SlideShare a Scribd company logo

How to avoid being caught out by HIPAA compliance?

Download as PPTX, PDF
Lepide USA Inc
Lepide USA Inc

The HIPAA Security compliance signifies good business practices. With greater values resulting from the compliance, Covered Entities will be well-served to adhere to and adopt the comprehensive IT principles it encompasses. LepideAuditor Suite can help you in HIPAA compliance for ePHI.

Healthcare
1 of 9
How to avoid being caught out by HIPAA compliance
What is HIPAA compliance? HIPAA, the Health Insurance Portability and Accountability Act, is a compliance standard for protecting sensitive patient data. All Covered Entities must ensure they secure protected health information and that physical, network and process security measures are in place and diligently followed. All covered entities must: • Safeguard • Recognize • Ensure the integrity, confidentiality and availability of all PHI they create, receive, maintain or transmit. and defend against expected threats to ensure security and integrity of the information. compliance by everyone in the workforce.
Do you have the patient's authorization? HIPAA compliance usually does not allow covered entities to share PHI unless authorized by patients. The exception to this rule is for access to quality health care or other important public benefits. In these cases the embargo on sharing PHI will result in an unnecessary interference. The following cases don't require the patient's authorization: • Disclosure's required by law • Public health reporting • Audits and investigations • Judicial proceedings etc. • Administrative proceedings • Law enforcement purposes • Research purposes
How to release information A Covered Entity must obtain written authorization before releasing protected health information (PHI), unless the compliance specifically permits disclosure. An authorization must include: • A description of the information that will be disclosed • The authorized person • The person who will get the information • Description of the purpose • The expiration date • The patient's signature Other information may be needed depending on the requirement
Electronic Protected Health Information (ePHI) Electronic protected health information (ePHI) refers to any protected health information (PHI) that is enclosed under HIPAA compliance regulations and is produced, saved, transferred or received in an electronic form. ePHI must include the following information: • Patient name • Address • Social Security number • Email address • Fingerprints • Photographic images etc. All devices carrying ePHI should be HIPAA compliant, including: • Personal Computer • Tablet • Smart Phone etc.
Covered Entities must ensure that policies, procedures and training have been efficiently arranged and access (whether onsite or offsite) is provided as per the requirements of the HIPAA Privacy Rule. The following factors should be considered for users accessing PHI: The scope, intricacy and capabilities of the entity Hardware and software security capabilities The costs involved Risks to PHI User Access
Disposing of PHI Covered Entities must apply the right managerial, technical and physical provisions to guard the confidentiality of PHI and ePHI in any form while disposing of it. Examples of proper disposal methods are: • For paper records; shredding, burning, pulping or pulverizing. • For ePHI; deleting/clearing , purging or destroying the media. Covered entities may also use other appropriate methods of disposal.
Backup plans Covered Entities must implement protocols to safeguard and ensure continuous access to PHI, including a contingency plan for disaster cases. Most data recovery methods are based on either data backups or replications. For ePHI Data backups can be removable media such as CDs, flash drives, etc. or storage systems like dedicated backup applications. For all other PHI Data replication methods can be used for all other kinds of PHI.
Thank you Solid and regularly adhered to business practices are required to ensure you meet HIPAA Security standards. With a better understanding of the correct ways to handle PHI and ePHI, Covered Entities can be more secure in the knowledge that they will not be caught out in compliance mandates. Check out LepideAuditor Suite - an automated solution to handling ePHI and meeting HIPAA compliance: https://www.lepide.com/lepideauditor/

Recommended

HIPAA Audit Implementation
HIPAA Audit ImplementationHIPAA Audit Implementation
HIPAA Audit Implementation
Valency Networks
 
HIPAA Access Medical Records by Sainsbury-Wong
HIPAA Access Medical Records by Sainsbury-WongHIPAA Access Medical Records by Sainsbury-Wong
HIPAA Access Medical Records by Sainsbury-Wong
Lorianne Sainsbury-Wong
 
A brief introduction to hipaa compliance
A brief introduction to hipaa complianceA brief introduction to hipaa compliance
A brief introduction to hipaa compliance
Prince George
 
HIPAA Presentation
HIPAA PresentationHIPAA Presentation
HIPAA Presentation
LyubovKarnaukh
 
The HIPAA Security Rule: Yes, It's Your Problem
The HIPAA Security Rule: Yes, It's Your ProblemThe HIPAA Security Rule: Yes, It's Your Problem
The HIPAA Security Rule: Yes, It's Your Problem
SecurityMetrics
 
