Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
HIPAA IS HEATING UP!!<br />
CAN YOU GUESS THE CELEBRITY???<br />
HIPAA GONE BAD?<br />This patient’s hospital was fined for doing the right thing- despite reporting the privacy breach and...
BUSTED FOR SNOOPING<br /><ul><li>218-bed facility
2 fired
13 resigned instead of facing termination
 another 8 disciplined
Despite privacy training-personnel still snooped
Under new rules, states now have the authority to make examples of workers and hospital itself.</li></li></ul><li>Multiple...
    LOS ANGELES, California (CNN) -- The hospital where a California woman gave birth to octuplets in January has been fin...
CNN News: “24 employees were investigated for violations of health care privacy law - HIPAA<br />
I know that 100% prevention of these type of violations is impossible.  Nurses need access to patient records.  Setting ac...
A complete basketball buff, he played with the Kentucky Basketball Team way back in 1979.<br />Vogue magazine has had only...
40 Palisades Medical Center employees were investigated – and more than two dozen suspended without pay – for allegedly le...
She auditioned to play Allie Nelson in The Notebook, but lost the part to Rachel McAdams.<br />At age seven she won $50,00...
CIRCUS TOUR<br />UNFORTUNATE CUT<br />
Can you guess this one?<br />
Best selling poster girl – of all time<br />Red swimsuit<br />Best known for her role in 1970’s television series<br />Los...
“Former Medical Center employee has been indicted for snooping in the medical records of the star and selling the informat...
&quot;It is my personal belief that what Lawanda Jackson is most guilty of is being a pawn,&quot; Fawcett wrote. &quot;She...
Hospital Leak Goes Deeper Than Farrah<br />AOL<br />Filed Under: TV News<br />(June 9) - In early April, an employee from ...
New sheriff in town. . . . . <br />
WASHINGTON – HHS has delegated the authority for the administration and enforcement of the HIPAA Security Rule to the Offi...
STIMULUS BILL AMENDSHIPAA<br />
 Included as part of the federal stimulus bill known as the American Recovery and Reinvestment Act of 2009 (“ARRA”) is Tit...
BUSINESS ASSOCIATES<br />….an individual or corporate &quot;person&quot; that: <br />performs on behalf of the SMC any fun...
Pre-ARRA Rule:<br />BAs were not directly subject to the HIPAA Privacy and Security Rules. Rather, their duties arose out ...
BREACH NOTIFICATION<br />Notice Required to Individuals:<br />Within 60 days of discovery of a breach, the Privacy Officer...
Pre-ARRA Rule: No affirmative obligation to notify individuals or HHS of a breach of Privacy or Security Rules. Rather, SM...
Notice to HHS & local media!  Sept. 2009<br />In any case in which 500or more persons are affected by a breach, the covere...
GREATER ENFORCEMENT!<br />ADDITIONAL ENFORCEMENT POWER RELATED TO VIOLATIONS OF PRIVACY & SECURITY RULES<br />*LAWS NOW RE...
Health Information Technology <br />American Recovery and Reinvestment Act (Recovery Act) Implementation Plan <br />Office...
HHS is required to distribute portions of the collected penalties to persons<br />FINANCIAL INCENTIVE!!!<br /> Minimum per...
ARRA: Provisions Changes Due<br />August 2009: Breach notification provisions and PHI breach notification<br />February 20...
MEDICAL IDENTITY THEFT <br />IS THE FASTEST-GROWING THEFT IN AMERICA<br />
SMC has implement a written Identity Theft Prevention Program to detect, prevent, and mitigate identity theft<br />
2  TYPES OF THEFT<br />IDENTITY<br />MEDICAL<br />
BOTH TYPES HARM YOU IN DIFFERENT WAYS<br />MEDICAL:  CAN KILL<br />IDENTITY:  IS A HASSLE   & CAN HURT FINANCIALLY<br />
Inaccurate information can cause an unwarranted adverse action<br />    What if a patient were given a medication that rea...
Upcoming SlideShare
Loading in …5
×

Hipaa Is Heating Up!!

1,025 views

Published on

Published in: Business, Self Improvement
  • Be the first to comment

  • Be the first to like this

Hipaa Is Heating Up!!

