2. HIPPA and Patient Privacy Education
• This e-learning module has been designed to inform staff about
patient privacy and the rules surrounding HIPPA.
• This module will describe what is considered protected health
information and the organizational compliance expectations.
• Trust between our patients and the organization is paramount for
quality outcomes and effective patient care. When the organization
and its staff fail to protect a patient’s privacy, there can be significant
organizational and employee consequences.
• At the conclusion of this e-learning module, the employee’s
knowledge will be tested via multiple choice questions. A 100%
score is required for successful completion. HIPPA compliance and
patient privacy must be exercised 100% of the time, by 100% of our
employees.
3. HIPPA
The Health Insurance Portability and Accountability
Act of 1996
• Key Points for HIPPA and Patient Privacy
– Provide strong Federal protections for privacy
rights
– Preserve quality health care
♦Provide strong Federal protections for
privacy rights
♦Preserve quality health care
4. Protected Health Information (PHI)
What is considered private…
- Individually identifiable health information
What is covered - Transmitted or maintained in any form or medium by an entity
or its business associate
- Health information, including demographic information
Individually - Relates to an individual’s physical or mental health or the
indentifiable provision of or payment for health care
health - Identifies the individual
information
- Entities may use/disclose PHI to carry out essential health care
Treatment, functions which include:
payment, •Treatment
healthcare •Payment
operations •Healthcare operations
5. Viewing a Patient’s PHI
Acceptable Use
The Privacy Rule sets rules and limits on who can
look at and receive PHI; and to make sure that
Nurse health information is protected in a way that does
Reviewing not interfere with healthcare and how information
His/Her Patient can be used and shared appropriately.
Orders
Acceptable Use:
- Those providing treatment and care
coordination
Billing Clerk - To pay doctors and hospital for health care
Physician Reviewing - With family, relatives, friend, or others
Providing Chart Prior identified, by the patient, who are involved
Care to Submitting with the healthcare or healthcare bills
a Claim - To make sure doctors give good care and
nursing homes are clean and safe
- To protect the publics health, such as by
reporting when epidemics are present within
a community
-To make required reports to the police,
such as reporting gunshot wounds
6. Family and Friends at the Bedside
Presences does not equal consent
• Healthcare providers
should verify with the
patient who can receive
PHI.
• Family, friends, and
visitors can be at the
bedside at any time. Their
presences does not equate
to the patient’s consent to
share information regarding
care and treatment.
• A patient might object to
his/her pastor knowing
about their past sexual
history.
7. •Conversations
Be aware of your surroundings
-Do not discuss patient information in public
cooridoors, elevators, or in the cafeteria. You
never know who might over hear your
conversation.
What happens in the facility, stays in the facility
-Do not discuss who you see in the facility
receiving care with family or friends.
8. HIPPA Violations
When in doubt, stay out!
If you have
no reason to
If you discover access PHI,
you have DON’T
access to PHI
and you should
Disclose only the not, report it to
minimal amount your supervisor
of information IMMEDIATELY
necessary for care
and treatment
9. HIPPA VIOLATIONS
Consequences for non-compliance
Employee disciplinary action may include a written
warning, suspension, or termination of employment.
All breaches of patient privacy are subject to review
and further action by the U.S. Office of Civil Rights.
The U.S. Office of Civil Rights is the agency
responsible for investigating complaints and HIPPA
violations.
Criminal penalties for wrongful disclosures include:
- Up to $50,000 & 1 year imprisonment
- Up to $100,000 & 5 years if done under false
pretenses
- Up to $250,000 & 10 years if intent to sell,
transfer, or use for commercial advantage,
personal gain or malicious harm
10. Reporting Violations and
Breaches
• If you discover a breach
in PHI or patient
confidentiality,
immediately report it to
your supervisor.
• You may also report any
breach to the facility’s
HIPPA Compliance
Officer, or anonymously
to the organization’s 24-
hour ethics line.
11. Let’s Maintain Patient Confidentiality
and Hit the HIPPA Compliance Bull's-eye, it’s everyone’s job