SlideShare a Scribd company logo

香港六合彩

Download as PPT, PDF
Y
youdoww

道是烦乱的心事困扰着香港六合彩,让香港六合彩一直睡不着,不解开那些心结,香港六合彩会一直失眠下去。可那些心结怎么可能解得开呢?你还是杀了我吧! 倒了杯牛奶给地,度一舟希望这对香港六合彩有帮助。 愿意跟我说说吗?香港六合彩这么大的女生会失眠无外乎家庭出现突然变故,课业太过紧张和感情问题。前两者以公主的个性会找人倾吐,失眠的可能性不大,惟有最后一种情况比较可能,在众多可能的情况中,香港六合彩的外甥——度天涯又是最大的可能。 不用说了,失眠的症结就是度天涯那个绝美的王储殿下。除了香港六合彩,还有谁有这么大的魅力?简直是害人不浅! 跟天涯吵架了? 没有!我怎么会跟香港六合彩吵架呢?香港六合彩俩之间什么关系都没有,我才不会为了香港六合彩而失眠呢! 公主急急的辩解变相地交代了一切,度一舟心中了然。香港六合彩开始庆幸自己学的是临床,连心理医生的功课也一起攻克了,学得多果然还是有用处的,这不就派上用场了嘛! 公主,香港六合彩坐下来,不是为了体现亲切感,而是失眠的后遗症让香港六合彩也有点儿飘。有些男人不会把香港六合彩的在意、香港六合彩的真心放在脸上,那些东西得你自己一点儿一点儿去体味。 你就是这样的男人? …… 不光是度一舟,连公主都倒抽一口凉气。两个人以坐着的高度直视过去,首先目睹的是火曦修长的腿,再向上攀升,宽大的衬衫遮住了极限诱惑——地根本什么也没穿,套了件衬衫,还是度一舟的衬衫就跑了下来。 大清早的,这叫什么事? 度一舟扶扶眼镜,香港六合彩要求自己保持

