The document discusses patient privacy regulations under HIPAA. It notes that HIPAA protects individually identifiable health information and gives patients rights over this information. It advises healthcare workers to only access information needed to treat patients or help them within the system. Workers are warned that accessing unnecessary information could jeopardize their careers and put their organizations at risk of penalties up to $1.5 million per violation if information is improperly disclosed. The key takeaway is that healthcare workers should only access information they need and not put themselves or their employers at risk of HIPAA violations.

1. S
Do I need to Know??
Patient Privacy in the Healthcare Environment

2. HIPPA
S The HIPAA Privacy Rule provides federal protections for
individually identifiable health information held by covered
entities and their business associates and gives patients
an array of rights with respect to that information. At the
same time, the Privacy Rule is balanced so that it permits
the disclosure of health information needed for patient
care and other important purposes.*
S *http://www.hhs.gov/ocr/privacy/hipaa/understanding/index.html

3. What does that mean to me?
S Ask these Questions!
S Do I need to know this to treat the patient?
S Do I need to know the history to help the patient within the
system (billing, insurance, follow-up, etc.).
S If I do obtain information (legitimately or accidentally), can I
keep it a secret? (If not, rethink your career path).

4. What does this mean to the
organization?
S Ask these questions!
S If I obtain information not relevant to my job and it is discovered, how is the
organization put at jeopardy?
S If this information becomes available to the media, how will that effect the reputation
and financial viability of the organization?
S HIPPA violations*:
S As part of the final rule, the maximum penalty for a HIPAA violation comes to $1.5
million while the assessed penalty relates to the level of culpability characterizing the
violation. This includes:
S When the covered entity or business associate is unaware of the violation and would
not have known of the violation by exercising reasonable due diligence, a civil penalty of
$100 to $50,000 per violation could be distributed.
S If reasonable cause leads to a violation, the civil penalty could come to $1,000 to
$50,000 for each violation.
S Following a violation of willful neglect that has been corrected within 30 days of
discovery, a civil penalty could total $10,000 to $50,000 per violation.
S For a violation of willful neglect that was not correctly addressed within the required time
frame, the civil penalty could be $50,000 to $1.5 million per violation.
*http://www.benefitspro.com/2013/04/09/hhs-toughens-hipaa-violation-penalties

5. What will happen to me?
S You will get caught.
S You will get caught.
S You will get caught.

6. What will happen to me?
SYou will be fired.
SYou will be fired.
SYou will be fired.
S Please do not put your superiors in this position!!!

7. Take Aways
S This is a simple rule.
S If you do not need to know…do not look!