Published on

Healthcare Capstone MHA 690

  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  1. 1. What does Confidentiality Mean in the Workplace?
  2. 2. <ul><li>What is HIPPA? </li></ul><ul><li>Why is HIPPA important? </li></ul><ul><li>Who is covered under HIPPA? </li></ul><ul><li>What information is covered under HIPPA? </li></ul><ul><li>What does HIPPA security imply? </li></ul><ul><li>What are the disciplinary actions, both HIPPA’s penalties and organizational penalties, to be taken if HIPPA is not followed? </li></ul>
  3. 3. <ul><li>The Health Insurance Portability and Accountability Act (HIPAA) was signed into law in 1996 as a way to acknowledge and deal with concerns regarding confidential health information. </li></ul><ul><li>The purpose of HIPPA is to ensure that the privacy of personal health information (PHI) is protected </li></ul><ul><li>HIPPA protects electronic health information transactions by providing uniform standards </li></ul><ul><li>HIPPA is a way to combat fraud and theft within of personal health information within the healthcare industry </li></ul>
  4. 4. <ul><li>The healthcare industry has began using electronic medical records to make care more efficient </li></ul><ul><li>Most information breaches happen within healthcare organizations </li></ul><ul><li>Employees need to understand what is considered proper use of patient information </li></ul>
  5. 5. <ul><li>HIPPA applies to what is called a covered entity; covered entities include: Health Plans, Healthcare Clearing Houses and Healthcare providers </li></ul><ul><li>Health plans are those organizations that provide or pay for healthcare services. Examples of health plans include: insurance companies, Medicare and Medicaid </li></ul><ul><li>Healthcare Clearing Houses are organizations that process healthcare information. Examples of these services are both billing and transcription. </li></ul><ul><li>Healthcare providers are those that provide healthcare services such as physicians, pharmacies and hospitals. These individuals or organizations become a covered entity when they transfer PHI/ </li></ul>
  6. 6. <ul><li>Patient Health Information(PHI) is covered under HIPPA </li></ul><ul><li>PHI is any information that relates to the physical or mental health of the patient in the past, present or future. This includes information for payment or any other provisions as part of healthcare. </li></ul><ul><li>PHI can also identify patients in what is considered a personal fashion. </li></ul><ul><li>PHI is either created by the covered entity or received by the covered entity in order to properly care for the patient. </li></ul>
  7. 7. <ul><li>PHI is considered medical records and anything contained in those records such as insurance information, prescriptions and billing information. This can either be paper or electronic form. </li></ul><ul><li>PHI is normally found in patient charts, EMR programs, faxes between providers, emails and even in oral communication. </li></ul>
  8. 8. <ul><li>Those who may have access to PHI are those directly caring for the patient such as physicians, nurses and other clinical personnel </li></ul><ul><li>Those also working in the healthcare organization without direct patient contact such as housekeeping personnel, security and IT services </li></ul><ul><li>Those who bill for healthcare services or transcribe reports will have access to pertinent information </li></ul><ul><li>Those using diagnostic information for research may also have access to PHI </li></ul>
  9. 9. <ul><li>Patients have the right to obtain and amend their PHI. This includes making changes such as requesting restrictions on use, an increase in confidential communications, receive listing of disclosures and reporting a violation. </li></ul><ul><li>Patients have a right to know how PHI is used and who it is disclosed to. </li></ul><ul><li>Patients have the right to receive the Notice of Privacy Practices for their healthcare provider. </li></ul><ul><li>Some entities have special coverage rules when it applies to marketing and fundraising </li></ul><ul><li>Administrative measures must detail record keeping and procedure compliance. </li></ul>
  10. 10. <ul><li>The hospital will comply with the terms of compliance as enforced by the Department of Health and Human Services </li></ul><ul><li>If a complaint is made an investigation will follow and disciplinary action taken. </li></ul><ul><li>All organizations that are considered covered entities must have a process in place for investigating complaints. All complaints must be handled in the same fashion and organizations are prohibited from taking any type of retaliation against those that file complaints. </li></ul>
  11. 11. <ul><li>Federal Punishment Guidelines: Fines start at $100 for civil penalties and can reach up to $25,000 per year; Criminal penalties may reach up to 10 years in prison and $250,000 </li></ul><ul><li>Those that are found to have improperly used or accessed PHI can be fined under the federal law and will be disciplined as found appropriate by the healthcare organization. </li></ul>
  12. 12. <ul><li>Misuse is considered accessing PHI for a patient that is not under your care </li></ul><ul><li>Accessing information of a patient under your care, but that is not pertinent to completing your job, such as a nurse accessing insurance or personal information of a patient admitted to the hospital </li></ul><ul><li>Accessing PHI using someone else’s work station or password </li></ul><ul><li>Unauthorized access patient e-mails </li></ul><ul><li>Selling or forwarding PHI to organizations or individuals that has not been authorized by the healthcare provider or the patient </li></ul>
  13. 13. <ul><li>If you have to question whether your actions are right or wrong, DON’T TAKEN ACTION! Contact your supervisor with any questions. It is important not to assume your actions are correct, if a question arises it is safer to ask first act second. </li></ul>