1 of 54
1 Eighth National HIPAA Summit Baltimore, MD PreConference I: HIPAA Boot Camp: The Basics of HIPAA for Providers, Health Plans, Employers and Patients Employer and Group Health Plan Issues By Gerald E. DeLoss, Esquire Barnwell Whaley Patterson & Helms, LLC Charleston, South Carolina
2 HIPAA and Employers • Only Certain Health Care Providers, Health Plans, and Health Care Clearinghouses Are Covered Entities • Employers Not Generally Covered Unless Fall Under Above Definitions • Caveat: Medical Information Provided to Employers and Employer Sponsored Group Health Plans
3 Employment Records and PHI • Definition of Protected Health Information (“PHI”) Specifically Excludes: – Employment Records Held by a Covered Entity in its Role as Employer • 45 C.F.R. § 165.501 • Example: Drug Testing or Fitness for Duty – Must be Provided to CE in Capacity as Employer – If Conducting Testing, Must Get Authorization to Transmit to HR • Example: Professional Sports Teams’ Player Information
4 Employer Issues • Covered Entity May Disclose to an Employer About an Employee or Workforce Member of Employer, If: – Covered Entity is a Covered Health Care Provider Who is a Member of the Employer’s Workforce or Who Provides Health Care to Employee or Member At Request of Employer to • Conduct Evaluation Relating to Medical Surveillance of Workplace; or • Evaluate Whether the Employee or Member Has a Work- Related Illness or Injury – 45 C.F.R. § 164.512(b)(v)
5 Employer Issues • The PHI Disclosed Concerns a Work-Related Illness or Injury or Work-Related Medical Surveillance; or • The Employer Needs Findings for OSHA Requirements; and • Notice is Provided to Employee or Member – By Giving a Copy of Notice of Privacy Practices, or – Posting of Notice if in Same Worksite • 45 C.F.R. § 164.512(b)(v)
6 Group Health Plan • Definition of Health Plan Includes: – Employee Welfare Benefit Plan or any Other Arrangement that is Established or Maintained for the Purpose of Offering or Providing Health Benefits to the Employees of Two or More Employers •45 C.F.R. § 160.103
7 Group Health Plan Group Health Plan • Means an Employee Welfare Benefit Plan (as Defined Under ERISA), Including Insured and Self-Insured Plans to Extent the Plan Provides Medical Care to Employees or Their Dependents, Directly or Through Insurance, That: – Has 50 or More Participants; or – Is Administered by a Third Party • 45 C.F.R. § 160.103
8 Third Party Administrators • Third Party Administrator Not Generally a Covered Entity Under HIPAA – Most Likely Considered a Business Associate of Group Health Plan • DHHS FAQ No. 365
9 Group Health Plan • Plan Sponsor means: – The Employer if a Single Employer; – The Employee Organization; – Where Two or More Employers or Employee Organizations, the Association, Committee, Joint Board, or Other Similar Representatives Who Establish or Maintain the Plan • 29 U.S.C. § 1002(16)(B)
10 Group Health Plan as Small Health Plan • Many Group Health Plans Fall Under Definition of Small Health Plan – Means a Health Plan with Annual Receipts of $5 Million or Less • Small Health Plan Compliance Deadline is April 14, 2004 – 45 C.F.R. § 164.534(b)
11 Group Health Plan – Flexible Spending Accounts/Cafeteria Plans • According to DHHS: – To the Extent That a Flexible Spending Account or a Cafeteria Plan Meets Definition of an Employee Welfare Benefit Plan Under ERISA and Pays for Medical Care, It Is a Group Health Plan – Unless It Has Fewer Than 50 Participants and Is Self-administered •DHHS FAQ No. 421
12 Group Health Plan – Flexible Spending Accounts/Cafeteria Plans • FSA or Cafeteria Plan Could Be Considered Group Health Plan – Fully Insured or Self Insured? – Summary Health Information or PHI? – To Extent Qualifies, Must Satisfy Group Health Plan Requirements
13 Group Health Plan • Business Associate Requirements – Generally Covered Entity may Only Disclose to a Business Associate PHI, or Allow Business Associate to Create or Receive PHI, if Agreement – Requirement Does Not Apply to Disclosures by a Group Health Plan or Insurer, to the Plan Sponsor if Other Requirements Met • 45 C.F.R. § 164.504(f)
14 Disclosures for Group Health Plan • To Disclose PHI to Plan Sponsor or • To Permit Health Insurer or HMO to Disclose PHI to Plan Sponsor • Must Ensure Plan Documents Restrict Uses and Disclosures •45 C.F.R. § 164.504(f)(1)(i)
15 Disclosures for Group Health Plan • Group Health Plan, Insurer, or HMO May Disclose Summary Health Information to Plan Sponsor for – Obtaining Premium Bids From Health Plans for Providing Health Insurance under Group Plan – Modifying, Amending, or Terminating the Group Health Plan • Group Health Plan or Insurer or HMO May Disclose Enrollment Information to Plan Sponsor • 45 C.F.R. § 164.504(f)(1)(ii), (iii)
16 Disclosures for Group Health Plan • Summary Health Information – Summarizes Claims History, Claims Expenses, or Types of Claims Experienced by Individuals for Whom the Plan Sponsor Provided Benefits Under the Group Health Plan – Must Exclude Most Identifying Features, But Not Truly De-Identified • Geographic Information May be Aggregated to 5 digit Zip Code Level – 45 C.F.R. § 164.504(a)
17 Disclosures for Group Health Plan • Amendment of Plan Documents – Permitted and Required Uses and Disclosures – Certification by Plan Sponsor: • Not Further Use or Disclose PHI • Subcontractors Comply • NOT Use or Disclose for Employment Decisions • Report Any Breach • Make PHI Available for Access, Amendment & Accounting • Make Records Available for Investigation • Return or Destroy PHI – 45 C.F.R. § 164.504(f)(2)(i), (ii)
18 Disclosures for Group Health Plan • Adequate Separation Between Group Health Plan and Plan Sponsor – Plan Sponsor Employees Who Will Access – Only for Plan Administration Functions – Mechanism for Complaints/Noncompliance – 45 C.F.R. § 164.504(f)(2)(iii)
19 Group Health Plan Uses and Disclosures • Group Health Plan May: – Disclose PHI to Plan Sponsor for Plan Administration Functions Consistent with Above – Not Permit an Insurer or HMO to Disclose PHI to Plan Sponsor Except as Provided Above – Not Disclose or Permit Insurer or HMO to Disclose PHI to Plan Sponsor Unless in Notice of Privacy Practices – Not Disclose PHI to Plan Sponsor for Employment Related Actions – 45 C.F.R. § 164.504(f)(3)
20 Group Health Plan – Other Uses or Disclosures 45 C.F.R. § 164.506(a) • Use and Disclosure for Treatment, Payment, and Health Care Operations (“TPO”) – Covered Entity Generally May Use and Disclose PHI for TPO – No Consent – Now Notice of Privacy Practices – Treatment • Use or Disclose to Any Provider – Payment • Use or Disclose Minimum Necessary to Any Other
21 Group Health Plan -- Other Uses or Disclosures 45 C.F.R. § 164.501 • Health Care Operations – Quality Assurance Activities • Quality Assessment and Guidelines, Case Mgmt. – Professional Competency Activities • Accreditation, Credentialing, Licensing – Insurance Activities • Underwriting, Premium Rating – Compliance Activities • Fraud and Abuse Compliance – Business Activities • Legal, Auditing, Business Planning, Sale of Practice
22 Group Health Plan – Other Uses or Disclosures 45 C.F.R. § 164.514 • De-Identified Information – Not PHI – May Statistically Determine That PHI has Been De-Identified •Qualified Individual Offer Professional Conclusion •Mathematically Not Identifiable
23 Group Health Plan – Other Uses or Disclosures • De-Identified Information Safe Harbor – Names – Geographic Subdivisions – Dates – Telephone Numbers – Facsimile Numbers – Email Address – Social Security Numbers – Medical Record Numbers – Health Plans Numbers
24 Group Health Plan – Other Uses or Disclosures • De-Identified Information Safe Harbor – Account Numbers – License Numbers – Vehicle Identifiers – Device Identifiers – URLs – Internet Addresses – Biometric – Finger and Voice Prints – Facial Photographs – Etc.
25 Authorization 45 C.F.R. § 164.508 • Elements – Meaningful Description of PHI – Identify Entities or Class Disclosing – Identify Entities or Class Receiving – Purpose – Expiration Date or Event – Individual’s Rights – Revocation – Marketing = Remuneration – Dated and Signed
26 Authorization • Typically Cannot Condition Treatment Upon Execution • Allowed to Condition if for Third Party – Fitness for Duty, etc. • Health Plan May Condition for Underwriting or Risk Rating • Provider May Condition for Research
27 Authorization • Psychotherapy Notes Require • Marketing Requires • Research Typically Requires • Any Use or Disclosure Not Addressed by the Rule
28 Other Uses or Disclosures Requiring Opportunity to Object 45 C.F.R. § 510 • Covered Entity may Use or Disclose PHI in Limited Situations Based Upon Informal Permission • Disclose to Family Members, Relatives, Individuals Identified Who Are Involved in Care or Treatment • Use or Disclose for Facility Directory to Anyone Asking for by Name, Clergy
29 Opportunity to Object • Permission in Advance • No Documentation Required • If Emergency, May Disclose to Those Involved in Care, if Professional Judgment Exercised • Covered Entity May Release X-Rays, Rxs, Supplies to Person Acting on Individual’s Behalf, if Professional Judgment
30 Other Uses or Disclosures Without Opportunity to Object 45 C.F.R. § 164.512 • Covered Entity Must Verify Identity of Requester and Authority • Where Required by Law • Public Health Activities – Reporting Disease – Reporting Vital Statistics – Reporting to FDA – Reporting to Employer – Reporting Communicable Diseases
31 Disclosures Without Objection • Victims of Abuse, Neglect, or Domestic Violence – Reasonably Believes and Required/Allowed by Law – No Consent or Notification From/to Individual if Danger – Notice to Personal Representative Unless Harm
32 Disclosures Without Objection • Health Oversight Activities – Audits – Civil or Criminal Investigations – Not Where Individual’s Health is at Issue
33 Disclosures Without Objection • Law Enforcement – Where Required by Law – Information Must be Relevant – Minimum Necessary Disclosed
34 Disclosures Without Objection • Decedents – Disclose to Coroners, Medical Examiners, and Funeral Directors to Carry out Duties • Organ, Eye, or Tissue Donation – Use or Disclose PHI to Procurement Organizations
35 Disclosures Without Objection • Research Purposes – Must Satisfy Conditions With Respect to IRB Waiver • To Avert Serious Threat to Public • Certain Specialized Governmental Functions: National Security, VA, Military, Secret Service • Workers Compensation Act
36 Disclosures to Attorneys • Subpoenas – Notice and Opportunity to Object or Move for Qualified Protective Order (“QPO”) – QPO Not a Good Choice •Would Appear to Require Return or Destruction •No “Not Feasible” Language in the Order
37 Subpoenas • Proposed Procedure – Notice Letter to Patient/Patient’s Attorney •Allow for Reasonable Time (14 Days) to File Objection •Dispute Over Notice to Attorney Only? – Upon Conclusion of Time Period Send Subpoena, Copy of Notice Letter, and Cover Letter to Covered Entity •One Package, Not Waiting on Objections
38 Group Health Plan Notice of Privacy Practices • Individual Enrolled in a Group Health Plan Has Right to Notice: – From Group Health Plan if no Insurer of HMO, i.e., Self Insured – From Insurer or HMO if Fully Insured – 45 C.F.R. § 164.520(a)(2)
39 Group Health Plan Notice of Privacy Practices • Group Health Plan Which is Fully Insured and Creates or Receives PHI Above and Beyond Summary Health Information and/or Enrollment/Disenrollment, Must: – Maintain Notice of Privacy Practices – Provide Notice Upon Request • If Group Health Plan is Fully Insured and Only Summary Health Information, Then No Notice Required •45 C.F.R. § 164.520(a)(2)
40 Group Health Plan Administrative Requirements • Group Health Plan Which is Fully Insured and Creates or Receives Only Summary Health Information and/or Enrollment/Disenrollment Has Only Limited Administrative Obligations •45 C.F.R. § 164.530(k)(1)
41 Group Health Plan Administrative Requirements • Fully Insured Group Health Plan Not Required to: – Designate Privacy Officer – Train Workforce – Implement Safeguards – Complaint Process – Sanctions for Workforce – Mitigate Violations – Implement Policies and Procedures – Only Maintain Documentation of Amended Plan Documents – 45 C.F.R. § 164.530(k)(1),(2)
42 Group Health Plan Personal Rights • Privacy Rule Does Not Explicitly Exclude Group Health Plans Which Are Fully Insured and Receive Only Summary Health Information From Personal Rights Obligations – Access, Amendment, Accounting, Restrictions, Confidential Communications – Guidance States Are Excluded •65 Fed. Reg. 82645 (December 28, 2000)
43 Access to PHI 45 C.F.R. § 164.524 • Individual Has Right of Access and Inspection • No Right to Psychotherapy Notes, Information Compiled for Legal Proceeding, or Exempt Under CLIA • May Deny Without Review if For Above, if For Inmate, if During Research, if Under Privacy Act, or if Obtained From Another Party
44 Right of Access • Must Provide Review if Refused Due to Endangerment, Due to Mention Another Person, or if Access by Personal Representative a Danger • Response to Request Within 30 Days + 30 Day Extension • If Reasonable, Must be in Requested Format or Summary if Acceptable; Cost-based Fee
45 Denial of Access • Provide Access to Non-Objectionable PHI • Written Denial, in Plain Language, of Basis and Complaint Process • Notify Individual of Location if Not With Covered Entity
46 Right to Amendment 45 C.F.R. § 164.526 • Individual May Request Amendment to PHI • Covered Entity May Deny if Not Its Record, Not Available for Access, or if Accurate • Covered Entity May Require That in Writing and Provide Reason • 60 Day Time Limit + 30 Day Extension
47 Acceptance of Amendment • Covered Entity Must Amend/Append Record • Covered Entity Must Notify Individual • Covered Entity Must Notify Third Parties and Business Associates of Amendment
48 Denial of Amendment • Must Provide Individual With Written Denial • Provide Individual to Submit Statement in Disagreement • Copies Sent Out to Third Parties • Covered Entity May Submit Rebuttal Statement
49 Accounting of Disclosures 45 C.F.R. § 164.528 • Right to Listing of Disclosures During Prior 6 Years, or Less if Specified • Excluded – For TPO – To Individuals – Incidental Disclosures – If Authorization – For Facility Directory or Care or Notification – National Security or Law Enforcement – Prior to April 14, 2003
50 Providing the Accounting • Date of Disclosure • Name of Party Receiving • Description of PHI • Brief Statement of Purpose for Disclosure or Copy of the Request • 60 Day Time Limit + 30 Day Extension
51 Request for Restriction on Use or Disclosure of PHI 45 C.F.R. § 164.522(a) • Request for Restrictions on Any Aspect • Covered Entity Need Not Comply with Request • If Agree, Then may Not Disclose Except in Emergency – Must Obtain Assurance from Recipient That Will Not Further Disclose – Not a Bar to Disclosures for Facility Directory • May Terminate Orally if Documented and Post-PHI Only
52 Confidential Communications 45 C.F.R. § 164.522(b) • Individual May Request Alternate or Confidential Communications – Binding Upon Covered Entity if Reasonable • Providers May Not Request Reason • Health Plans May Request Reason and Only Comply if Endanger Individual • May Require Payment Arrangements
53 Conclusion • Non-Health Care Employers Still May Be Caught Up in HIPAA – Obtaining Health Information from Covered Entities – Group Health Plans • Necessary for All Interested Parties to Learn of the Promise and Pitfalls of the Privacy Rule
54 Conclusion/Questions • Gerald “Jud” E. DeLoss • Barnwell Whaley Patterson & Helms, LLC • 885 Island Park Drive (29492) • Post Office Drawer H • Charleston, South Carolina 29402 • (843) 577-7700 Telephone • (843) 577-7708 Facsimile • gdeloss@barnwell-whaley.com • www.barnwell-whaley.com