You and HIPAA - Get the Facts
You and HIPAA - Get the FactsYou and HIPAA - Get the Facts
You and HIPAA - Get the Facts
resourceone
 
Hipaa training by p. lynch
Hipaa training by p. lynchHipaa training by p. lynch
Hipaa training by p. lynchplynch2012
 
HIPAA Compliance Checklist
HIPAA Compliance ChecklistHIPAA Compliance Checklist
HIPAA Compliance Checklist
Leigh-Ann Renz
 

Recommended

HIPAA Audit Implementation
HIPAA Audit ImplementationHIPAA Audit Implementation
HIPAA Audit Implementation
Valency Networks
 
HIPAA Access Medical Records by Sainsbury-Wong
HIPAA Access Medical Records by Sainsbury-WongHIPAA Access Medical Records by Sainsbury-Wong
HIPAA Access Medical Records by Sainsbury-Wong
Lorianne Sainsbury-Wong
 
A brief introduction to hipaa compliance
A brief introduction to hipaa complianceA brief introduction to hipaa compliance
A brief introduction to hipaa compliance
Prince George
 
HIPAA Presentation
HIPAA PresentationHIPAA Presentation
HIPAA Presentation
LyubovKarnaukh
 
The HIPAA Security Rule: Yes, It's Your Problem
The HIPAA Security Rule: Yes, It's Your ProblemThe HIPAA Security Rule: Yes, It's Your Problem
The HIPAA Security Rule: Yes, It's Your Problem
SecurityMetrics
 
You and HIPAA - Get the Facts
You and HIPAA - Get the FactsYou and HIPAA - Get the Facts
You and HIPAA - Get the Facts
resourceone
 
Hipaa training by p. lynch
Hipaa training by p. lynchHipaa training by p. lynch
Hipaa training by p. lynchplynch2012
 
HIPAA Compliance Checklist
HIPAA Compliance ChecklistHIPAA Compliance Checklist
HIPAA Compliance Checklist
Leigh-Ann Renz
 
Mha 690 week 1 discussion presentation
Mha 690 week 1 discussion presentationMha 690 week 1 discussion presentation
Mha 690 week 1 discussion presentation
falane
 
Comp8 unit6a lecture_slides
Comp8 unit6a lecture_slidesComp8 unit6a lecture_slides
Comp8 unit6a lecture_slides
CMDLMS
 
HIPAA Compliance For Small Practices
HIPAA Compliance For Small PracticesHIPAA Compliance For Small Practices
HIPAA Compliance For Small Practices
Nisos Health
 
HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for Developers
TrueVault
 
Cyberinsurance 111006
Cyberinsurance 111006Cyberinsurance 111006
Cyberinsurance 111006
JNicholson
 
Norris, t week 1 discussion 2
Norris, t week 1 discussion 2Norris, t week 1 discussion 2
Norris, t week 1 discussion 2Tina Norris
 
Hippa
HippaHippa
HippaBetty Davis
 
Understanding HIPAA
Understanding HIPAAUnderstanding HIPAA
Understanding HIPAA
Manas Deep
 
Mha690wk1d2 nor
Mha690wk1d2 norMha690wk1d2 nor
Mha690wk1d2 norRiriMc
 
Training powerpoint mha
Training powerpoint mhaTraining powerpoint mha
Training powerpoint mha
ThereseS
 
Hippa
Hippa Hippa
Hippa
penetration Tester
 
Hi103 week 5 chpt 12
Hi103 week 5 chpt 12Hi103 week 5 chpt 12
Hi103 week 5 chpt 12
BealCollegeOnline
 
Patient confidentiality
Patient confidentialityPatient confidentiality
Patient confidentiality
Jake Facer
 
Hipaa and social media using new
Hipaa and social media using newHipaa and social media using new
Hipaa and social media using new
OnlineAudio Training
 
HIPAA Compliance Checklist for Medical Practices
HIPAA Compliance Checklist for Medical PracticesHIPAA Compliance Checklist for Medical Practices
HIPAA Compliance Checklist for Medical Practices
Medical Transcription Service Company
 
Hipaa basics
Hipaa basicsHipaa basics
Hipaa basics
MichaelRodriguesdosS1
 
Application Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA ComplianceApplication Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA Compliance
TrueVault
 
Security in electronic health records
Security in electronic health recordsSecurity in electronic health records
Security in electronic health recordssamuelerie
 
Healthcare IT: Security Risks & Regulations
Healthcare IT: Security Risks & RegulationsHealthcare IT: Security Risks & Regulations
Healthcare IT: Security Risks & Regulations
CHIPS Technology Group
 
Mbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk Assessment
MBMeHealthCareSolutions
 
Presentación de ángulos
Presentación de ángulosPresentación de ángulos
Presentación de ángulosAlfredo Torres
 
Aporte individual yeison franco
Aporte individual yeison francoAporte individual yeison franco
Aporte individual yeison franco
Yeison Andrés Franco Higuita
 

More Related Content

What's hot

Mha 690 week 1 discussion presentation
Mha 690 week 1 discussion presentationMha 690 week 1 discussion presentation
Mha 690 week 1 discussion presentation
falane
 
Comp8 unit6a lecture_slides
Comp8 unit6a lecture_slidesComp8 unit6a lecture_slides
Comp8 unit6a lecture_slides
CMDLMS
 
HIPAA Compliance For Small Practices
HIPAA Compliance For Small PracticesHIPAA Compliance For Small Practices
HIPAA Compliance For Small Practices
Nisos Health
 
HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for Developers
TrueVault
 
Cyberinsurance 111006
Cyberinsurance 111006Cyberinsurance 111006
Cyberinsurance 111006
JNicholson
 
Norris, t week 1 discussion 2
Norris, t week 1 discussion 2Norris, t week 1 discussion 2
Norris, t week 1 discussion 2Tina Norris
 
Understanding HIPAA
Understanding HIPAAUnderstanding HIPAA
Understanding HIPAA
Manas Deep
 
Mha690wk1d2 nor
Mha690wk1d2 norMha690wk1d2 nor
Mha690wk1d2 norRiriMc
 
Training powerpoint mha
Training powerpoint mhaTraining powerpoint mha
Training powerpoint mha
ThereseS
 
Hippa
Hippa Hippa
Hippa
penetration Tester
 
Hi103 week 5 chpt 12
Hi103 week 5 chpt 12Hi103 week 5 chpt 12
Hi103 week 5 chpt 12
BealCollegeOnline
 
Patient confidentiality
Patient confidentialityPatient confidentiality
Patient confidentiality
Jake Facer
 
Hipaa and social media using new
Hipaa and social media using newHipaa and social media using new
Hipaa and social media using new
OnlineAudio Training
 
HIPAA Compliance Checklist for Medical Practices
HIPAA Compliance Checklist for Medical PracticesHIPAA Compliance Checklist for Medical Practices
HIPAA Compliance Checklist for Medical Practices
Medical Transcription Service Company
 
Hipaa basics
Hipaa basicsHipaa basics
Hipaa basics
MichaelRodriguesdosS1
 
Application Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA ComplianceApplication Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA Compliance
TrueVault
 
Security in electronic health records
Security in electronic health recordsSecurity in electronic health records
Security in electronic health recordssamuelerie
 
Healthcare IT: Security Risks & Regulations
Healthcare IT: Security Risks & RegulationsHealthcare IT: Security Risks & Regulations
Healthcare IT: Security Risks & Regulations
CHIPS Technology Group
 
Mbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk Assessment
MBMeHealthCareSolutions
 

What's hot (20)

Mha 690 week 1 discussion presentation
Mha 690 week 1 discussion presentationMha 690 week 1 discussion presentation
Mha 690 week 1 discussion presentation
 
Comp8 unit6a lecture_slides
Comp8 unit6a lecture_slidesComp8 unit6a lecture_slides
Comp8 unit6a lecture_slides
 
HIPAA Compliance For Small Practices
HIPAA Compliance For Small PracticesHIPAA Compliance For Small Practices
HIPAA Compliance For Small Practices
 
HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for Developers
 
Cyberinsurance 111006
Cyberinsurance 111006Cyberinsurance 111006
Cyberinsurance 111006
 
Norris, t week 1 discussion 2
Norris, t week 1 discussion 2Norris, t week 1 discussion 2
Norris, t week 1 discussion 2
 
Hippa
HippaHippa
Hippa
 
Understanding HIPAA
Understanding HIPAAUnderstanding HIPAA
Understanding HIPAA
 
Mha690wk1d2 nor
Mha690wk1d2 norMha690wk1d2 nor
Mha690wk1d2 nor
 
Training powerpoint mha
Training powerpoint mhaTraining powerpoint mha
Training powerpoint mha
 
Hippa
Hippa Hippa
Hippa
 
Hi103 week 5 chpt 12
Hi103 week 5 chpt 12Hi103 week 5 chpt 12
Hi103 week 5 chpt 12
 
Patient confidentiality
Patient confidentialityPatient confidentiality
Patient confidentiality
 
