SlideShare a Scribd company logo

HIPAA and FDCPA Compliance for Process Servers

Download as PPTX, PDF
Lawgical
Lawgical

This document provides an overview of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule and the Fair Debt Collection Practices Act (FDCPA). It summarizes that HIPAA establishes national standards for protecting individuals' personal health information and applies to health plans, providers, and clearinghouses. It also notes that the FDCPA aims to eliminate abusive debt collection practices and applies to debt collectors. Violations of these acts that could affect the reader are discussed.

Business
1 of 44
HIPAA & FDCPA HOW DO THESE ACTS EFFECT ME This presentation is a summary of HIPAA and FDCPA and not a complete and comprehensive guide to compliance. In the event of a conflict between this summary and the Rule, the Rule governs.
SUMMARY OF THE HIPAA PRIVACY RULE • The Standards for Privacy of Individually Identifiable Health Information (“Privacy Rule”) establishes, for the first time, a set of national standards for the protection of certain health information.
SUMMARY OF THE HIPAA PRIVACY RULE • The U.S. Department of Health and Human Services (“HHS”) issued the Privacy Rule to implement the requirement of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).
SUMMARY OF THE HIPAA PRIVACY RULE • A major goal of the Privacy Rule is to assure that individuals’ health information is properly protected while allowing the flow of health information needed to provide and promote high quality health care and to protect the public's health and well being.
SUMMARY OF THE HIPAA PRIVACY RULE • The Privacy Rule standards address the use and disclosure of individuals’ health information - called “protected health information” by organizations subject to the Privacy Rule – called “covered entities,”
Statutory & Regulatory Background • The Health Insurance Portability and Accountability Act of 1996 (HIPAA), Public Law 104-191, was enacted on August 21, 1996. Sections 261 through 264 of HIPAA require the Secretary of HHS to publicize standards for the electronic exchange, privacy and security of health information. Collectively these are known as the Administrative Simplification provisions.
Statutory & Regulatory Background • HIPAA required the Secretary to issue privacy regulations governing individually identifiable health information, if Congress did not enact privacy legislation within three years of the passage of HIPAA. • Because Congress did not enact privacy legislation, HHS developed a proposed rule and released it for public comment on November 3, 1999. • In March 2002, the Department proposed and released for public comment modifications to the Privacy Rule.
Who is Covered by the Privacy Rule • Health Plans. Individual and group plans that provide or pay the cost of medical care are covered entities.
Who is Covered by the Privacy Rule • Health Plans. Individual and group plans that provide or pay the cost of medical care are covered entities. • Include, health, dental, vision, prescription drug insurers, HMOs, Medicare, Medicaid, etc.
Who is Covered by the Privacy Rule • Health Care Providers. Every health care provider, regardless of size, who electronically transmits health information in connection with certain transactions, is a covered entity.
Who is Covered by the Privacy Rule • Health care providers include all “providers of services” (e.g., institutional providers such as hospitals) and “providers of medical or health services” (e.g., non-institutional providers such as physicians, dentists and other practitioners) as defined by Medicare, and any other person or organization that furnishes, bills, or is paid for health care.
Who is Covered by the Privacy Rule • Health Care Clearinghouses. Health care clearinghouses are entities that process nonstandard information they receive from another entity into a standard (i.e., standard format or data content), or vice versa. • Health care clearinghouses include billing services, repricing companies, community health management information systems, and value-added networks and switches if these entities perform clearinghouse functions
Business Associates • Business Associate Defined. In general, a business associate is a person or organization, other than a member of a covered entity's workforce, that performs certain functions or activities on behalf of, or provides certain services to, a covered entity that involve the use or disclosure of individually identifiable health information.
Business Associates • Business associate functions or activities on behalf of a covered entity include claims processing, data analysis, utilization review, and billing. Business associate services to a covered entity are limited to legal, actuarial, accounting, consulting, data aggregation, management, administrative, accreditation, or financial services.
Business Associates • However, persons or organizations are not considered business associates if their functions or services do not involve the use or disclosure of protected health information, and where any access to protected health information by such persons would be incidental, if at all.
Business Associates Contract • When a covered entity uses a contractor or other non-workforce member to perform "business associate" services or activities, the Rule requires that the covered entity include certain protections for the information in a business associate agreement
Business Associates Contract • In the business associate contract, a covered entity must impose specified written safeguards on the individually identifiable health information used or disclosed by its business associates
What Information is Protected • The Privacy Rule protects all "individually identifiable health information" held or transmitted by a covered entity or its business associate, in any form or media, whether electronic, paper, or oral. • The Privacy Rule calls this information "protected health information (PHI)
What Information is Protected • “Individually identifiable health information” is information, including demographic data, that relates to: • the individual’s past, present or future physical or mental health or condition • the provision of health care to the individual, or • the past, present, or future payment for the provision of health care to the individual
What Information is Protected • Any information which identifies the individual or for which there is a reasonable basis to believe can be used to identify the individual. • Individually identifiable health information includes many common identifiers (e.g., name, address, birth date, Social Security Number).
What Information is Protected • The Privacy Rule excludes from protected health information employment records that a covered entity maintains in its capacity as an employer and education and certain other records subject to, or defined in, the Family Educational Rights and Privacy Act, 20 U.S.C. §1232g.
General Principle for Uses and Disclosures • Basic Principle. A major purpose of the Privacy Rule is to define and limit the circumstances in which an individual’s protected heath information may be used or disclosed by covered entities. A covered entity may not use or disclose protected health information, except either: • (1) as the Privacy Rule permits or requires; or • (2) as the individual who is the subject of the information (or the individual’s personal representative) authorizes in writing
Limiting Uses and Disclosures to the Minimum Necessary • Reasonable Reliance. Similarly, a covered entity may rely upon requests as being the minimum necessary protected health information from: • a professional (such as an attorney or accountant) who is the covered entity’s business associate, seeking the information to provide services to or for the covered entity;
Data Safeguards • A covered entity must maintain reasonable and appropriate administrative, technical, and physical safeguards to prevent intentional or unintentional use or disclosure of protected health information in violation of the Privacy Rule and to limit its incidental use and disclosure pursuant to otherwise permitted or required use or disclosure
Complaints • A covered entity must have procedures for individuals to complain about its compliance with its privacy policies and procedures and the Privacy Rule. The covered entity must explain those procedures in its privacy practices notice.72 • Among other things, the covered entity must identify to whom individuals can submit complaints to at the covered entity and advise that complaints also can be submitted to the Secretary of HHS.
State Law • Preemption. In general, State laws that are contrary to the Privacy Rule are preempted by the federal requirements, which means that the federal requirements will apply. “Contrary” means that it would be impossible for a covered entity to comply with both the State and federal requirements, or that the provision of State law is an obstacle to accomplishing the full purposes and objectives of the Administrative Simplification provisions of HIPAA.
Criminal Penalties • A person who knowingly obtains or discloses individually identifiable health information in violation of HIPAA faces a fine of $50,000 and up to one-year imprisonment. The criminal penalties increase to $100,000 and up to five years imprisonment if the wrongful conduct involves false pretenses, and to $250,000
THE FAIR DEBT COLLECTION PRACTICES ACT • It is the purpose of this title to eliminate abusive debt collection practices by debt collectors, to insure that those debt collectors who refrain from using abusive debt collection practices are not competitively disadvantaged, and to promote consistent State action to protect consumers against debt collection abuses.
THE FAIR DEBT COLLECTION PRACTICES ACT • The term “debt collector” means any person who uses any instrumentality of interstate commerce or the mails in any business the principal purpose of which is the collection of any debts, or who regularly collects or attempts to collect, directly or indirectly, debts owed or due or asserted to be owed or due another.
THE FAIR DEBT COLLECTION PRACTICES ACT • The term does not • any person while serving or attempting to serve legal process on any other person in connection with the judicial enforcement of any debt;
THE FAIR DEBT COLLECTION PRACTICES ACT • Consumer” defined • For the purpose of this section, the term “consumer” includes the consumer’s spouse, parent (if the consumer is a minor), guardian, executor, or administrator.
FDCPA VIOLATION TRIGGER(S) • 805. Communication in connection with debt collection • if the debt collector knows the consumer is represented by an attorney with respect to such debt Communication with third parties
FDCPA VIOLATION TRIGGER(S) • 806. Harassment or abuse • The use or threat of use of violence or other criminal means to harm the physical person, reputation, or property of any person. • The use of obscene or profane language or language the natural consequence of which is to abuse the hearer or reader.
FDCPA VIOLATION TRIGGER(S) • 806. Harassment or abuse • Causing a telephone to ring or engaging any person in telephone conversation repeatedly or continuously with intent to annoy, abuse, or harass any person at the called number.
FDCPA VIOLATION TRIGGER(S) • 807. False or misleading representations • The threat to take any action that cannot legally be taken or that is not intended to be taken. • The use of any business, company, or organization name other than the true name of the debt collector’s business, company, or organization.
FDCPA VIOLATION TRIGGER(S) • 811. Legal actions by debt collectors • Venue - Any debt collector who brings any legal action on a debt against any consumer shall— • (1) in the case of an action to enforce an interest in real property securing the consumer’s obligation, bring such action only in a judicial district or similar legal entity in which such real property is located; or
FDCPA VIOLATION TRIGGER(S) • 811. Legal actions by debt collectors • (2) in the case of an action not described in paragraph (1), bring such action only in the judicial district or similar legal entity - • (A) in which such consumer signed the contract sued upon; or • (B) in which such consumer resides at the commencement of the action.
FDCPA VIOLATION TRIGGER(S) • 813. Civil liability • Amount of damages • Except as otherwise provided by this section, any debt collector who fails to comply with any provision of this title with respect to any person is liable to such person in an amount equal to the sum of - • (1) any actual damage sustained by such person as a result of such failure;
FDCPA VIOLATION TRIGGER(S) • 813. Civil liability • (2) (A) in the case of any action by an individual, such additional damages as the court may allow, but not exceeding $1,000; or • (B) in the case of a class action, • (i) such amount for each named plaintiff as could be recovered under subparagraph (A), and
FDCPA VIOLATION TRIGGER(S) • 813. Civil liability • (ii) such amount as the court may allow for all • other class members, without regard to a minimum • individual recovery, not to exceed the • lesser of $500,000 or 1 per centum of the net • worth of the debt collector;
FDCPA VIOLATION TRIGGER(S) • 813. Civil liability • (3) in the case of any successful action to enforce the foregoing liability, the costs of the action, together with a reasonable attorney’s fee as determined by the court. On a finding by the court that an action under this section was brought in bad faith and for the purpose of harassment, the court may award to the defendant attorney’s fees reasonable in relation to the work expended and costs.
HOW CAN THIS AFFECT ME • HIPAA does not apply to process serves • FDCPA exempts process servers • Why bore me with the mess, I seem protected
HOW CAN THIS AFFECT ME • Term “You” meaning you, your company, your administrative staff or your process server(s)
HOW CAN THIS AFFECT ME • HIPPA violations made against you to your client • FDCPA violations made against you • Discussion