Recommended

Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule and ...
Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule and ...Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule and ...
Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule and ...
data brackets
 
Health Insurance Portability & Accountability Act (HIPAA)
Health Insurance Portability & Accountability Act (HIPAA)Health Insurance Portability & Accountability Act (HIPAA)
Health Insurance Portability & Accountability Act (HIPAA)
Arpitha Aarushi
 
HIPAA
HIPAAHIPAA
HIPAA
Alanoud Alqoufi
 
Hipaa overview 073118
Hipaa overview 073118Hipaa overview 073118
Hipaa overview 073118
robint2125
 
HIPAA AND INFORMATION TECHNOLOGY
HIPAA AND INFORMATION TECHNOLOGYHIPAA AND INFORMATION TECHNOLOGY
HIPAA AND INFORMATION TECHNOLOGY
mariaradziminski
 
HIPAA Privacy & Security
HIPAA Privacy & SecurityHIPAA Privacy & Security
HIPAA Privacy & Security
National Pharmacy Technician Association
 
Hipaa
HipaaHipaa
Hipaa
Jason Wrench
 
HIPPA-Health Insurance Portability and Accountability Act
HIPPA-Health Insurance Portability and Accountability ActHIPPA-Health Insurance Portability and Accountability Act
HIPPA-Health Insurance Portability and Accountability Act
Harshit Trivedi
 

Recommended

Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule and ...
Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule and ...Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule and ...
Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule and ...
data brackets
 
Health Insurance Portability & Accountability Act (HIPAA)
Health Insurance Portability & Accountability Act (HIPAA)Health Insurance Portability & Accountability Act (HIPAA)
Health Insurance Portability & Accountability Act (HIPAA)
Arpitha Aarushi
 
HIPAA
HIPAAHIPAA
HIPAA
Alanoud Alqoufi
 
Hipaa overview 073118
Hipaa overview 073118Hipaa overview 073118
Hipaa overview 073118
robint2125
 
HIPAA AND INFORMATION TECHNOLOGY
HIPAA AND INFORMATION TECHNOLOGYHIPAA AND INFORMATION TECHNOLOGY
HIPAA AND INFORMATION TECHNOLOGY
mariaradziminski
 
HIPAA Privacy & Security
HIPAA Privacy & SecurityHIPAA Privacy & Security
HIPAA Privacy & Security
National Pharmacy Technician Association
 
Hipaa
HipaaHipaa
Hipaa
Jason Wrench
 
HIPPA-Health Insurance Portability and Accountability Act
HIPPA-Health Insurance Portability and Accountability ActHIPPA-Health Insurance Portability and Accountability Act
HIPPA-Health Insurance Portability and Accountability Act
Harshit Trivedi
 
Hipaa rahul thore 1
Hipaa rahul thore 1Hipaa rahul thore 1
Hipaa rahul thore 1
RahulThore
 
Health Insurance and Portability and Accountability Act
Health Insurance and Portability and Accountability ActHealth Insurance and Portability and Accountability Act
Health Insurance and Portability and Accountability Act
সারন দাস
 
HIPAA for Dummies
HIPAA for DummiesHIPAA for Dummies
HIPAA for Dummies
hipaacompliance
 
HIPAA
HIPAAHIPAA
HIPAA
Paul D. Friedman, M.A., Ph.D., J.D.
 
Hipaa in clinical trails
Hipaa in clinical trailsHipaa in clinical trails
Hipaa in clinical trails
Tejaswi Reddy
 
HIPAA
HIPAAHIPAA
HIPAA
Karna *
 
Definitions according to Drug Regulatory Authority of Pakistan (DRAP medical ...
Definitions according to Drug Regulatory Authority of Pakistan (DRAP medical ...Definitions according to Drug Regulatory Authority of Pakistan (DRAP medical ...
Definitions according to Drug Regulatory Authority of Pakistan (DRAP medical ...
Arooj Abid
 
HIPAA Workforce Training by Wayne-Holmes Mental Health Recovery Board
HIPAA Workforce Training by Wayne-Holmes Mental Health Recovery BoardHIPAA Workforce Training by Wayne-Holmes Mental Health Recovery Board
HIPAA Workforce Training by Wayne-Holmes Mental Health Recovery Board
Atlantic Training, LLC.
 
HIPAA2
HIPAA2HIPAA2
HIPAA2
Chris Lee
 
Why Pharmacist is not allowed for Prescription drug, a thought
Why Pharmacist is not allowed for Prescription drug, a thoughtWhy Pharmacist is not allowed for Prescription drug, a thought
Why Pharmacist is not allowed for Prescription drug, a thought
Rajashri Survase Ojha
 
HIPAA Guidance on Recruitment - NIH
HIPAA Guidance on Recruitment - NIHHIPAA Guidance on Recruitment - NIH
HIPAA Guidance on Recruitment - NIH
dhainc
 
Basic HIPAA Training by CMU
Basic HIPAA Training by CMUBasic HIPAA Training by CMU
Basic HIPAA Training by CMU
Atlantic Training, LLC.
 
