Mha 690 week one discussion ii


Published on

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Mha 690 week one discussion ii

  1. 1. HIPAA PRIVACY RULE COMPLIANCE Betty Medina’s Presentation
  2. 2. HIPAA PRIVATE COMPLIANCE <ul><li>The Health Insurance Portability and Accountability Act (HIPPA) was enacted by Congress in 1996 and is modified in the Federal Stimulus Bill. It ensures that personal health information you share with doctors, hospitals and others who provide and pay for healthcare is protected. Failure to do that staff could face immediate dismissal and could face Federal criminal charges </li></ul>
  3. 3. PRIVACY RULE <ul><li>The Privacy Rule does the following: </li></ul><ul><li>Allows restrictions on the use and disclosure of protected health information (PHI). </li></ul><ul><li>Gives patients greater access to their medical record, now in an electronic format. </li></ul><ul><li>Gives patients greater protection of their medical information. </li></ul>
  4. 4. Who is covered by the HIPPA Privacy Rule? <ul><li>You’re covered by the HIPPA Privacy Rule- and termed a covered entity – If you are a: </li></ul><ul><li>Healthcare providers </li></ul><ul><li>Health plans (i.e. Blue Cross, etc.) </li></ul><ul><li>Healthcare clearinghouses (i.e. EDS, etc.) </li></ul><ul><li>Business Associates with access to health information </li></ul>
  5. 5. What is PHI? <ul><li>When a patient gives personal health information to a covered entity, that information becomes PHI. </li></ul><ul><li>PHI includes any information: oral, recorded, on paper, or sent electronically about a person’s physical or mental health, services rendered or payment for those services, and includes personal information connecting the patient to the records. </li></ul><ul><li>The individual’s name or address. </li></ul><ul><li>Social Security or other personal identification numbers </li></ul><ul><li>Physician’s progress notes </li></ul><ul><li>Billing information </li></ul>
  6. 6. When is authorization required? <ul><li>To release confidential notes (i.e. mental health) </li></ul><ul><li>For research purposes, unless a documented waiver is obtained and approved from an Institutional Review Board (IRB). </li></ul><ul><li>For use and disclosure to third parties for marketing activities such as promoting services or selling lists of patients. </li></ul>
  7. 7. What is the Notice of Privacy Practices? <ul><li>Contains entity legal duties </li></ul><ul><li>Needs to be available to patients in print. </li></ul><ul><li>Needs to be displayed at the site of service, and posted on a web site whenever appropriate. </li></ul><ul><li>Once a patient has received notices of his/her rights, covered entities must make an effort to get written acknowledgement of receipt of notice from the patient or document reasons why it was not obtained. Copies must be kept of all notices and acknowledgements. </li></ul>
  8. 8. What would entities had to do to comply with HIPPA? <ul><li>Allow patients to receive a copy of the PHI. </li></ul><ul><li>Designate a private officer responsible for implementing the program and receiving the privacy complaints. </li></ul><ul><li>Develop the Notice of Privacy Practices document. </li></ul><ul><li>Develop or modify policies and safeguards to protect PHI and limit incidental use or disclosure. </li></ul><ul><li>Create employee-training programs, so everyone knows about the privacy policies and procedures for safeguarding PHI as well as consequences if privacy of patients is bridged. </li></ul><ul><li>Implement a complaints process, and resolution of formal complaints. </li></ul><ul><li>Make sure contracts with business associates comply with the privacy rule. </li></ul>
  9. 9. What happens to those who don’t comply? <ul><li>A $100 civil penalty up to a maximum of $25,000 per year for each standard violated. </li></ul><ul><li>A criminal penalty for knowingly disclosing PHI – a penalty that may escalate to a maximum of $250,000 for conspicuously bad offenses. </li></ul><ul><li>If entity or staff unknowingly disclose PHI by mistake the Department of Health and Human Services is mandated to give organizations advice and technical assistance – and help to work on problems. </li></ul>
  10. 10. What can you do to protect patients privacy and confidentiality? <ul><li>HIPPA protects our fundamental right to privacy and confidentiality. That means HIPPA’s Privacy Rule is everyone’s business – from the CEO to the healthcare professional to maintenance staff. To do our part: </li></ul><ul><li>Make sure you fully understand entity privacy practices </li></ul><ul><li>Protect all patient’s personal health information. </li></ul><ul><li>Do not access patient’s personal health information without legitimate reason. </li></ul><ul><li>Encourage others to do the same and report any bridges of confidentiality. </li></ul>
  11. 11. References <ul><li>HIPPA (1996). “Health Information Privacy.” Retrieved on January 19, 2012 from </li></ul><ul><li>Over 120 UCLA Hospital Staff Saw Celebrity Health Records .  Retrieved July 20, 2010 from,2933,398784,00.htm </li></ul><ul><li>Wolper, L.F. (2011). Health care administration: Managing organized delivery systems  (5th ed.). Boston: Jones and Bartlett. </li></ul><ul><li>Wyard K. (2011). “NEVHC Strategic Planning.” Retrieved on January 19, 2012 from intranet </li></ul>