Recommended

Hipaa,obra ariz
Hipaa,obra arizHipaa,obra ariz
Hipaa,obra arizAriz Krizia
 
Hippa training v2
Hippa training v2Hippa training v2
Hippa training v2Suzanne Guggenheim
 
Data Management Protection Acts
Data Management Protection ActsData Management Protection Acts
Data Management Protection ActsJoseph White MPA CPM
 
Health insurance portability and act(hipaa)2
Health insurance portability and act(hipaa)2Health insurance portability and act(hipaa)2
Health insurance portability and act(hipaa)29535814851
 
HIPAA Compliance
HIPAA ComplianceHIPAA Compliance
HIPAA ComplianceManny Oliverez
 
Hipaa
HipaaHipaa
Hipaabelziebub
 
Week 1 discussion 2 hipaa and privacy training
Week 1 discussion 2 hipaa and privacy trainingWeek 1 discussion 2 hipaa and privacy training
Week 1 discussion 2 hipaa and privacy trainingvrgill22
 
What’s Up eDoc?: A Health IT Privacy Primer
What’s Up eDoc?: A Health IT Privacy PrimerWhat’s Up eDoc?: A Health IT Privacy Primer
What’s Up eDoc?: A Health IT Privacy PrimerMaRS Discovery District
 

Recommended

Hipaa,obra ariz
Hipaa,obra arizHipaa,obra ariz
Hipaa,obra arizAriz Krizia
 
Hippa training v2
Hippa training v2Hippa training v2
Hippa training v2Suzanne Guggenheim
 
Data Management Protection Acts
Data Management Protection ActsData Management Protection Acts
Data Management Protection ActsJoseph White MPA CPM
 
Health insurance portability and act(hipaa)2
Health insurance portability and act(hipaa)2Health insurance portability and act(hipaa)2
Health insurance portability and act(hipaa)29535814851
 
