HIPAA and Confidentiality Brandy Press-Smith MHA 690 March 15, 2012
What is HIPAA?• “The HIPAA Privacy Rule, also called the Standards for Privacy of Individually Identifiable Health Information, provided the first nationally- recognizable regulations for the use/disclosure of an individuals health information.”• “The Privacy Rule defines how covered entities use individually-identifiable health information or the PHI (Personal Health Information).” http://whatishipaa.org/
HIPAA Privacy• Rule addresses all issues concerned with saving/accessing/sharing medical & personal information of an individual. http://whatishipaa.org/
Privacy Rule• Gives patients control over the use of their health information• Defines boundaries for the use/disclosure of health records by covered entities• Establishes national-level standards that healthcare providers must comply with• Helps to limit the use of PHI and minimizes chances of its inappropriate disclosure• Strictly investigates compliance-related issues and holds violators accountable with civil or criminal penalties for violating the privacy of an individuals PHI• Supports the cause of disclosing PHI without individual consent for individual healthcare needs, public benefit and national interests http://whatishipaa.org/
Who must follow these laws?• Health Plans, including health insurance companies, HMOs, company health plans, and certain government programs that pay for health care, such as Medicare and Medicaid.• Most Health Care Providers—those that conduct certain business electronically, such as electronically billing your health insurance— including most doctors, clinics, hospitals, psychologists, chiropractors, nursing homes, pharmacies, and dentists.• Health Care Clearinghouses—entities that process nonstandard health information they receive from another entity into a standard (i.e., standard electronic format or data content), or vice versa. http://www.hhs.gov/ocr/privacy/hipaa/und erstanding/consumers/index.html
Personally-identifiable health information….what is it???• Health information that relates to a specifically identifiable individual; it generally includes the following, whether in electronic, paper, or oral format:• Health care claims or health care encounter information, such as documentation of doctors visits and notes made by physicians and other provider staff• Health care payment and remittance advice• Coordination of health care benefits• Health care claim status• Enrollment and disenrollment in a health plan• Eligibility for a health plan• Health plan premium payments• Referral certifications and authorization• First report of injury• Health claims attachments http://www.twc.state.tx.us/news/efte/hipaa_basics.html
Health Information can be used and shared:• For your treatment and care coordination• To pay doctors and hospitals for your health care and to help run their businesses• With your family, relatives, friends, or others you identify who are involved with your health care or your health care bills, unless you object• To make sure doctors give good care and nursing homes are clean and safe• To protect the publics health, such as by reporting when the flu is in your area• To make required reports to the police, such as reporting gunshot wounds http://www.hhs.gov/ocr/privacy/hipaa/u nderstanding/consumers/index.html
Think before you peak…. • Before viewing medical records, make sure you have a valid reason.