  1. 1. HIPAA IS HEATING UP!!<br />
  2. 2.
  3. 3. CAN YOU GUESS THE CELEBRITY???<br />
  4. 4. HIPAA GONE BAD?<br />This patient’s hospital was fined for doing the right thing- despite reporting the privacy breach and taking immediate disciplinary action. <br />This patient’s hospital is one of few that has sophisticated monitoring technology in place to detect privacy violations. <br />
  5. 5. BUSTED FOR SNOOPING<br /><ul><li>218-bed facility
  6. 6. 2 fired
  7. 7. 13 resigned instead of facing termination
  8. 8. another 8 disciplined
  9. 9. Despite privacy training-personnel still snooped
  10. 10. Under new rules, states now have the authority to make examples of workers and hospital itself.</li></li></ul><li>Multiple employees snooped into this record<br />Multiple violations<br />Multiple penalties<br />80 tiny fingers- 80 tiny toes<br />Famous for being Miracle Mom<br />
  11. 11. LOS ANGELES, California (CNN) -- The hospital where a California woman gave birth to octuplets in January has been fined $250,000 by the state because nearly two dozen medical workers, including doctors, illegally viewed her medical records, according to state health officials.<br /> The California Department of Public Health on July 16 issued an &quot;administrative penalty&quot; of $187,500 after determining that KP Bellflower failed to prevent unauthorized access to the family&apos;s confidential patient medical information.<br />
  12. 12. CNN News: “24 employees were investigated for violations of health care privacy law - HIPAA<br />
  13. 13. I know that 100% prevention of these type of violations is impossible.  Nurses need access to patient records.  Setting access rights on patient information too tight could cost human lives.  What if at the crucial moment in patient&apos;s treatment, a nurse is denied access to a patient file?  Therefore, where you cannot 100% prevent access to information, you must monitor access to information.  And if those people abuse their access privileges, you discipline them. <br />
  14. 14.
  15. 15. A complete basketball buff, he played with the Kentucky Basketball Team way back in 1979.<br />Vogue magazine has had only two men on their cover-this guy was one of them!<br />Not only is he one of Hollywood’s greatest stars, but he also has a large heart. He offer $1 million towards hurricane relief. Further, he donated his Oscar gifts to raise money for Hurricane Katrina victims. Incidentally, one gift included a Tahitian pearl necklace! <br />Hollywood calls him ‘Gorgeous George’.<br />Dr. Doug Ross <br />
  16. 16.
  17. 17. 40 Palisades Medical Center employees were investigated – and more than two dozen suspended without pay – for allegedly leaking Clooney&apos;s and girlfriend Sarah Larson&apos;s private medical records to the media.<br />
  18. 18.
  19. 19.
  20. 20. She auditioned to play Allie Nelson in The Notebook, but lost the part to Rachel McAdams.<br />At age seven she won $50,000 in a singing contest. <br />She is from Kentwood Louisiana<br />She has one Grammy award (won in 2005) and has six nominations: two nominations each in the 2000, 2001 and 2003 ceremonies. She also has had a total of 16 MTV Video Music Award nominations. <br />She spent time in rehab- now back on tour- and not with the Ringling Brothers<br />Biggest Influence: Madonna <br />Birth Date: December 2, 1982<br />This mother of 2 shaved her head- and went to rehab<br />
  21. 21. CIRCUS TOUR<br />UNFORTUNATE CUT<br />
  22. 22. Can you guess this one?<br />
  23. 23. Best selling poster girl – of all time<br />Red swimsuit<br />Best known for her role in 1970’s television series<br />Lost her battle with cancer this year<br />Perhaps the enactment of _________Law, legislation making it illegal for medical staff, or others who may have access, to leak private medical  information to the media, whether they are paid for that information or not, will be something good to come out of the anguish she has had to endure. <br />
  24. 24. “Former Medical Center employee has been indicted for snooping in the medical records of the star and selling the information to tabloids”<br />1947-2009<br />
  25. 25. &quot;It is my personal belief that what Lawanda Jackson is most guilty of is being a pawn,&quot; Fawcett wrote. &quot;She worked in a hospital system that did not provide strong enough deterrents to stop their employees from breaching their patient&apos;s medical records -- which made it all the easier for the tabloids to financially induce ... her to invade my privacy as well as the privacy of others.&quot;<br />
  26. 26. Hospital Leak Goes Deeper Than Farrah<br />AOL<br />Filed Under: TV News<br />(June 9) - In early April, an employee from the UCLA Medical Center was indicted after selling several celebrities&apos; medical records, including Farrah Fawcett&apos;s, to the National Enquirer. But the leaking of information to tabloids may have started long before.<br />
  27. 27.
  28. 28. New sheriff in town. . . . . <br />
  29. 29. WASHINGTON – HHS has delegated the authority for the administration and enforcement of the HIPAA Security Rule to the Office for Civil Rights.<br />The OCR&apos;s administration and enforcement of the security rule, which had previously been delegated to the Centers for Medicare and Medicaid Services, will eliminate duplication and improve the department&apos;s efforts to ensure that health information privacy is protected.<br />