HIPAA Compliance
HIPAA ComplianceHIPAA Compliance
HIPAA ComplianceManny Oliverez
 
Hipaa
HipaaHipaa
Hipaabelziebub
 
Week 1 discussion 2 hipaa and privacy training
Week 1 discussion 2 hipaa and privacy trainingWeek 1 discussion 2 hipaa and privacy training
Week 1 discussion 2 hipaa and privacy trainingvrgill22
 
What’s Up eDoc?: A Health IT Privacy Primer
What’s Up eDoc?: A Health IT Privacy PrimerWhat’s Up eDoc?: A Health IT Privacy Primer
What’s Up eDoc?: A Health IT Privacy PrimerMaRS Discovery District
 
HIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of ComplianceHIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of ComplianceJay Hodes
 
HIPPA Security Presentation
HIPPA Security PresentationHIPPA Security Presentation
HIPPA Security PresentationRebecca Norman
 
Hipaa basics pp2
Hipaa basics pp2Hipaa basics pp2
Hipaa basics pp2martykoepke
 
What is hipaa
What is hipaaWhat is hipaa
What is hipaadigitalpractice
 
Health Insurance Portability and Accountability Act (HIPPA) - Kloudlearn
Health Insurance Portability and Accountability Act (HIPPA) - KloudlearnHealth Insurance Portability and Accountability Act (HIPPA) - Kloudlearn
Health Insurance Portability and Accountability Act (HIPPA) - KloudlearnKloudLearn
 
The Basics of HIPAA
The Basics of HIPAA The Basics of HIPAA
The Basics of HIPAA DamianKnowles1
 
Hipaa101 updated
Hipaa101 updatedHipaa101 updated
Hipaa101 updatedkkurapat
 
HIPAA Security 2019
HIPAA Security 2019HIPAA Security 2019
HIPAA Security 2019Jose Ivan Delgado, Ph.D.
 
HIPAA | HITECH
HIPAA | HITECHHIPAA | HITECH
HIPAA | HITECHrcabarloc
 
HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for DevelopersTrueVault
 
Welcome to HIPAA Training
Welcome to HIPAA TrainingWelcome to HIPAA Training
Welcome to HIPAA TrainingJonathan Montes
 
HIPAA Training - 2011
HIPAA Training - 2011HIPAA Training - 2011
HIPAA Training - 2011darichardson
 
Hipaa
HipaaHipaa
Hipaateammayco
 
HIPPA Compliance
HIPPA ComplianceHIPPA Compliance
HIPPA Compliancedixibee
 
Mandatory hippa and information security
Mandatory hippa and information securityMandatory hippa and information security
Mandatory hippa and information securityHiggi123
 
Intro to information governance booklet
Intro to information governance bookletIntro to information governance booklet
Intro to information governance bookletGerardo Medina
 
HIPAA Audit Implementation
HIPAA Audit ImplementationHIPAA Audit Implementation
HIPAA Audit ImplementationValency Networks
 
Rajeev Sharma - Ontario health privacy law
Rajeev Sharma - Ontario health privacy law Rajeev Sharma - Ontario health privacy law
Rajeev Sharma - Ontario health privacy law Omar Ha-Redeye
 
HIPAA Panel Discussion
HIPAA Panel Discussion HIPAA Panel Discussion
HIPAA Panel Discussion Dan Wellisch
 
Annual HIPAA Training
Annual HIPAA TrainingAnnual HIPAA Training
Annual HIPAA TrainingCynthia Holland
 
Privacy & security training.pptx
Privacy & security training.pptxPrivacy & security training.pptx
Privacy & security training.pptxQmcleod
 
Privacy & security training.pptx
Privacy & security training.pptxPrivacy & security training.pptx
Privacy & security training.pptxQmcleod
 

More Related Content

What's hot

HIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of ComplianceHIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of ComplianceJay Hodes
 
HIPPA Security Presentation
HIPPA Security PresentationHIPPA Security Presentation
HIPPA Security PresentationRebecca Norman
 
Hipaa basics pp2
Hipaa basics pp2Hipaa basics pp2
Hipaa basics pp2martykoepke
 
Health Insurance Portability and Accountability Act (HIPPA) - Kloudlearn
Health Insurance Portability and Accountability Act (HIPPA) - KloudlearnHealth Insurance Portability and Accountability Act (HIPPA) - Kloudlearn
Health Insurance Portability and Accountability Act (HIPPA) - KloudlearnKloudLearn
 
Hipaa101 updated
Hipaa101 updatedHipaa101 updated
Hipaa101 updatedkkurapat
 
HIPAA | HITECH
HIPAA | HITECHHIPAA | HITECH
HIPAA | HITECHrcabarloc
 
HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for DevelopersTrueVault
 
Welcome to HIPAA Training
Welcome to HIPAA TrainingWelcome to HIPAA Training
Welcome to HIPAA TrainingJonathan Montes
 
HIPAA Training - 2011
HIPAA Training - 2011HIPAA Training - 2011
HIPAA Training - 2011darichardson
 
HIPPA Compliance
HIPPA ComplianceHIPPA Compliance
HIPPA Compliancedixibee
 
Mandatory hippa and information security
Mandatory hippa and information securityMandatory hippa and information security
Mandatory hippa and information securityHiggi123
 
Intro to information governance booklet
Intro to information governance bookletIntro to information governance booklet
Intro to information governance bookletGerardo Medina
 
HIPAA Audit Implementation
HIPAA Audit ImplementationHIPAA Audit Implementation
HIPAA Audit ImplementationValency Networks
 
Rajeev Sharma - Ontario health privacy law
Rajeev Sharma - Ontario health privacy law Rajeev Sharma - Ontario health privacy law
Rajeev Sharma - Ontario health privacy law Omar Ha-Redeye
 
HIPAA Panel Discussion
HIPAA Panel Discussion HIPAA Panel Discussion
HIPAA Panel Discussion Dan Wellisch
 

What's hot (20)

HIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of ComplianceHIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of Compliance
 
HIPPA Security Presentation
HIPPA Security PresentationHIPPA Security Presentation
HIPPA Security Presentation
 
Hipaa basics pp2
Hipaa basics pp2Hipaa basics pp2
Hipaa basics pp2
 
What is hipaa
What is hipaaWhat is hipaa
What is hipaa
 
Health Insurance Portability and Accountability Act (HIPPA) - Kloudlearn
Health Insurance Portability and Accountability Act (HIPPA) - KloudlearnHealth Insurance Portability and Accountability Act (HIPPA) - Kloudlearn
Health Insurance Portability and Accountability Act (HIPPA) - Kloudlearn
 
