3. Health Insurance
Portability and
Accountability Act (HIPAA)
Privacy and Security
regulations for healthcare
information
Enforcement and penalties
Criminal or civil lawsuit
Harmful intent (HIPAA training
handbook, 2003).
4. Confidential Patient Health Records
Health care professionals in any discipline are morally
bound to keep confident patient information.
All health disciplines have a code of ethics and
confidentiality is a component.
Medical charts, electronic charts, staff verbal reports,
and patient self-disclosure are PHI (Petros &
Theodoros, 2012).
Patient’s may give consent to share their health
information with specified persons, physicians,
insurers or agencies for continuity of care.
A patient with a guardian, must present paperwork for
the chart and is authorized access to any PHI (HIPAA
training handbook, 2003).
5. Security Measures
• Patient reports are conducted in a closed room
• Computer screens are never left open to
patient data
• Conversations with patient need to be in a
private area
• Never e-mail patient information
• Never open a chart out of curiosity
• If patients are admitted under a code name
do not try to discern the real identity
6. What is an Authorized Access
Providers for continuity of care
FDA reports in the event of broken devices
Police can request patient data for a
criminal investigation
The Court can order patient information
access for certain parties
Healthcare professionals must report
suspicious presentation; gunshot victim,
abuse
7. References
HIPAA training handbook for the behavioral health staff: An
introduction to confidentiality an privacy under
HIPAA (2003). HCPro, Inc. Marblehead, MA. Petros, O. &
Theodoros, C. (2012, January-April). The Confidentiality of
“Medical Secrets" of Patients by the Nursing Staff.
International Journal of Caring Sciences 3(1) p. 1-2.
Retrieved from ProQuest Central
http://search.proquest.com/docview/1114167159?a
ccountid=32521
Editor's Notes
This training will review the expectation and mandates for confidentiality, privacy and security of patient health records. You will learn what is protected health information and your access. You will learn the legal ramifications of breaching the information. You will learn the organizations policies and procedures. At the end of the training you will be given a handbook and will complete the signature page which will become part of your employee file in human resources. You are expected to complete an annual training update.
Legally protected health information (PHI), must be protected without any unauthorized disclosureProtecting patient privacy is every employees responsibilityKnow the confidentiality, privacy and security policiesAll Employees will be held accountableAll PHI is on a need to know, if you are not scheduled to work with a patient; you do not need to know.
Fines are up to $100.00 per each unintentional abuse or breachCuriosity is considered an intentional breach of privacy and can cause the agency to incur a civil or criminal lawsuit or fine. Fines can be imposed to you the employee. Jail time is also a possible consequence Intentionally violating HIPAA is up to a year in jailFines can yield $50,000Intentionally sharing or selling PHI can lead to a 10-year jail term or a fine of $250,000(HIPAA training handbook, 2003).
Health information obtained during employment is PHI and may not be shared with any unauthorized person. Since the first Hippocratic pledge, over two thousand years ago, physicians and medical personnel have an expectation of keeping medical secrets. The Florence Nightingale pledge, for nurses, indicates they are to keep secret family and personal information learned through employment duties. Sharing PHI is acceptable when a patient or guardian gives written authorization (Petros & Theodoros, 2012).
Computer screens should not be left visible, if staff leaves the computer station, close the document and reopen when returning to the workstation.
Always know your agencies policies and if there is a designated contact person or department for reporting abuse, disease, criminal suspects, suspicious victims, and health departments. Consult the organizations legal representation if there is any doubt.