Download to read offline
More Related Content
Similar to HIPAA and Privacy Training
HIPAA and Privacy Training
- 1. HIPAA PRIVACY AND SECURITYTRAINING Jasmay Amataga MHA 690: Health Care Capstone February 21, 2019 Dr. Hwangji Lu
- 2. What is HIPAA? •The Health Insurance Portability and Accountability Act (HIPAA) is federal legislation which addresses issues ranging from health insurance coverage to national standard identifiers for healthcare providers. • The portions that are most important for our purposes are those that deal with protecting the privacy and security of health data, which HIPAA calls Protected Health Information (PHI).
- 3. What is PHI? •Any information, transmitted or maintained in any medium, including demographic information: • Created/received by covered entity or business associate; • Relates to/describes past, present or future physical or mental health or condition; or past, present or future payment for provision of healthcare; and • Can be used to identify the patient
- 4. Failure to Comply •Every health care organization is expected to develop policies and procedures to guide practices within their facility. Every person who provides care or assistance to patients in the facility is expected to understand and comply with HIPAA regulations. • Each team members work is important for patient care. At the same time, it is essential that all patients’ health information be kept confidential. • Organization or individuals that violate the Privacy rules are subject to monetary fines (range of $100 - $1.5 Million) and or civil or criminal charge (of 1-10 years of prison time). • Failure to comply may also hurt the reputation of the facility, put accreditation at risk and result in costly lawsuits.
- 5. GOAL The goal ofthe privacy program is to protect confidential information from improper use or disclosure. What does this mean to you?
- 6. Your Responsibility • Respectconfidential information about patients and use information only to perform your specific role • Be sure patient information is only given or disclosed to others who have a legal right to it. • What information needs to be kept private: All information that identifies an individual is considered confidential
- 7. Unauthorized Disclosures • Someof the biggest threats to patient privacy is unintentional disclosure of information: • Discussion a case where other patients or visitors may overhear, such as in elevators, hallways or the cafeteria • Leaving sensitive information out where patients or visitors can see it. • Another threat to patient privacy is when a workforce member intentionally uses or discloses information in an unauthorized way: • Copying information and taking it home • Removing medical records from the health facility and giving them to others who have no legal right to them. • Deliberately sharing information with unauthorized persons (family members, friends, or news reporters). • Using confidential information in gossiping about patients • Leaving a computer unattended after logging in to an application • Sharing passwords with others or leaving passwords are
- 8. Reporting Violations If youwitness or suspect a confidentiality violation of a HIPAA privacy information, you must report it immediately to your supervisor. Other reporting means include: • Report to a privacy officer, security officer, or quality assurance. Reporting is everyone’s responsibility!
- 9. References • Institute ofMedicine (US) Committee on Health Research and the Privacy of Health Information: The HIPAA Privacy Rule; Nass SJ, Levit LA, Gostin LO, editors. Beyond the HIPAA Privacy Rule: Enhancing Privacy, Improving Health Through Research. Washington (DC): National Academies Press (US); 2009. 2, The Value and Importance of Health Information Privacy. Available from: https://www.ncbi.nlm.nih.gov/books/NBK9579/ • U.S Department of Health and Human Services (2019). The HIPAA Privacy Rule. U.S Department of Health and Human Services. Retrieved from: https://www.hhs.gov/hipaa/for-professionals/privacy/index.html