The Basics of HIPAA
The Basics of HIPAA The Basics of HIPAA
The Basics of HIPAA
 
Hipaa101 updated
Hipaa101 updatedHipaa101 updated
Hipaa101 updated
 
HIPAA Security 2019
HIPAA Security 2019HIPAA Security 2019
HIPAA Security 2019
 
HIPAA | HITECH
HIPAA | HITECHHIPAA | HITECH
HIPAA | HITECH
 
HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for Developers
 
Welcome to HIPAA Training
Welcome to HIPAA TrainingWelcome to HIPAA Training
Welcome to HIPAA Training
 
HIPAA Training - 2011
HIPAA Training - 2011HIPAA Training - 2011
HIPAA Training - 2011
 
Hipaa
HipaaHipaa
Hipaa
 
HIPPA Compliance
HIPPA ComplianceHIPPA Compliance
HIPPA Compliance
 
Mandatory hippa and information security
Mandatory hippa and information securityMandatory hippa and information security
Mandatory hippa and information security
 
Intro to information governance booklet
Intro to information governance bookletIntro to information governance booklet
Intro to information governance booklet
 
HIPAA Audit Implementation
HIPAA Audit ImplementationHIPAA Audit Implementation
HIPAA Audit Implementation
 
Rajeev Sharma - Ontario health privacy law
Rajeev Sharma - Ontario health privacy law Rajeev Sharma - Ontario health privacy law
Rajeev Sharma - Ontario health privacy law
 
HIPAA Panel Discussion
HIPAA Panel Discussion HIPAA Panel Discussion
HIPAA Panel Discussion
 
Annual HIPAA Training
Annual HIPAA TrainingAnnual HIPAA Training
Annual HIPAA Training
 

Similar to HIPAA and FDCPA Compliance for Process Servers

Privacy & security training.pptx
Privacy & security training.pptxPrivacy & security training.pptx
Privacy & security training.pptxQmcleod
 
Privacy & security training.pptx
Privacy & security training.pptxPrivacy & security training.pptx
Privacy & security training.pptxQmcleod
 
Health Insurance Portability and Accountability Act of 1996.docx
Health Insurance Portability and Accountability Act of 1996.docxHealth Insurance Portability and Accountability Act of 1996.docx
Health Insurance Portability and Accountability Act of 1996.docxAlesandriaPablo
 
HIPAA and HITECH : What you need to know
HIPAA and HITECH : What you need to knowHIPAA and HITECH : What you need to know
HIPAA and HITECH : What you need to knowShred-it
 
HIPAA Privacy Training by University of Hawaii
HIPAA Privacy Training by University of HawaiiHIPAA Privacy Training by University of Hawaii
HIPAA Privacy Training by University of HawaiiAtlantic Training, LLC.
 
Confidentiality, security, and integrity of information
Confidentiality, security, and integrity of informationConfidentiality, security, and integrity of information
Confidentiality, security, and integrity of informationsmallwoods
 
Confidentiality, security, and integrity of information
Confidentiality, security, and integrity of informationConfidentiality, security, and integrity of information
Confidentiality, security, and integrity of informationsmallwoods
 
Confidentiality, security, and integrity of information
Confidentiality, security, and integrity of informationConfidentiality, security, and integrity of information
Confidentiality, security, and integrity of informationsmallwoods
 
health insurance portability and accountability act.pptx
health insurance portability and accountability act.pptxhealth insurance portability and accountability act.pptx
health insurance portability and accountability act.pptxamartya2087
 
Knowing confidentiality
Knowing confidentialityKnowing confidentiality
Knowing confidentialityjessie66
 
Introduction to HIPAA for Healthcare Professionals by OUP
Introduction to HIPAA for Healthcare Professionals by OUPIntroduction to HIPAA for Healthcare Professionals by OUP
Introduction to HIPAA for Healthcare Professionals by OUPAtlantic Training, LLC.
 
The viability of personal health related information
The viability of personal health related information The viability of personal health related information
The viability of personal health related information camillemaxwell2
 
The viability of Personal Health Information MHA690
The viability of Personal Health Information MHA690The viability of Personal Health Information MHA690
The viability of Personal Health Information MHA690camillemaxwell2
 
Hipaa privacy rule
Hipaa privacy ruleHipaa privacy rule
Hipaa privacy ruleMsBelleA
 
The Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceThe Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceJim Anfield
 
Confidentiality presentation(1)
Confidentiality presentation(1)Confidentiality presentation(1)
Confidentiality presentation(1)Kimberlin1
 

Similar to HIPAA and FDCPA Compliance for Process Servers (20)

Privacy & security training.pptx
Privacy & security training.pptxPrivacy & security training.pptx
Privacy & security training.pptx
 
Privacy & security training.pptx
Privacy & security training.pptxPrivacy & security training.pptx
Privacy & security training.pptx
 
Health Insurance Portability and Accountability Act of 1996.docx
Health Insurance Portability and Accountability Act of 1996.docxHealth Insurance Portability and Accountability Act of 1996.docx
Health Insurance Portability and Accountability Act of 1996.docx
 
HIPAA Privacy & Security
HIPAA Privacy & SecurityHIPAA Privacy & Security
HIPAA Privacy & Security
 
Hipaa for business associates simple
Hipaa for business associates simpleHipaa for business associates simple
Hipaa for business associates simple
 
Hippa
HippaHippa
Hippa
 
HIPAA and HITECH : What you need to know
HIPAA and HITECH : What you need to knowHIPAA and HITECH : What you need to know
HIPAA and HITECH : What you need to know
 
HIPAA Privacy Training by University of Hawaii
HIPAA Privacy Training by University of HawaiiHIPAA Privacy Training by University of Hawaii
HIPAA Privacy Training by University of Hawaii
 
Confidentiality, security, and integrity of information
Confidentiality, security, and integrity of informationConfidentiality, security, and integrity of information
Confidentiality, security, and integrity of information
 
Confidentiality, security, and integrity of information
Confidentiality, security, and integrity of informationConfidentiality, security, and integrity of information
Confidentiality, security, and integrity of information
 
Confidentiality, security, and integrity of information
Confidentiality, security, and integrity of informationConfidentiality, security, and integrity of information
Confidentiality, security, and integrity of information
 
health insurance portability and accountability act.pptx
health insurance portability and accountability act.pptxhealth insurance portability and accountability act.pptx
health insurance portability and accountability act.pptx
 