HIPAA Training: Privacy Review and Audit Survival Guide
HIPAA Training: Privacy Review and Audit Survival GuideHIPAA Training: Privacy Review and Audit Survival Guide
HIPAA Training: Privacy Review and Audit Survival Guide
benefitexpress
 
Highlights from ExL Pharma's 4th Clinical Billing & Research Compliance
Highlights from ExL Pharma's 4th Clinical Billing & Research ComplianceHighlights from ExL Pharma's 4th Clinical Billing & Research Compliance
Highlights from ExL Pharma's 4th Clinical Billing & Research Compliance
ExL Pharma
 
Clinical trials First Year M. Pharmacy.
Clinical trials First Year M. Pharmacy.Clinical trials First Year M. Pharmacy.
Clinical trials First Year M. Pharmacy.
Rushi Somani
 
HIGHLIGHTED: Dissemination of Patient-Specific Information from Devices by De...
HIGHLIGHTED: Dissemination of Patient-Specific Information from Devices by De...HIGHLIGHTED: Dissemination of Patient-Specific Information from Devices by De...
HIGHLIGHTED: Dissemination of Patient-Specific Information from Devices by De...
NextWorks
 
Geek Sync | Keep your Healthcare Databases Secure and Compliant
Geek Sync | Keep your Healthcare Databases Secure and CompliantGeek Sync | Keep your Healthcare Databases Secure and Compliant
Geek Sync | Keep your Healthcare Databases Secure and Compliant
IDERA Software
 
Hippa new requirement to clinical study processes
Hippa new requirement to clinical study processesHippa new requirement to clinical study processes
Hippa new requirement to clinical study processes
Kavya S
 
Getting the deal through life sciences russia 2015
Getting the deal through life sciences russia 2015Getting the deal through life sciences russia 2015
Getting the deal through life sciences russia 2015
Lidings Law Firm
 
Hipaa inservice
Hipaa inserviceHipaa inservice
Hipaa inservice
Kelly Snyder
 
HIPAA Training Basics
HIPAA Training BasicsHIPAA Training Basics
HIPAA Training Basics
secky65
 
Hipaa basics
Hipaa basicsHipaa basics
Hipaa basics
mlireton
 

More Related Content

What's hot

Hipaa rahul thore 1
Hipaa rahul thore 1Hipaa rahul thore 1
Hipaa rahul thore 1
RahulThore
 
Health Insurance and Portability and Accountability Act
Health Insurance and Portability and Accountability ActHealth Insurance and Portability and Accountability Act
Health Insurance and Portability and Accountability Act
সারন দাস
 
HIPAA for Dummies
HIPAA for DummiesHIPAA for Dummies
HIPAA for Dummies
hipaacompliance
 
HIPAA
HIPAAHIPAA
HIPAA
Paul D. Friedman, M.A., Ph.D., J.D.
 
Hipaa in clinical trails
Hipaa in clinical trailsHipaa in clinical trails
Hipaa in clinical trails
Tejaswi Reddy
 
HIPAA
HIPAAHIPAA
HIPAA
Karna *
 
Definitions according to Drug Regulatory Authority of Pakistan (DRAP medical ...
Definitions according to Drug Regulatory Authority of Pakistan (DRAP medical ...Definitions according to Drug Regulatory Authority of Pakistan (DRAP medical ...
Definitions according to Drug Regulatory Authority of Pakistan (DRAP medical ...
Arooj Abid
 
HIPAA Workforce Training by Wayne-Holmes Mental Health Recovery Board
HIPAA Workforce Training by Wayne-Holmes Mental Health Recovery BoardHIPAA Workforce Training by Wayne-Holmes Mental Health Recovery Board
HIPAA Workforce Training by Wayne-Holmes Mental Health Recovery Board
Atlantic Training, LLC.
 
HIPAA2
HIPAA2HIPAA2
HIPAA2
Chris Lee
 
Why Pharmacist is not allowed for Prescription drug, a thought
Why Pharmacist is not allowed for Prescription drug, a thoughtWhy Pharmacist is not allowed for Prescription drug, a thought
Why Pharmacist is not allowed for Prescription drug, a thought
Rajashri Survase Ojha
 
HIPAA Guidance on Recruitment - NIH
HIPAA Guidance on Recruitment - NIHHIPAA Guidance on Recruitment - NIH
HIPAA Guidance on Recruitment - NIH
dhainc
 
Basic HIPAA Training by CMU
Basic HIPAA Training by CMUBasic HIPAA Training by CMU
Basic HIPAA Training by CMU
Atlantic Training, LLC.
 
HIPAA Training: Privacy Review and Audit Survival Guide
HIPAA Training: Privacy Review and Audit Survival GuideHIPAA Training: Privacy Review and Audit Survival Guide
HIPAA Training: Privacy Review and Audit Survival Guide
benefitexpress
 
Highlights from ExL Pharma's 4th Clinical Billing & Research Compliance
Highlights from ExL Pharma's 4th Clinical Billing & Research ComplianceHighlights from ExL Pharma's 4th Clinical Billing & Research Compliance
Highlights from ExL Pharma's 4th Clinical Billing & Research Compliance
ExL Pharma
 
Clinical trials First Year M. Pharmacy.
Clinical trials First Year M. Pharmacy.Clinical trials First Year M. Pharmacy.
Clinical trials First Year M. Pharmacy.
Rushi Somani
 
HIGHLIGHTED: Dissemination of Patient-Specific Information from Devices by De...
HIGHLIGHTED: Dissemination of Patient-Specific Information from Devices by De...HIGHLIGHTED: Dissemination of Patient-Specific Information from Devices by De...
HIGHLIGHTED: Dissemination of Patient-Specific Information from Devices by De...
NextWorks
 
Geek Sync | Keep your Healthcare Databases Secure and Compliant
Geek Sync | Keep your Healthcare Databases Secure and CompliantGeek Sync | Keep your Healthcare Databases Secure and Compliant
Geek Sync | Keep your Healthcare Databases Secure and Compliant
IDERA Software
 
Hippa new requirement to clinical study processes
Hippa new requirement to clinical study processesHippa new requirement to clinical study processes
Hippa new requirement to clinical study processes
Kavya S
 
Getting the deal through life sciences russia 2015
Getting the deal through life sciences russia 2015Getting the deal through life sciences russia 2015
Getting the deal through life sciences russia 2015
Lidings Law Firm
 
Hipaa inservice
Hipaa inserviceHipaa inservice
Hipaa inservice
Kelly Snyder
 

What's hot (20)

Hipaa rahul thore 1
Hipaa rahul thore 1Hipaa rahul thore 1
Hipaa rahul thore 1
 
Health Insurance and Portability and Accountability Act
Health Insurance and Portability and Accountability ActHealth Insurance and Portability and Accountability Act
Health Insurance and Portability and Accountability Act
 
HIPAA for Dummies
HIPAA for DummiesHIPAA for Dummies
HIPAA for Dummies
 
HIPAA
HIPAAHIPAA
HIPAA
 
Hipaa in clinical trails
Hipaa in clinical trailsHipaa in clinical trails
Hipaa in clinical trails
 
HIPAA
HIPAAHIPAA
HIPAA
 
Definitions according to Drug Regulatory Authority of Pakistan (DRAP medical ...
Definitions according to Drug Regulatory Authority of Pakistan (DRAP medical ...Definitions according to Drug Regulatory Authority of Pakistan (DRAP medical ...
Definitions according to Drug Regulatory Authority of Pakistan (DRAP medical ...
 
HIPAA Workforce Training by Wayne-Holmes Mental Health Recovery Board
HIPAA Workforce Training by Wayne-Holmes Mental Health Recovery BoardHIPAA Workforce Training by Wayne-Holmes Mental Health Recovery Board
HIPAA Workforce Training by Wayne-Holmes Mental Health Recovery Board
 
HIPAA2
HIPAA2HIPAA2
HIPAA2
 
Why Pharmacist is not allowed for Prescription drug, a thought
Why Pharmacist is not allowed for Prescription drug, a thoughtWhy Pharmacist is not allowed for Prescription drug, a thought
Why Pharmacist is not allowed for Prescription drug, a thought
 
HIPAA Guidance on Recruitment - NIH
HIPAA Guidance on Recruitment - NIHHIPAA Guidance on Recruitment - NIH
HIPAA Guidance on Recruitment - NIH
 
Basic HIPAA Training by CMU
Basic HIPAA Training by CMUBasic HIPAA Training by CMU
Basic HIPAA Training by CMU
 
HIPAA Training: Privacy Review and Audit Survival Guide
HIPAA Training: Privacy Review and Audit Survival GuideHIPAA Training: Privacy Review and Audit Survival Guide
HIPAA Training: Privacy Review and Audit Survival Guide
 
Highlights from ExL Pharma's 4th Clinical Billing & Research Compliance
Highlights from ExL Pharma's 4th Clinical Billing & Research ComplianceHighlights from ExL Pharma's 4th Clinical Billing & Research Compliance
Highlights from ExL Pharma's 4th Clinical Billing & Research Compliance
 
Clinical trials First Year M. Pharmacy.
Clinical trials First Year M. Pharmacy.Clinical trials First Year M. Pharmacy.
Clinical trials First Year M. Pharmacy.
 
