privacy Officer • PO handles all requests for information containing PHI and ensures compliance When in doubt, refer the requestor to the Privacy Officer
  13. 13. In Texas • Texas Health and Safety Code, Chapter 181: Medical Records Privacy • Investigated by Attorney General • Fines up to $250,000 • Possible revocation of provider licesnse
  14. 14. Federal • HHS civil fine – $100 per violation up to $25,000/year • Department of Justice – Up to $250,000 and ten years federal prison – Investigated by the FBI

×