Hipaa training
Hipaa trainingHipaa training
Hipaa training
 
Knowing confidentiality
Knowing confidentialityKnowing confidentiality
Knowing confidentiality
 
Introduction to HIPAA for Healthcare Professionals by OUP
Introduction to HIPAA for Healthcare Professionals by OUPIntroduction to HIPAA for Healthcare Professionals by OUP
Introduction to HIPAA for Healthcare Professionals by OUP
 
The viability of personal health related information
The viability of personal health related information The viability of personal health related information
The viability of personal health related information
 
The viability of Personal Health Information MHA690
The viability of Personal Health Information MHA690The viability of Personal Health Information MHA690
The viability of Personal Health Information MHA690
 
Hipaa privacy rule
Hipaa privacy ruleHipaa privacy rule
Hipaa privacy rule
 
The Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceThe Startup Path to HIPAA Compliance
The Startup Path to HIPAA Compliance
 
Confidentiality presentation(1)
Confidentiality presentation(1)Confidentiality presentation(1)
Confidentiality presentation(1)
 

More from Lawgical

Time is the New Green
Time is the New GreenTime is the New Green
Time is the New GreenLawgical
 
36 Private Investigators Share Their Concerns About the Industry
36 Private Investigators Share Their Concerns About the Industry36 Private Investigators Share Their Concerns About the Industry
36 Private Investigators Share Their Concerns About the IndustryLawgical
 
Thinking Big Presentation (Jim Schonrock)
Thinking Big Presentation (Jim Schonrock)Thinking Big Presentation (Jim Schonrock)
Thinking Big Presentation (Jim Schonrock)Lawgical
 
Process Servers: Don't Sell on Price
Process Servers: Don't Sell on PriceProcess Servers: Don't Sell on Price
Process Servers: Don't Sell on PriceLawgical
 
Branding Your Investigations Firm and Yourself
Branding Your Investigations Firm and YourselfBranding Your Investigations Firm and Yourself
Branding Your Investigations Firm and YourselfLawgical
 
Avoiding Bad Cheque Frauds
Avoiding Bad Cheque FraudsAvoiding Bad Cheque Frauds
Avoiding Bad Cheque FraudsLawgical
 
Benefits of PSACO membership
Benefits of PSACO membershipBenefits of PSACO membership
Benefits of PSACO membershipLawgical
 
Advice From Investigators
Advice From InvestigatorsAdvice From Investigators
Advice From InvestigatorsLawgical
 
Signs of a Cheating Spouse
Signs of a Cheating SpouseSigns of a Cheating Spouse
Signs of a Cheating SpouseLawgical
 
Test Your Assault Prevention Knowledge
Test Your Assault Prevention KnowledgeTest Your Assault Prevention Knowledge
Test Your Assault Prevention KnowledgeLawgical
 
How Bail Works
How Bail WorksHow Bail Works
How Bail WorksLawgical
 

More from Lawgical (11)

Time is the New Green
Time is the New GreenTime is the New Green
Time is the New Green
 
36 Private Investigators Share Their Concerns About the Industry
36 Private Investigators Share Their Concerns About the Industry36 Private Investigators Share Their Concerns About the Industry
36 Private Investigators Share Their Concerns About the Industry
 
Thinking Big Presentation (Jim Schonrock)
Thinking Big Presentation (Jim Schonrock)Thinking Big Presentation (Jim Schonrock)
Thinking Big Presentation (Jim Schonrock)
 
Process Servers: Don't Sell on Price
Process Servers: Don't Sell on PriceProcess Servers: Don't Sell on Price
Process Servers: Don't Sell on Price
 
Branding Your Investigations Firm and Yourself
Branding Your Investigations Firm and YourselfBranding Your Investigations Firm and Yourself
Branding Your Investigations Firm and Yourself
 
Avoiding Bad Cheque Frauds
Avoiding Bad Cheque FraudsAvoiding Bad Cheque Frauds
Avoiding Bad Cheque Frauds
 
Benefits of PSACO membership
Benefits of PSACO membershipBenefits of PSACO membership
Benefits of PSACO membership
 
Advice From Investigators
Advice From InvestigatorsAdvice From Investigators
Advice From Investigators
 
Signs of a Cheating Spouse
Signs of a Cheating SpouseSigns of a Cheating Spouse
Signs of a Cheating Spouse
 
Test Your Assault Prevention Knowledge
Test Your Assault Prevention KnowledgeTest Your Assault Prevention Knowledge
Test Your Assault Prevention Knowledge
 
How Bail Works
How Bail WorksHow Bail Works
How Bail Works
 

Recently uploaded

Thompson_Taylor_MBBS_PB1_2024-03 (1)- Project & Portfolio 2.pptx
Thompson_Taylor_MBBS_PB1_2024-03 (1)- Project & Portfolio 2.pptxThompson_Taylor_MBBS_PB1_2024-03 (1)- Project & Portfolio 2.pptx
Thompson_Taylor_MBBS_PB1_2024-03 (1)- Project & Portfolio 2.pptxtmthompson1
 
Pre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptxPre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptxRoofing Contractor
 
Shots fired Budget Presentation.pdf12312
Shots fired Budget Presentation.pdf12312Shots fired Budget Presentation.pdf12312
Shots fired Budget Presentation.pdf12312LR1709MUSIC
 
Pimpri Chinchwad Call Girl Just Call♥️ 8084732287 ♥️Top Class Call Girl Servi...
Pimpri Chinchwad Call Girl Just Call♥️ 8084732287 ♥️Top Class Call Girl Servi...Pimpri Chinchwad Call Girl Just Call♥️ 8084732287 ♥️Top Class Call Girl Servi...
Pimpri Chinchwad Call Girl Just Call♥️ 8084732287 ♥️Top Class Call Girl Servi...pr788182
 
Falcon Invoice Discounting: Aviate Your Cash Flow Challenges
Falcon Invoice Discounting: Aviate Your Cash Flow ChallengesFalcon Invoice Discounting: Aviate Your Cash Flow Challenges
Falcon Invoice Discounting: Aviate Your Cash Flow Challengeshemanthkumar470700
 
Goa Call Girls Just Call 👉📞90042XXXX7 Top Class Call Girl Service Available
Goa Call Girls Just Call 👉📞90042XXXX7 Top Class Call Girl Service AvailableGoa Call Girls Just Call 👉📞90042XXXX7 Top Class Call Girl Service Available
Goa Call Girls Just Call 👉📞90042XXXX7 Top Class Call Girl Service AvailableCall Girls Mumbai
 