HIGHLIGHTED: Dissemination of Patient-Specific Information from Devices by De...
HIGHLIGHTED: Dissemination of Patient-Specific Information from Devices by De...HIGHLIGHTED: Dissemination of Patient-Specific Information from Devices by De...
HIGHLIGHTED: Dissemination of Patient-Specific Information from Devices by De...
 
Geek Sync | Keep your Healthcare Databases Secure and Compliant
Geek Sync | Keep your Healthcare Databases Secure and CompliantGeek Sync | Keep your Healthcare Databases Secure and Compliant
Geek Sync | Keep your Healthcare Databases Secure and Compliant
 
Hippa new requirement to clinical study processes
Hippa new requirement to clinical study processesHippa new requirement to clinical study processes
Hippa new requirement to clinical study processes
 
Getting the deal through life sciences russia 2015
Getting the deal through life sciences russia 2015Getting the deal through life sciences russia 2015
Getting the deal through life sciences russia 2015
 
Hipaa inservice
Hipaa inserviceHipaa inservice
Hipaa inservice
 

Viewers also liked

HIPAA Training Basics
HIPAA Training BasicsHIPAA Training Basics
HIPAA Training Basics
secky65
 
Hipaa basics
Hipaa basicsHipaa basics
Hipaa basics
mlireton
 
Bryer Leather - Card Wallet Creation Process
Bryer Leather - Card Wallet Creation Process Bryer Leather - Card Wallet Creation Process
Bryer Leather - Card Wallet Creation Process
Bryer Leather
 
Hipaa basics pp2
Hipaa basics pp2Hipaa basics pp2
Hipaa basics pp2
martykoepke
 
MichBIO_-_HIPAA__Industry-Provider_Interactions__and_Related_Compliance_Matte...
MichBIO_-_HIPAA__Industry-Provider_Interactions__and_Related_Compliance_Matte...MichBIO_-_HIPAA__Industry-Provider_Interactions__and_Related_Compliance_Matte...
MichBIO_-_HIPAA__Industry-Provider_Interactions__and_Related_Compliance_Matte...
Colin Zick
 
Personal Health Records & HIPAA
Personal Health Records & HIPAAPersonal Health Records & HIPAA
Personal Health Records & HIPAA
Margery Lynn
 
Hipaa101 updated
Hipaa101 updatedHipaa101 updated
Hipaa101 updated
kkurapat
 
HIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of ComplianceHIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of Compliance
Jay Hodes
 
HIPAA Training - 2011
HIPAA Training - 2011HIPAA Training - 2011
HIPAA Training - 2011
darichardson
 
HIPAA Basics
HIPAA BasicsHIPAA Basics
HIPAA Basics
Karna *
 
The importance of hipaa compliance and training
The importance of hipaa compliance and trainingThe importance of hipaa compliance and training
The importance of hipaa compliance and training
LaDavia Day, MHA, BS
 
What Makes Great Infographics
What Makes Great InfographicsWhat Makes Great Infographics
What Makes Great Infographics
SlideShare
 
You Suck At PowerPoint!
You Suck At PowerPoint!You Suck At PowerPoint!
You Suck At PowerPoint!
Jesse Desjardins - @jessedee
 
Masters of SlideShare
Masters of SlideShareMasters of SlideShare
Masters of SlideShare
Kapost
 
10 Ways to Win at SlideShare SEO & Presentation Optimization
10 Ways to Win at SlideShare SEO & Presentation Optimization10 Ways to Win at SlideShare SEO & Presentation Optimization
10 Ways to Win at SlideShare SEO & Presentation Optimization
Oneupweb
 
STOP! VIEW THIS! 10-Step Checklist When Uploading to Slideshare
STOP! VIEW THIS! 10-Step Checklist When Uploading to SlideshareSTOP! VIEW THIS! 10-Step Checklist When Uploading to Slideshare
STOP! VIEW THIS! 10-Step Checklist When Uploading to Slideshare
Empowered Presentations
 
How To Get More From SlideShare - Super-Simple Tips For Content Marketing
How To Get More From SlideShare - Super-Simple Tips For Content MarketingHow To Get More From SlideShare - Super-Simple Tips For Content Marketing
How To Get More From SlideShare - Super-Simple Tips For Content Marketing
Content Marketing Institute
 
How to Make Awesome SlideShares: Tips & Tricks
How to Make Awesome SlideShares: Tips & TricksHow to Make Awesome SlideShares: Tips & Tricks
How to Make Awesome SlideShares: Tips & Tricks
SlideShare
 

Viewers also liked (18)

HIPAA Training Basics
HIPAA Training BasicsHIPAA Training Basics
HIPAA Training Basics
 
Hipaa basics
Hipaa basicsHipaa basics
Hipaa basics
 
Bryer Leather - Card Wallet Creation Process
Bryer Leather - Card Wallet Creation Process Bryer Leather - Card Wallet Creation Process
Bryer Leather - Card Wallet Creation Process
 
Hipaa basics pp2
Hipaa basics pp2Hipaa basics pp2
Hipaa basics pp2
 
MichBIO_-_HIPAA__Industry-Provider_Interactions__and_Related_Compliance_Matte...
MichBIO_-_HIPAA__Industry-Provider_Interactions__and_Related_Compliance_Matte...MichBIO_-_HIPAA__Industry-Provider_Interactions__and_Related_Compliance_Matte...
MichBIO_-_HIPAA__Industry-Provider_Interactions__and_Related_Compliance_Matte...
 
Personal Health Records & HIPAA
Personal Health Records & HIPAAPersonal Health Records & HIPAA
Personal Health Records & HIPAA
 
Hipaa101 updated
Hipaa101 updatedHipaa101 updated
Hipaa101 updated
 
HIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of ComplianceHIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of Compliance
 
HIPAA Training - 2011
HIPAA Training - 2011HIPAA Training - 2011
HIPAA Training - 2011
 
HIPAA Basics
HIPAA BasicsHIPAA Basics
HIPAA Basics
 
The importance of hipaa compliance and training
The importance of hipaa compliance and trainingThe importance of hipaa compliance and training
The importance of hipaa compliance and training
 
What Makes Great Infographics
What Makes Great InfographicsWhat Makes Great Infographics
What Makes Great Infographics
 
You Suck At PowerPoint!
You Suck At PowerPoint!You Suck At PowerPoint!
You Suck At PowerPoint!
 
Masters of SlideShare
Masters of SlideShareMasters of SlideShare
Masters of SlideShare
 
10 Ways to Win at SlideShare SEO & Presentation Optimization
10 Ways to Win at SlideShare SEO & Presentation Optimization10 Ways to Win at SlideShare SEO & Presentation Optimization
10 Ways to Win at SlideShare SEO & Presentation Optimization
 
STOP! VIEW THIS! 10-Step Checklist When Uploading to Slideshare
STOP! VIEW THIS! 10-Step Checklist When Uploading to SlideshareSTOP! VIEW THIS! 10-Step Checklist When Uploading to Slideshare
STOP! VIEW THIS! 10-Step Checklist When Uploading to Slideshare
 
How To Get More From SlideShare - Super-Simple Tips For Content Marketing
How To Get More From SlideShare - Super-Simple Tips For Content MarketingHow To Get More From SlideShare - Super-Simple Tips For Content Marketing
How To Get More From SlideShare - Super-Simple Tips For Content Marketing
 
How to Make Awesome SlideShares: Tips & Tricks
How to Make Awesome SlideShares: Tips & TricksHow to Make Awesome SlideShares: Tips & Tricks
How to Make Awesome SlideShares: Tips & Tricks
 

Similar to 香港六合彩

六合彩
六合彩六合彩
六合彩
qeneqw
 
香港六合彩
香港六合彩香港六合彩
香港六合彩
shujia
 
香港六合彩
香港六合彩香港六合彩
香港六合彩
ghyvqs
 
HIPAA Privacy for Employers 101
HIPAA Privacy for Employers 101HIPAA Privacy for Employers 101
HIPAA Privacy for Employers 101
benefitexpress
 
Meeting the HIPAA Privacy Requirements
Meeting the HIPAA Privacy RequirementsMeeting the HIPAA Privacy Requirements
Meeting the HIPAA Privacy Requirements
benefitexpress
 
HIPAA Access Medical Records by Sainsbury-Wong
HIPAA Access Medical Records by Sainsbury-WongHIPAA Access Medical Records by Sainsbury-Wong
HIPAA Access Medical Records by Sainsbury-Wong
Lorianne Sainsbury-Wong
 
Solving Problems in Workplace Wellness Programs
Solving Problems in Workplace Wellness ProgramsSolving Problems in Workplace Wellness Programs
Solving Problems in Workplace Wellness Programs
HPCareer.Net / State of Wellness Inc.
 