  30. 30. STIMULUS BILL AMENDSHIPAA<br />
  31. 31. Included as part of the federal stimulus bill known as the American Recovery and Reinvestment Act of 2009 (“ARRA”) is Title XIII, the “Health Information Technology for Economic and Clinical Health Act” or the “HITECH Act.” <br />The HITECH Act contains a sweeping expansion of HIPAA privacy and security regulations. These changes will affect more businesses in more ways than ever before. <br />
  32. 32. BUSINESS ASSOCIATES<br />….an individual or corporate &quot;person&quot; that: <br />performs on behalf of the SMC any function or activity involving the use or disclosure of PHI. <br />
  33. 33. Pre-ARRA Rule:<br />BAs were not directly subject to the HIPAA Privacy and Security Rules. Rather, their duties arose out of their BA Agreements.<br />Revise BAAs to incorporate expanded Privacy<br /> and Security Rule obligations.<br />Civil and criminal penalties now apply directly to BAs.<br />
  34. 34. BREACH NOTIFICATION<br />Notice Required to Individuals:<br />Within 60 days of discovery of a breach, the Privacy Officer must provide notice via first class mail<br />“Breach” generally is the unauthorized<br />acquisition, access, use or disclosure of PHI that<br />compromises the Privacy or Security of that<br />information, excluding certain unintentional or<br />inadvertent disclosures.<br />
  35. 35. Pre-ARRA Rule: No affirmative obligation to notify individuals or HHS of a breach of Privacy or Security Rules. Rather, SMC’S obligation to mitigate any harm caused by a breach.<br />
  36. 36. Notice to HHS & local media! Sept. 2009<br />In any case in which 500or more persons are affected by a breach, the covered entity must provide notice to major local media outlets<br />
  37. 37. GREATER ENFORCEMENT!<br />ADDITIONAL ENFORCEMENT POWER RELATED TO VIOLATIONS OF PRIVACY & SECURITY RULES<br />*LAWS NOW REQUIRE HHS TO CONDUCT AUDITS<br />
  38. 38. Health Information Technology <br />American Recovery and Reinvestment Act (Recovery Act) Implementation Plan <br />Office of the National Coordinator for Health Information Technology <br />Funding Table <br />Total Appropriated <br />(Dollars in Millions) <br /> Privacy and Security* $ 24.285 <br />National Institute of Standards and Technology (NIST) 20.000 <br />Regional HIT Exchange 300.000 <br /> Unspecified 1,655.715 <br /> Total, Health Information Technology $ 2,000.000 <br />*Note: This dollar figure, $24,285,000, includes an estimated $9.5 million for audits by the Office for Civil Rights and the Centers for Medicare & Medicaid Services. <br />
  39. 39. HHS is required to distribute portions of the collected penalties to persons<br />FINANCIAL INCENTIVE!!!<br /> Minimum per Violation<br /> Annual Maximum<br />Maximum Penalties<br />Tier A $25,000<br />Tier B $100,000<br />Tier C $250,000<br />Tier D $1,500,000<br />Minimum Penalties<br />“Did not know”<br />Tier A $100<br />“Reasonable cause”<br />Tier B $1,000<br />“Willful neglect”<br />Tier C $10,000<br />“Uncorrected violation”<br />Tier D $50,000<br />
  40. 40. ARRA: Provisions Changes Due<br />August 2009: Breach notification provisions and PHI breach notification<br />February 2010: Business Associates and Marketing<br />August 2010: Minimum Necessary and Prohibition on sale of electronic health records/PHRs.<br />January 2011: Accounting for Disclosures<br />February 2011: Enforcement for <br /> ‘willful neglect’<br />
  41. 41. MEDICAL IDENTITY THEFT <br />IS THE FASTEST-GROWING THEFT IN AMERICA<br />
  42. 42. SMC has implement a written Identity Theft Prevention Program to detect, prevent, and mitigate identity theft<br />
  43. 43. 2 TYPES OF THEFT<br />IDENTITY<br />MEDICAL<br />
  44. 44. BOTH TYPES HARM YOU IN DIFFERENT WAYS<br />MEDICAL: CAN KILL<br />IDENTITY: IS A HASSLE & CAN HURT FINANCIALLY<br />
  45. 45. Inaccurate information can cause an unwarranted adverse action<br /> What if a patient were given a medication that reacted with a serious blood disorder because a thief’s diagnosis and treatment had intermingled with the real patient’s record, that stated - no allergies? <br />
  46. 46. To detect identity thieves using personal<br /> information at your institution<br />Preventing medical identity theft can save patients’ lives.<br />FTC’s Red Flag Rules<br />
  47. 47. Warning from consumer reporting agencies<br />Suspicious documents<br />Suspicious personal information<br />Inconsistent with external information sources<br />Documents provided for identification appear to be altered<br />Fraud or active duty alert included in consumer<br /> report<br />
  48. 48. PROVIDERS AND PLANS<br /> Healthcare providers such as SMC along with health plans may become secondary victims<br />Providers may unknowingly submit incorrect precertification or claims and accompanying health information to health plans to justify treatment or payment for the health service rendered<br />A provider may be forced to write off expenses related to the medical identity theft<br />Hidden expenses incur in employees rescinding claims and working numerous hours with the victim to correct and mitigate further risk<br />

×