The Art of Decision-Making: Navigating Complexity and Uncertainty
The Art of Decision-Making: Navigating Complexity and UncertaintyThe Art of Decision-Making: Navigating Complexity and Uncertainty
The Art of Decision-Making: Navigating Complexity and Uncertaintycapivisgroup
 
PALWAL CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN PALWAL ESCORTS
PALWAL CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN PALWAL ESCORTSPALWAL CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN PALWAL ESCORTS
PALWAL CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN PALWAL ESCORTSkajalroy875762
 
2024 May - Clearbit Integration with Hubspot - Greenville HUG.pptx
2024 May - Clearbit Integration with Hubspot - Greenville HUG.pptx2024 May - Clearbit Integration with Hubspot - Greenville HUG.pptx
2024 May - Clearbit Integration with Hubspot - Greenville HUG.pptxBoundify
 
Falcon Invoice Discounting: Empowering Your Business Growth
Falcon Invoice Discounting: Empowering Your Business GrowthFalcon Invoice Discounting: Empowering Your Business Growth
Falcon Invoice Discounting: Empowering Your Business GrowthFalcon investment
 
Progress Report - Oracle's OCI Analyst Summit 2024
Progress Report - Oracle's OCI Analyst Summit 2024Progress Report - Oracle's OCI Analyst Summit 2024
Progress Report - Oracle's OCI Analyst Summit 2024Holger Mueller
 
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAIGetting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAITim Wilson
 
Ital Liptz - all about Itai Liptz. news.
Ital Liptz - all about Itai Liptz. news.Ital Liptz - all about Itai Liptz. news.
Ital Liptz - all about Itai Liptz. news.htj82vpw
 
Putting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptxPutting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptxCynthia Clay
 
obat aborsi bandung wa 081336238223 jual obat aborsi cytotec asli di bandung9...
obat aborsi bandung wa 081336238223 jual obat aborsi cytotec asli di bandung9...obat aborsi bandung wa 081336238223 jual obat aborsi cytotec asli di bandung9...
obat aborsi bandung wa 081336238223 jual obat aborsi cytotec asli di bandung9...yulianti213969
 
Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...
Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...
Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...ssuserf63bd7
 
MEHSANA 💋 Call Girl 9827461493 Call Girls in Escort service book now
MEHSANA 💋 Call Girl 9827461493 Call Girls in Escort service book nowMEHSANA 💋 Call Girl 9827461493 Call Girls in Escort service book now
MEHSANA 💋 Call Girl 9827461493 Call Girls in Escort service book nowkapoorjyoti4444
 
Goal Presentation_NEW EMPLOYEE_NETAPS FOUNDATION.pptx
Goal Presentation_NEW EMPLOYEE_NETAPS FOUNDATION.pptxGoal Presentation_NEW EMPLOYEE_NETAPS FOUNDATION.pptx
Goal Presentation_NEW EMPLOYEE_NETAPS FOUNDATION.pptxNetapsFoundationAdmi
 
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 MonthsSEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 MonthsIndeedSEO
 

Recently uploaded (20)

Thompson_Taylor_MBBS_PB1_2024-03 (1)- Project & Portfolio 2.pptx
Thompson_Taylor_MBBS_PB1_2024-03 (1)- Project & Portfolio 2.pptxThompson_Taylor_MBBS_PB1_2024-03 (1)- Project & Portfolio 2.pptx
Thompson_Taylor_MBBS_PB1_2024-03 (1)- Project & Portfolio 2.pptx
 
Pre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptxPre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptx
 
Shots fired Budget Presentation.pdf12312
Shots fired Budget Presentation.pdf12312Shots fired Budget Presentation.pdf12312
Shots fired Budget Presentation.pdf12312
 
Pimpri Chinchwad Call Girl Just Call♥️ 8084732287 ♥️Top Class Call Girl Servi...
Pimpri Chinchwad Call Girl Just Call♥️ 8084732287 ♥️Top Class Call Girl Servi...Pimpri Chinchwad Call Girl Just Call♥️ 8084732287 ♥️Top Class Call Girl Servi...
Pimpri Chinchwad Call Girl Just Call♥️ 8084732287 ♥️Top Class Call Girl Servi...
 
Falcon Invoice Discounting: Aviate Your Cash Flow Challenges
Falcon Invoice Discounting: Aviate Your Cash Flow ChallengesFalcon Invoice Discounting: Aviate Your Cash Flow Challenges
Falcon Invoice Discounting: Aviate Your Cash Flow Challenges
 
Goa Call Girls Just Call 👉📞90042XXXX7 Top Class Call Girl Service Available
Goa Call Girls Just Call 👉📞90042XXXX7 Top Class Call Girl Service AvailableGoa Call Girls Just Call 👉📞90042XXXX7 Top Class Call Girl Service Available
Goa Call Girls Just Call 👉📞90042XXXX7 Top Class Call Girl Service Available
 
The Art of Decision-Making: Navigating Complexity and Uncertainty
The Art of Decision-Making: Navigating Complexity and UncertaintyThe Art of Decision-Making: Navigating Complexity and Uncertainty
The Art of Decision-Making: Navigating Complexity and Uncertainty
 
PALWAL CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN PALWAL ESCORTS
PALWAL CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN PALWAL ESCORTSPALWAL CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN PALWAL ESCORTS
PALWAL CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN PALWAL ESCORTS
 
2024 May - Clearbit Integration with Hubspot - Greenville HUG.pptx
2024 May - Clearbit Integration with Hubspot - Greenville HUG.pptx2024 May - Clearbit Integration with Hubspot - Greenville HUG.pptx
2024 May - Clearbit Integration with Hubspot - Greenville HUG.pptx
 
Falcon Invoice Discounting: Empowering Your Business Growth
Falcon Invoice Discounting: Empowering Your Business GrowthFalcon Invoice Discounting: Empowering Your Business Growth
Falcon Invoice Discounting: Empowering Your Business Growth
 
Progress Report - Oracle's OCI Analyst Summit 2024
Progress Report - Oracle's OCI Analyst Summit 2024Progress Report - Oracle's OCI Analyst Summit 2024
Progress Report - Oracle's OCI Analyst Summit 2024
 
Buy gmail accounts.pdf buy Old Gmail Accounts
Buy gmail accounts.pdf buy Old Gmail AccountsBuy gmail accounts.pdf buy Old Gmail Accounts
Buy gmail accounts.pdf buy Old Gmail Accounts
 
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAIGetting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
 
Ital Liptz - all about Itai Liptz. news.
Ital Liptz - all about Itai Liptz. news.Ital Liptz - all about Itai Liptz. news.
Ital Liptz - all about Itai Liptz. news.
 