2013 06-21 HIPPA omnibus rule
2013 06-21 HIPPA omnibus rule2013 06-21 HIPPA omnibus rule
2013 06-21 HIPPA omnibus rule
DusaElraha
 
Three Key Documents for Patient Information
Three Key Documents for Patient Information Three Key Documents for Patient Information
Three Key Documents for Patient Information
auraebeidler
 
Three key hipaa documents slide show presentation
Three key hipaa documents slide show presentationThree key hipaa documents slide show presentation
Three key hipaa documents slide show presentation
auraebeidler
 
What You Don’t Know About the HIPAA Security Rule
What You Don’t Know About the HIPAA Security RuleWhat You Don’t Know About the HIPAA Security Rule
What You Don’t Know About the HIPAA Security Rule
Cooperative of American Physicians, Inc.
 
HIPAA Lockdown: One-Hour Guide to PHI Best Practice
HIPAA Lockdown: One-Hour Guide to PHI Best PracticeHIPAA Lockdown: One-Hour Guide to PHI Best Practice
HIPAA Lockdown: One-Hour Guide to PHI Best Practice
benefitexpress
 
npp
nppnpp
npp
auraebeidler
 
Introduction to HIPAA for Healthcare Professionals by OUP
Introduction to HIPAA for Healthcare Professionals by OUPIntroduction to HIPAA for Healthcare Professionals by OUP
Introduction to HIPAA for Healthcare Professionals by OUP
Atlantic Training, LLC.
 
Hipaa
HipaaHipaa
Hipaa
teammayco
 
HIPAA Privacy Training by University of Hawaii
HIPAA Privacy Training by University of HawaiiHIPAA Privacy Training by University of Hawaii
HIPAA Privacy Training by University of Hawaii
Atlantic Training, LLC.
 
HIPAA, PHI, & 42 CFR Part 2
HIPAA, PHI, & 42 CFR Part 2HIPAA, PHI, & 42 CFR Part 2
HIPAA, PHI, & 42 CFR Part 2
Hatch Compliance, Inc.
 
HIPAA & PHI Training
HIPAA & PHI TrainingHIPAA & PHI Training
HIPAA & PHI Training
Hatch Compliance, Inc.
 
hipaa by roy.pptx
hipaa by roy.pptxhipaa by roy.pptx
hipaa by roy.pptx
SubhamRoy63
 
UHG Optum Case Competition 2018 PPT - Campus Finalists
UHG Optum Case Competition 2018 PPT - Campus FinalistsUHG Optum Case Competition 2018 PPT - Campus Finalists
UHG Optum Case Competition 2018 PPT - Campus Finalists
Bhargava Ram
 

Similar to 香港六合彩 (20)

六合彩
六合彩六合彩
六合彩
 
香港六合彩
香港六合彩香港六合彩
香港六合彩
 
香港六合彩
香港六合彩香港六合彩
香港六合彩
 
HIPAA Privacy for Employers 101
HIPAA Privacy for Employers 101HIPAA Privacy for Employers 101
HIPAA Privacy for Employers 101
 
Meeting the HIPAA Privacy Requirements
Meeting the HIPAA Privacy RequirementsMeeting the HIPAA Privacy Requirements
Meeting the HIPAA Privacy Requirements
 
HIPAA Access Medical Records by Sainsbury-Wong
HIPAA Access Medical Records by Sainsbury-WongHIPAA Access Medical Records by Sainsbury-Wong
HIPAA Access Medical Records by Sainsbury-Wong
 
Solving Problems in Workplace Wellness Programs
Solving Problems in Workplace Wellness ProgramsSolving Problems in Workplace Wellness Programs
Solving Problems in Workplace Wellness Programs
 
2013 06-21 HIPPA omnibus rule
2013 06-21 HIPPA omnibus rule2013 06-21 HIPPA omnibus rule
2013 06-21 HIPPA omnibus rule
 
Three Key Documents for Patient Information
Three Key Documents for Patient Information Three Key Documents for Patient Information
Three Key Documents for Patient Information
 
Three key hipaa documents slide show presentation
Three key hipaa documents slide show presentationThree key hipaa documents slide show presentation
Three key hipaa documents slide show presentation
 
What You Don’t Know About the HIPAA Security Rule
What You Don’t Know About the HIPAA Security RuleWhat You Don’t Know About the HIPAA Security Rule
What You Don’t Know About the HIPAA Security Rule
 
HIPAA Lockdown: One-Hour Guide to PHI Best Practice
HIPAA Lockdown: One-Hour Guide to PHI Best PracticeHIPAA Lockdown: One-Hour Guide to PHI Best Practice
HIPAA Lockdown: One-Hour Guide to PHI Best Practice
 
npp
nppnpp
npp
 
Introduction to HIPAA for Healthcare Professionals by OUP
Introduction to HIPAA for Healthcare Professionals by OUPIntroduction to HIPAA for Healthcare Professionals by OUP
Introduction to HIPAA for Healthcare Professionals by OUP
 
Hipaa
HipaaHipaa
Hipaa
 
HIPAA Privacy Training by University of Hawaii
HIPAA Privacy Training by University of HawaiiHIPAA Privacy Training by University of Hawaii
HIPAA Privacy Training by University of Hawaii
 
HIPAA, PHI, & 42 CFR Part 2
HIPAA, PHI, & 42 CFR Part 2HIPAA, PHI, & 42 CFR Part 2
HIPAA, PHI, & 42 CFR Part 2
 
HIPAA & PHI Training
HIPAA & PHI TrainingHIPAA & PHI Training
HIPAA & PHI Training
 
hipaa by roy.pptx
hipaa by roy.pptxhipaa by roy.pptx
hipaa by roy.pptx
 
UHG Optum Case Competition 2018 PPT - Campus Finalists
UHG Optum Case Competition 2018 PPT - Campus FinalistsUHG Optum Case Competition 2018 PPT - Campus Finalists
UHG Optum Case Competition 2018 PPT - Campus Finalists
 

