HIPPA Training on Confidentiality Craig Carr MHA690: Health Care Capstone Instructor: Hwang-Ji Lu
Before you get the urge to look ata patients medical records. Do youhave valid reason to be looking ina patients medical chart?
What is HIPPA?HIPPA is a federal law that gives people theright over their health information and setsrules and limitations on who may look atand receive their health information. Thisimplies that all means of medicalinformation be protected whether it is oral,written, or electronic .(U.S. Department of Health & Human Services, 2012)
Who Must Follow These Laws? Health plans: health insurance companies, HMO’s, company health plans, certain government programs that pay for health care such as Medicaid and Medicare Most health care providers: those who conduct certain business electronically, including most doctors, clinics, hospitals, psychologists, chiropractors, nursing homes, and dentists. Health care clearinghouses: those who process nonstandard health information they receive from another entity.(U.S. Department of Health & Human Services, 2012)
Who Is NOT Required to Follow These Laws? Life insurers Employers Workers compensation carriers Many schools and school districts Many state agencies like child protective service Many law enforcement agencies Many municipal offices(U.S. Department of Health & Human Services, 2012)
What Information is Protected? All medical Records Conversations between physician and other medical staff regarding patients. Billing information Information about patients in their health insurer’s computer system. Any other health information regarding the patient.(U.S. Department of Health & Human Services, 2012)
What Rights does the privacy rule giveto patients over their HealthInformation? The have the right to ask to see or get a copy of their health records. They can have corrections added to health information. They can receive notice that tells them how their health information is being used and shared for certain purposes. They can get a report on when and why health information was shared for certain purposes. They can file a complaint with the provider or health insurer. They can file a complaint with the U.S. Government.(U.S. Department of Health & Human Services, 2012)
Reasons for when a patients healthinformation can be shared? A healthcare professional involved with the treatment and coordination of care. To pay medical bills and to help run their business. To make sure doctors give good care and nursing homes are clean and safe. To protect the public’s health, such as by reporting when the flu is in your area. To make required reports to the police, such as reporting gunshot or stabbing wounds.(U.S. Department of Health & Human Services, 2012)
When is it required to have writtenpermission to give out patient information? To give patient information to an employer To use or share patient information for marketing purposes. To share private notes about a patients health care.(U.S. Department of Health & Human Services, 2012)
Penalties for violating HIPPA Civil Penalties: When a person unknowingly divulges patient information. Criminal Penalties: When a person willingly and knowingly divulges patient information.(DataFile Technologies, 2010)
Civil Penalties The least severe violation is a minimum penalty of $100 per violation with the maximum penalty of $25,000 fine for repeat violations. The most severe violation happens when a person unknowingly divulges patient information due to willful neglect and does not attempt to correct the situation which can cost $50,000 with an annual max of $1.5 million in fines.(DataFile Technologies, 2010)
Criminal Penalties The minimum penalty is $50,000 and up to one year in jail. Violations committed under false pretenses require a penalty of $100,000 and up to 5 years in prison. Violations with intent to sell, transfer, or us patient information for commercial advantage, personal gain, or malicious harm is punishable up to $250,000 and up to 10 year in prison.(DataFile Technologies, 2010)
ConclusionNot only is being nosy risking your job, butyou are risking possible jail time along withheft fines. As a health care professional itis your duty to protect the confidentiality ofthe patients and to always be mindful ofdisclosing sensitive information to thosewho are not in direct care of the patient.
References DataFile Technologies. (2010, October 10). Consequences of HIPAA Violations Can Be Hefty, But Avoidable. Retrieved from DataFile Technologies: http://datafiletechnologies.com/blog/release-of- information-and-hipaa/consequences-of-hipaa-violations-can-be- hefty-but-avoidable/ U.S. Department of Health & Human Services. (2012). Health Information Privacy. Retrieved from U.S. Department of Health & Human Services: http://www.hhs.gov/ocr/privacy/hipaa/understanding/consumer s/index.html