Putting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptxPutting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptx
 
obat aborsi bandung wa 081336238223 jual obat aborsi cytotec asli di bandung9...
obat aborsi bandung wa 081336238223 jual obat aborsi cytotec asli di bandung9...obat aborsi bandung wa 081336238223 jual obat aborsi cytotec asli di bandung9...
obat aborsi bandung wa 081336238223 jual obat aborsi cytotec asli di bandung9...
 
Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...
Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...
Horngren’s Cost Accounting A Managerial Emphasis, Canadian 9th edition soluti...
 
MEHSANA 💋 Call Girl 9827461493 Call Girls in Escort service book now
MEHSANA 💋 Call Girl 9827461493 Call Girls in Escort service book nowMEHSANA 💋 Call Girl 9827461493 Call Girls in Escort service book now
MEHSANA 💋 Call Girl 9827461493 Call Girls in Escort service book now
 
Goal Presentation_NEW EMPLOYEE_NETAPS FOUNDATION.pptx
Goal Presentation_NEW EMPLOYEE_NETAPS FOUNDATION.pptxGoal Presentation_NEW EMPLOYEE_NETAPS FOUNDATION.pptx
Goal Presentation_NEW EMPLOYEE_NETAPS FOUNDATION.pptx
 
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 MonthsSEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
 