香港六合彩

  • 1. 1 Eighth National HIPAA Summit Baltimore, MD PreConference I: HIPAA Boot Camp: The Basics of HIPAA for Providers, Health Plans, Employers and Patients Employer and Group Health Plan Issues By Gerald E. DeLoss, Esquire Barnwell Whaley Patterson & Helms, LLC Charleston, South Carolina
  • 2. 2 HIPAA and Employers • Only Certain Health Care Providers, Health Plans, and Health Care Clearinghouses Are Covered Entities • Employers Not Generally Covered Unless Fall Under Above Definitions • Caveat: Medical Information Provided to Employers and Employer Sponsored Group Health Plans
  • 3. 3 Employment Records and PHI • Definition of Protected Health Information (“PHI”) Specifically Excludes: – Employment Records Held by a Covered Entity in its Role as Employer • 45 C.F.R. § 165.501 • Example: Drug Testing or Fitness for Duty – Must be Provided to CE in Capacity as Employer – If Conducting Testing, Must Get Authorization to Transmit to HR • Example: Professional Sports Teams’ Player Information
  • 4. 4 Employer Issues • Covered Entity May Disclose to an Employer About an Employee or Workforce Member of Employer, If: – Covered Entity is a Covered Health Care Provider Who is a Member of the Employer’s Workforce or Who Provides Health Care to Employee or Member At Request of Employer to • Conduct Evaluation Relating to Medical Surveillance of Workplace; or • Evaluate Whether the Employee or Member Has a Work- Related Illness or Injury – 45 C.F.R. § 164.512(b)(v)
  • 5. 5 Employer Issues • The PHI Disclosed Concerns a Work-Related Illness or Injury or Work-Related Medical Surveillance; or • The Employer Needs Findings for OSHA Requirements; and • Notice is Provided to Employee or Member – By Giving a Copy of Notice of Privacy Practices, or – Posting of Notice if in Same Worksite • 45 C.F.R. § 164.512(b)(v)
  • 6. 6 Group Health Plan • Definition of Health Plan Includes: – Employee Welfare Benefit Plan or any Other Arrangement that is Established or Maintained for the Purpose of Offering or Providing Health Benefits to the Employees of Two or More Employers •45 C.F.R. § 160.103
  • 7. 7 Group Health Plan Group Health Plan • Means an Employee Welfare Benefit Plan (as Defined Under ERISA), Including Insured and Self-Insured Plans to Extent the Plan Provides Medical Care to Employees or Their Dependents, Directly or Through Insurance, That: – Has 50 or More Participants; or – Is Administered by a Third Party • 45 C.F.R. § 160.103
  • 8. 8 Third Party Administrators • Third Party Administrator Not Generally a Covered Entity Under HIPAA – Most Likely Considered a Business Associate of Group Health Plan • DHHS FAQ No. 365
  • 9. 9 Group Health Plan • Plan Sponsor means: – The Employer if a Single Employer; – The Employee Organization; – Where Two or More Employers or Employee Organizations, the Association, Committee, Joint Board, or Other Similar Representatives Who Establish or Maintain the Plan • 29 U.S.C. § 1002(16)(B)
  • 10. 10 Group Health Plan as Small Health Plan • Many Group Health Plans Fall Under Definition of Small Health Plan – Means a Health Plan with Annual Receipts of $5 Million or Less • Small Health Plan Compliance Deadline is April 14, 2004 – 45 C.F.R. § 164.534(b)
  • 11. 11 Group Health Plan – Flexible Spending Accounts/Cafeteria Plans • According to DHHS: – To the Extent That a Flexible Spending Account or a Cafeteria Plan Meets Definition of an Employee Welfare Benefit Plan Under ERISA and Pays for Medical Care, It Is a Group Health Plan – Unless It Has Fewer Than 50 Participants and Is Self-administered •DHHS FAQ No. 421
  • 12. 12 Group Health Plan – Flexible Spending Accounts/Cafeteria Plans • FSA or Cafeteria Plan Could Be Considered Group Health Plan – Fully Insured or Self Insured? – Summary Health Information or PHI? – To Extent Qualifies, Must Satisfy Group Health Plan Requirements
  • 13. 13 Group Health Plan • Business Associate Requirements – Generally Covered Entity may Only Disclose to a Business Associate PHI, or Allow Business Associate to Create or Receive PHI, if Agreement – Requirement Does Not Apply to Disclosures by a Group Health Plan or Insurer, to the Plan Sponsor if Other Requirements Met • 45 C.F.R. § 164.504(f)
  • 14. 14 Disclosures for Group Health Plan • To Disclose PHI to Plan Sponsor or • To Permit Health Insurer or HMO to Disclose PHI to Plan Sponsor • Must Ensure Plan Documents Restrict Uses and Disclosures •45 C.F.R. § 164.504(f)(1)(i)
  • 15. 15 Disclosures for Group Health Plan • Group Health Plan, Insurer, or HMO May Disclose Summary Health Information to Plan Sponsor for – Obtaining Premium Bids From Health Plans for Providing Health Insurance under Group Plan – Modifying, Amending, or Terminating the Group Health Plan • Group Health Plan or Insurer or HMO May Disclose Enrollment Information to Plan Sponsor • 45 C.F.R. § 164.504(f)(1)(ii), (iii)
  • 16. 16 Disclosures for Group Health Plan • Summary Health Information – Summarizes Claims History, Claims Expenses, or Types of Claims Experienced by Individuals for Whom the Plan Sponsor Provided Benefits Under the Group Health Plan – Must Exclude Most Identifying Features, But Not Truly De-Identified • Geographic Information May be Aggregated to 5 digit Zip Code Level – 45 C.F.R. § 164.504(a)
  • 17. 17 Disclosures for Group Health Plan • Amendment of Plan Documents – Permitted and Required Uses and Disclosures – Certification by Plan Sponsor: • Not Further Use or Disclose PHI • Subcontractors Comply • NOT Use or Disclose for Employment Decisions • Report Any Breach • Make PHI Available for Access, Amendment & Accounting • Make Records Available for Investigation • Return or Destroy PHI – 45 C.F.R. § 164.504(f)(2)(i), (ii)
  • 18. 18 Disclosures for Group Health Plan • Adequate Separation Between Group Health Plan and Plan Sponsor – Plan Sponsor Employees Who Will Access – Only for Plan Administration Functions – Mechanism for Complaints/Noncompliance – 45 C.F.R. § 164.504(f)(2)(iii)
  • 19. 19 Group Health Plan Uses and Disclosures • Group Health Plan May: – Disclose PHI to Plan Sponsor for Plan Administration Functions Consistent with Above – Not Permit an Insurer or HMO to Disclose PHI to Plan Sponsor Except as Provided Above – Not Disclose or Permit Insurer or HMO to Disclose PHI to Plan Sponsor Unless in Notice of Privacy Practices – Not Disclose PHI to Plan Sponsor for Employment Related Actions – 45 C.F.R. § 164.504(f)(3)
  • 20. 20 Group Health Plan – Other Uses or Disclosures 45 C.F.R. § 164.506(a) • Use and Disclosure for Treatment, Payment, and Health Care Operations (“TPO”) – Covered Entity Generally May Use and Disclose PHI for TPO – No Consent – Now Notice of Privacy Practices – Treatment • Use or Disclose to Any Provider – Payment • Use or Disclose Minimum Necessary to Any Other
  • 21. 21 Group Health Plan -- Other Uses or Disclosures 45 C.F.R. § 164.501 • Health Care Operations – Quality Assurance Activities • Quality Assessment and Guidelines, Case Mgmt. – Professional Competency Activities • Accreditation, Credentialing, Licensing – Insurance Activities • Underwriting, Premium Rating – Compliance Activities • Fraud and Abuse Compliance – Business Activities • Legal, Auditing, Business Planning, Sale of Practice
  • 22. 22 Group Health Plan – Other Uses or Disclosures 45 C.F.R. § 164.514 • De-Identified Information – Not PHI – May Statistically Determine That PHI has Been De-Identified •Qualified Individual Offer Professional Conclusion •Mathematically Not Identifiable
  • 23. 23 Group Health Plan – Other Uses or Disclosures • De-Identified Information Safe Harbor – Names – Geographic Subdivisions – Dates – Telephone Numbers – Facsimile Numbers – Email Address – Social Security Numbers – Medical Record Numbers – Health Plans Numbers
  • 24. 24 Group Health Plan – Other Uses or Disclosures • De-Identified Information Safe Harbor – Account Numbers – License Numbers – Vehicle Identifiers – Device Identifiers – URLs – Internet Addresses – Biometric – Finger and Voice Prints – Facial Photographs – Etc.
