This document provides an overview of confidentiality and security training requirements under HIPAA. It defines protected health information as any patient information regarding their health status, care, or payments. The HIPAA Privacy Rule aims to protect the privacy of individually identifiable health information and requires covered entities to obtain patient consent before disclosing health information. The HIPAA Security Rule establishes standards for safeguarding electronic protected health information and defines different penalty levels for violations. All employees must complete training at hire and annually through an online computerized system.

1. CONFIDENTIALITY & SECURITY TRAININGLinda WalterMHA 690 Instructor - Dr. Jeanette PeckJune 9, 2011

2. IntroductionHIPAA Definition

3. HIPAA Privacy Rule Overview

4. What is Protected Health Information (PHI)

5. HIPAA Security Rule Overview

6. Who is Required to Train?

7. How Often is Training Required?Health Insurance Portability and Accountability Act (HIPAA)In 1996, Congress passed the HIPAA Public Law 104-191. HIPAA required Health and Human Services (HHS) to establish – with far-reaching implications and consequences – new guidelines, key principles, and national standards for the handling of electronic healthcare, applicable to everyone working within the US healthcare system (Wolper, 2011, p. 389).

8. HIPAA Privacy OverviewIntended to protect the privacy of all individually identifiable health information created or held by covered entities, regardless of whether it is or ever has been in electronic form.

9. Includes paper records and oral communications.

10. Must maintain documentation of their policies and procedures for complying with the standards,

11. Must include a statement of who has access to protected health information, how it is used within the covered entity, and when it would or would not be disclosed to other entities.

12. Providers must obtain a patient's consent for the disclosure or use of the patient's health information, even for treatment, payment, and health care operations purposes. What is Protected Health Information (PHI) ?Protected Health information is any information about a patients health status, the patients care, or any patient information about payments of his care. PHI is any information about the patient.

13. HIPAA Security Rule OverviewFinal component of HIPAA

14. Deals with protection of identifiable health information

15. Inadvertent disclosure of identifiable health information

16. Deliberate misuse of identifiable health information

17. Established standards and regulations for healthcare providers on required procedures ensuring administrative safeguards

18. There are different levels of penalties for violationsWho is Required to Train?All employees at all levels

19. How Often is Training required?Training is required at date of hire

20. Training is required yearly

21. Training will be completed on the internet computerized training education siteREFERENCESTan, J. and Payton, F. (2010). Adaptive health management information systems: concepts, cases, and practical applications (3rd ed.). Sudbury, Massachusetts. Jones and Bartlett Publishers.

22. U.S. Department of Health and Human Services . Retrieved June 9, 2011 from http://www.ihs.gov/AdminMngrResources/HIPAA/index.cfm?module=privacy_standards.

23. Wolper, L. (2011). Health care administration managing organized delivery systems (Fifth Edition). Sudbury, Massachusetts, Jones and Bartlett Publishers.