HIPAA and FDCPA Compliance for Process Servers

  • 1. HIPAA & FDCPA HOW DO THESE ACTS EFFECT ME This presentation is a summary of HIPAA and FDCPA and not a complete and comprehensive guide to compliance. In the event of a conflict between this summary and the Rule, the Rule governs.
  • 2. SUMMARY OF THE HIPAA PRIVACY RULE • The Standards for Privacy of Individually Identifiable Health Information (“Privacy Rule”) establishes, for the first time, a set of national standards for the protection of certain health information.
  • 3. SUMMARY OF THE HIPAA PRIVACY RULE • The U.S. Department of Health and Human Services (“HHS”) issued the Privacy Rule to implement the requirement of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).
  • 4. SUMMARY OF THE HIPAA PRIVACY RULE • A major goal of the Privacy Rule is to assure that individuals’ health information is properly protected while allowing the flow of health information needed to provide and promote high quality health care and to protect the public's health and well being.
  • 5. SUMMARY OF THE HIPAA PRIVACY RULE • The Privacy Rule standards address the use and disclosure of individuals’ health information - called “protected health information” by organizations subject to the Privacy Rule – called “covered entities,”
  • 6. Statutory & Regulatory Background • The Health Insurance Portability and Accountability Act of 1996 (HIPAA), Public Law 104-191, was enacted on August 21, 1996. Sections 261 through 264 of HIPAA require the Secretary of HHS to publicize standards for the electronic exchange, privacy and security of health information. Collectively these are known as the Administrative Simplification provisions.
  • 7. Statutory & Regulatory Background • HIPAA required the Secretary to issue privacy regulations governing individually identifiable health information, if Congress did not enact privacy legislation within three years of the passage of HIPAA. • Because Congress did not enact privacy legislation, HHS developed a proposed rule and released it for public comment on November 3, 1999. • In March 2002, the Department proposed and released for public comment modifications to the Privacy Rule.
  • 8. Who is Covered by the Privacy Rule • Health Plans. Individual and group plans that provide or pay the cost of medical care are covered entities.
  • 9. Who is Covered by the Privacy Rule • Health Plans. Individual and group plans that provide or pay the cost of medical care are covered entities. • Include, health, dental, vision, prescription drug insurers, HMOs, Medicare, Medicaid, etc.
  • 10. Who is Covered by the Privacy Rule • Health Care Providers. Every health care provider, regardless of size, who electronically transmits health information in connection with certain transactions, is a covered entity.
  • 11. Who is Covered by the Privacy Rule • Health care providers include all “providers of services” (e.g., institutional providers such as hospitals) and “providers of medical or health services” (e.g., non-institutional providers such as physicians, dentists and other practitioners) as defined by Medicare, and any other person or organization that furnishes, bills, or is paid for health care.
  • 12. Who is Covered by the Privacy Rule • Health Care Clearinghouses. Health care clearinghouses are entities that process nonstandard information they receive from another entity into a standard (i.e., standard format or data content), or vice versa. • Health care clearinghouses include billing services, repricing companies, community health management information systems, and value-added networks and switches if these entities perform clearinghouse functions
  • 13. Business Associates • Business Associate Defined. In general, a business associate is a person or organization, other than a member of a covered entity's workforce, that performs certain functions or activities on behalf of, or provides certain services to, a covered entity that involve the use or disclosure of individually identifiable health information.
  • 14. Business Associates • Business associate functions or activities on behalf of a covered entity include claims processing, data analysis, utilization review, and billing. Business associate services to a covered entity are limited to legal, actuarial, accounting, consulting, data aggregation, management, administrative, accreditation, or financial services.
  • 15. Business Associates • However, persons or organizations are not considered business associates if their functions or services do not involve the use or disclosure of protected health information, and where any access to protected health information by such persons would be incidental, if at all.
  • 16. Business Associates Contract • When a covered entity uses a contractor or other non-workforce member to perform "business associate" services or activities, the Rule requires that the covered entity include certain protections for the information in a business associate agreement
  • 17. Business Associates Contract • In the business associate contract, a covered entity must impose specified written safeguards on the individually identifiable health information used or disclosed by its business associates
  • 18. What Information is Protected • The Privacy Rule protects all "individually identifiable health information" held or transmitted by a covered entity or its business associate, in any form or media, whether electronic, paper, or oral. • The Privacy Rule calls this information "protected health information (PHI)
  • 19. What Information is Protected • “Individually identifiable health information” is information, including demographic data, that relates to: • the individual’s past, present or future physical or mental health or condition • the provision of health care to the individual, or • the past, present, or future payment for the provision of health care to the individual
  • 20. What Information is Protected • Any information which identifies the individual or for which there is a reasonable basis to believe can be used to identify the individual. • Individually identifiable health information includes many common identifiers (e.g., name, address, birth date, Social Security Number).
  • 21. What Information is Protected • The Privacy Rule excludes from protected health information employment records that a covered entity maintains in its capacity as an employer and education and certain other records subject to, or defined in, the Family Educational Rights and Privacy Act, 20 U.S.C. §1232g.
  • 22. General Principle for Uses and Disclosures • Basic Principle. A major purpose of the Privacy Rule is to define and limit the circumstances in which an individual’s protected heath information may be used or disclosed by covered entities. A covered entity may not use or disclose protected health information, except either: • (1) as the Privacy Rule permits or requires; or • (2) as the individual who is the subject of the information (or the individual’s personal representative) authorizes in writing
  • 23. Limiting Uses and Disclosures to the Minimum Necessary • Reasonable Reliance. Similarly, a covered entity may rely upon requests as being the minimum necessary protected health information from: • a professional (such as an attorney or accountant) who is the covered entity’s business associate, seeking the information to provide services to or for the covered entity;
  • 24. Data Safeguards • A covered entity must maintain reasonable and appropriate administrative, technical, and physical safeguards to prevent intentional or unintentional use or disclosure of protected health information in violation of the Privacy Rule and to limit its incidental use and disclosure pursuant to otherwise permitted or required use or disclosure
  • 25. Complaints • A covered entity must have procedures for individuals to complain about its compliance with its privacy policies and procedures and the Privacy Rule. The covered entity must explain those procedures in its privacy practices notice.72 • Among other things, the covered entity must identify to whom individuals can submit complaints to at the covered entity and advise that complaints also can be submitted to the Secretary of HHS.
  • 26. State Law • Preemption. In general, State laws that are contrary to the Privacy Rule are preempted by the federal requirements, which means that the federal requirements will apply. “Contrary” means that it would be impossible for a covered entity to comply with both the State and federal requirements, or that the provision of State law is an obstacle to accomplishing the full purposes and objectives of the Administrative Simplification provisions of HIPAA.
  • 27. Criminal Penalties • A person who knowingly obtains or discloses individually identifiable health information in violation of HIPAA faces a fine of $50,000 and up to one-year imprisonment. The criminal penalties increase to $100,000 and up to five years imprisonment if the wrongful conduct involves false pretenses, and to $250,000
  • 28. THE FAIR DEBT COLLECTION PRACTICES ACT • It is the purpose of this title to eliminate abusive debt collection practices by debt collectors, to insure that those debt collectors who refrain from using abusive debt collection practices are not competitively disadvantaged, and to promote consistent State action to protect consumers against debt collection abuses.
  • 29. THE FAIR DEBT COLLECTION PRACTICES ACT • The term “debt collector” means any person who uses any instrumentality of interstate commerce or the mails in any business the principal purpose of which is the collection of any debts, or who regularly collects or attempts to collect, directly or indirectly, debts owed or due or asserted to be owed or due another.
  • 30. THE FAIR DEBT COLLECTION PRACTICES ACT • The term does not • any person while serving or attempting to serve legal process on any other person in connection with the judicial enforcement of any debt;
  • 31. THE FAIR DEBT COLLECTION PRACTICES ACT • Consumer” defined • For the purpose of this section, the term “consumer” includes the consumer’s spouse, parent (if the consumer is a minor), guardian, executor, or administrator.
  • 32. FDCPA VIOLATION TRIGGER(S) • 805. Communication in connection with debt collection • if the debt collector knows the consumer is represented by an attorney with respect to such debt Communication with third parties
  • 33. FDCPA VIOLATION TRIGGER(S) • 806. Harassment or abuse • The use or threat of use of violence or other criminal means to harm the physical person, reputation, or property of any person. • The use of obscene or profane language or language the natural consequence of which is to abuse the hearer or reader.
  • 34. FDCPA VIOLATION TRIGGER(S) • 806. Harassment or abuse • Causing a telephone to ring or engaging any person in telephone conversation repeatedly or continuously with intent to annoy, abuse, or harass any person at the called number.
  • 35. FDCPA VIOLATION TRIGGER(S) • 807. False or misleading representations • The threat to take any action that cannot legally be taken or that is not intended to be taken. • The use of any business, company, or organization name other than the true name of the debt collector’s business, company, or organization.
  • 36. FDCPA VIOLATION TRIGGER(S) • 811. Legal actions by debt collectors • Venue - Any debt collector who brings any legal action on a debt against any consumer shall— • (1) in the case of an action to enforce an interest in real property securing the consumer’s obligation, bring such action only in a judicial district or similar legal entity in which such real property is located; or
  • 37. FDCPA VIOLATION TRIGGER(S) • 811. Legal actions by debt collectors • (2) in the case of an action not described in paragraph (1), bring such action only in the judicial district or similar legal entity - • (A) in which such consumer signed the contract sued upon; or • (B) in which such consumer resides at the commencement of the action.
  • 38. FDCPA VIOLATION TRIGGER(S) • 813. Civil liability • Amount of damages • Except as otherwise provided by this section, any debt collector who fails to comply with any provision of this title with respect to any person is liable to such person in an amount equal to the sum of - • (1) any actual damage sustained by such person as a result of such failure;
  • 39. FDCPA VIOLATION TRIGGER(S) • 813. Civil liability • (2) (A) in the case of any action by an individual, such additional damages as the court may allow, but not exceeding $1,000; or • (B) in the case of a class action, • (i) such amount for each named plaintiff as could be recovered under subparagraph (A), and
  • 40. FDCPA VIOLATION TRIGGER(S) • 813. Civil liability • (ii) such amount as the court may allow for all • other class members, without regard to a minimum • individual recovery, not to exceed the • lesser of $500,000 or 1 per centum of the net • worth of the debt collector;
  • 41. FDCPA VIOLATION TRIGGER(S) • 813. Civil liability • (3) in the case of any successful action to enforce the foregoing liability, the costs of the action, together with a reasonable attorney’s fee as determined by the court. On a finding by the court that an action under this section was brought in bad faith and for the purpose of harassment, the court may award to the defendant attorney’s fees reasonable in relation to the work expended and costs.
  • 42. HOW CAN THIS AFFECT ME • HIPAA does not apply to process serves • FDCPA exempts process servers • Why bore me with the mess, I seem protected
  • 43. HOW CAN THIS AFFECT ME • Term “You” meaning you, your company, your administrative staff or your process server(s)
  • 44. HOW CAN THIS AFFECT ME • HIPPA violations made against you to your client • FDCPA violations made against you • Discussion