  • 25. 25 Authorization 45 C.F.R. § 164.508 • Elements – Meaningful Description of PHI – Identify Entities or Class Disclosing – Identify Entities or Class Receiving – Purpose – Expiration Date or Event – Individual’s Rights – Revocation – Marketing = Remuneration – Dated and Signed
  • 26. 26 Authorization • Typically Cannot Condition Treatment Upon Execution • Allowed to Condition if for Third Party – Fitness for Duty, etc. • Health Plan May Condition for Underwriting or Risk Rating • Provider May Condition for Research
  • 27. 27 Authorization • Psychotherapy Notes Require • Marketing Requires • Research Typically Requires • Any Use or Disclosure Not Addressed by the Rule
  • 28. 28 Other Uses or Disclosures Requiring Opportunity to Object 45 C.F.R. § 510 • Covered Entity may Use or Disclose PHI in Limited Situations Based Upon Informal Permission • Disclose to Family Members, Relatives, Individuals Identified Who Are Involved in Care or Treatment • Use or Disclose for Facility Directory to Anyone Asking for by Name, Clergy
  • 29. 29 Opportunity to Object • Permission in Advance • No Documentation Required • If Emergency, May Disclose to Those Involved in Care, if Professional Judgment Exercised • Covered Entity May Release X-Rays, Rxs, Supplies to Person Acting on Individual’s Behalf, if Professional Judgment
  • 30. 30 Other Uses or Disclosures Without Opportunity to Object 45 C.F.R. § 164.512 • Covered Entity Must Verify Identity of Requester and Authority • Where Required by Law • Public Health Activities – Reporting Disease – Reporting Vital Statistics – Reporting to FDA – Reporting to Employer – Reporting Communicable Diseases
  • 31. 31 Disclosures Without Objection • Victims of Abuse, Neglect, or Domestic Violence – Reasonably Believes and Required/Allowed by Law – No Consent or Notification From/to Individual if Danger – Notice to Personal Representative Unless Harm
  • 32. 32 Disclosures Without Objection • Health Oversight Activities – Audits – Civil or Criminal Investigations – Not Where Individual’s Health is at Issue
  • 33. 33 Disclosures Without Objection • Law Enforcement – Where Required by Law – Information Must be Relevant – Minimum Necessary Disclosed
  • 34. 34 Disclosures Without Objection • Decedents – Disclose to Coroners, Medical Examiners, and Funeral Directors to Carry out Duties • Organ, Eye, or Tissue Donation – Use or Disclose PHI to Procurement Organizations
  • 35. 35 Disclosures Without Objection • Research Purposes – Must Satisfy Conditions With Respect to IRB Waiver • To Avert Serious Threat to Public • Certain Specialized Governmental Functions: National Security, VA, Military, Secret Service • Workers Compensation Act
  • 36. 36 Disclosures to Attorneys • Subpoenas – Notice and Opportunity to Object or Move for Qualified Protective Order (“QPO”) – QPO Not a Good Choice •Would Appear to Require Return or Destruction •No “Not Feasible” Language in the Order
  • 37. 37 Subpoenas • Proposed Procedure – Notice Letter to Patient/Patient’s Attorney •Allow for Reasonable Time (14 Days) to File Objection •Dispute Over Notice to Attorney Only? – Upon Conclusion of Time Period Send Subpoena, Copy of Notice Letter, and Cover Letter to Covered Entity •One Package, Not Waiting on Objections
  • 38. 38 Group Health Plan Notice of Privacy Practices • Individual Enrolled in a Group Health Plan Has Right to Notice: – From Group Health Plan if no Insurer of HMO, i.e., Self Insured – From Insurer or HMO if Fully Insured – 45 C.F.R. § 164.520(a)(2)
  • 39. 39 Group Health Plan Notice of Privacy Practices • Group Health Plan Which is Fully Insured and Creates or Receives PHI Above and Beyond Summary Health Information and/or Enrollment/Disenrollment, Must: – Maintain Notice of Privacy Practices – Provide Notice Upon Request • If Group Health Plan is Fully Insured and Only Summary Health Information, Then No Notice Required •45 C.F.R. § 164.520(a)(2)
  • 40. 40 Group Health Plan Administrative Requirements • Group Health Plan Which is Fully Insured and Creates or Receives Only Summary Health Information and/or Enrollment/Disenrollment Has Only Limited Administrative Obligations •45 C.F.R. § 164.530(k)(1)
  • 41. 41 Group Health Plan Administrative Requirements • Fully Insured Group Health Plan Not Required to: – Designate Privacy Officer – Train Workforce – Implement Safeguards – Complaint Process – Sanctions for Workforce – Mitigate Violations – Implement Policies and Procedures – Only Maintain Documentation of Amended Plan Documents – 45 C.F.R. § 164.530(k)(1),(2)
  • 42. 42 Group Health Plan Personal Rights • Privacy Rule Does Not Explicitly Exclude Group Health Plans Which Are Fully Insured and Receive Only Summary Health Information From Personal Rights Obligations – Access, Amendment, Accounting, Restrictions, Confidential Communications – Guidance States Are Excluded •65 Fed. Reg. 82645 (December 28, 2000)
  • 43. 43 Access to PHI 45 C.F.R. § 164.524 • Individual Has Right of Access and Inspection • No Right to Psychotherapy Notes, Information Compiled for Legal Proceeding, or Exempt Under CLIA • May Deny Without Review if For Above, if For Inmate, if During Research, if Under Privacy Act, or if Obtained From Another Party
  • 44. 44 Right of Access • Must Provide Review if Refused Due to Endangerment, Due to Mention Another Person, or if Access by Personal Representative a Danger • Response to Request Within 30 Days + 30 Day Extension • If Reasonable, Must be in Requested Format or Summary if Acceptable; Cost-based Fee
  • 45. 45 Denial of Access • Provide Access to Non-Objectionable PHI • Written Denial, in Plain Language, of Basis and Complaint Process • Notify Individual of Location if Not With Covered Entity
  • 46. 46 Right to Amendment 45 C.F.R. § 164.526 • Individual May Request Amendment to PHI • Covered Entity May Deny if Not Its Record, Not Available for Access, or if Accurate • Covered Entity May Require That in Writing and Provide Reason • 60 Day Time Limit + 30 Day Extension
  • 47. 47 Acceptance of Amendment • Covered Entity Must Amend/Append Record • Covered Entity Must Notify Individual • Covered Entity Must Notify Third Parties and Business Associates of Amendment
  • 48. 48 Denial of Amendment • Must Provide Individual With Written Denial • Provide Individual to Submit Statement in Disagreement • Copies Sent Out to Third Parties • Covered Entity May Submit Rebuttal Statement
  • 49. 49 Accounting of Disclosures 45 C.F.R. § 164.528 • Right to Listing of Disclosures During Prior 6 Years, or Less if Specified • Excluded – For TPO – To Individuals – Incidental Disclosures – If Authorization – For Facility Directory or Care or Notification – National Security or Law Enforcement – Prior to April 14, 2003
  • 50. 50 Providing the Accounting • Date of Disclosure • Name of Party Receiving • Description of PHI • Brief Statement of Purpose for Disclosure or Copy of the Request • 60 Day Time Limit + 30 Day Extension
  • 51. 51 Request for Restriction on Use or Disclosure of PHI 45 C.F.R. § 164.522(a) • Request for Restrictions on Any Aspect • Covered Entity Need Not Comply with Request • If Agree, Then may Not Disclose Except in Emergency – Must Obtain Assurance from Recipient That Will Not Further Disclose – Not a Bar to Disclosures for Facility Directory • May Terminate Orally if Documented and Post-PHI Only
  • 52. 52 Confidential Communications 45 C.F.R. § 164.522(b) • Individual May Request Alternate or Confidential Communications – Binding Upon Covered Entity if Reasonable • Providers May Not Request Reason • Health Plans May Request Reason and Only Comply if Endanger Individual • May Require Payment Arrangements
  • 53. 53 Conclusion • Non-Health Care Employers Still May Be Caught Up in HIPAA – Obtaining Health Information from Covered Entities – Group Health Plans • Necessary for All Interested Parties to Learn of the Promise and Pitfalls of the Privacy Rule
  • 54. 54 Conclusion/Questions • Gerald “Jud” E. DeLoss • Barnwell Whaley Patterson & Helms, LLC • 885 Island Park Drive (29492) • Post Office Drawer H • Charleston, South Carolina 29402 • (843) 577-7700 Telephone • (843) 577-7708 Facsimile • gdeloss@barnwell-whaley.com • www.barnwell-whaley.com