Hipaa and social media using new
Hipaa and social media using newHipaa and social media using new
Hipaa and social media using new
 
HIPAA Compliance Checklist for Medical Practices
HIPAA Compliance Checklist for Medical PracticesHIPAA Compliance Checklist for Medical Practices
HIPAA Compliance Checklist for Medical Practices
 
Hipaa basics
Hipaa basicsHipaa basics
Hipaa basics
 
Application Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA ComplianceApplication Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA Compliance
 
Security in electronic health records
Security in electronic health recordsSecurity in electronic health records
Security in electronic health records
 
Healthcare IT: Security Risks & Regulations
Healthcare IT: Security Risks & RegulationsHealthcare IT: Security Risks & Regulations
Healthcare IT: Security Risks & Regulations
 
Mbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk Assessment
 

Viewers also liked

Presentación de ángulos
Presentación de ángulosPresentación de ángulos
Presentación de ángulosAlfredo Torres
 
Aporte individual yeison franco
Aporte individual yeison francoAporte individual yeison franco
Aporte individual yeison franco
Yeison Andrés Franco Higuita
 
Mengobati ambeyen pada wanita karier
Mengobati ambeyen pada wanita karierMengobati ambeyen pada wanita karier
Mengobati ambeyen pada wanita karier
wawan wijanarko
 
Les 8 vervolg van selfservice naar automatisering
Les 8 vervolg van selfservice naar automatiseringLes 8 vervolg van selfservice naar automatisering
Les 8 vervolg van selfservice naar automatisering
Nancy De Vogelaere
 
dapr programm: Themen und Termine 2017
dapr programm: Themen und Termine 2017dapr programm: Themen und Termine 2017
dapr programm: Themen und Termine 2017
DAPR Deutsche Akademie für Public Relations
 
Linea de-el-tiempo gustavo alcala
Linea de-el-tiempo gustavo alcalaLinea de-el-tiempo gustavo alcala
Linea de-el-tiempo gustavo alcala
Tavo Hernandez
 
Презентация
ПрезентацияПрезентация
Презентация
lleennookk2016
 
Presentación gustavo
Presentación gustavoPresentación gustavo
Presentación gustavo
GUSTAVO_08_2011
 
Imagenes dicom berenicelozano
Imagenes dicom berenicelozanoImagenes dicom berenicelozano
Imagenes dicom berenicelozano
Sann Sóstenes
 
раздаточные мат лы 1
раздаточные мат лы 1раздаточные мат лы 1
раздаточные мат лы 1
Pharm.education
 
3. ley 16.744- e- continua
3. ley 16.744- e- continua3. ley 16.744- e- continua
3. ley 16.744- e- continuaLesly Adaros
 
Trabajo semestral de colotli
Trabajo semestral de colotliTrabajo semestral de colotli
Trabajo semestral de colotliRaymundo Fierro
 
thesis prentation monday
thesis prentation mondaythesis prentation monday
thesis prentation mondaySean Lydon
 
Presentacón teoria constructivista y teoria conductista
Presentacón teoria constructivista y teoria conductistaPresentacón teoria constructivista y teoria conductista
Presentacón teoria constructivista y teoria conductista
SILVIA XIMENA APRAEZ MARQUEZ
 
las tecnologías de la información y comunicación (TIC)
las tecnologías de la información y comunicación (TIC)las tecnologías de la información y comunicación (TIC)
las tecnologías de la información y comunicación (TIC)
GUSTAVO_08_2011
 
Clipping cnc 29112016 versão de impressão
Clipping cnc 29112016 versão de impressãoClipping cnc 29112016 versão de impressão
Clipping cnc 29112016 versão de impressão
Paulo André Colucci Kawasaki
 
Metodologia y proyecto investigacion
Metodologia y proyecto investigacionMetodologia y proyecto investigacion
Metodologia y proyecto investigacion
khynee
 

Viewers also liked (20)

Presentación de ángulos
Presentación de ángulosPresentación de ángulos
Presentación de ángulos
 
Aporte individual yeison franco
Aporte individual yeison francoAporte individual yeison franco
Aporte individual yeison franco
 
Mengobati ambeyen pada wanita karier
Mengobati ambeyen pada wanita karierMengobati ambeyen pada wanita karier
Mengobati ambeyen pada wanita karier
 
Dissertation
DissertationDissertation
Dissertation
 
Les 8 vervolg van selfservice naar automatisering
Les 8 vervolg van selfservice naar automatiseringLes 8 vervolg van selfservice naar automatisering
Les 8 vervolg van selfservice naar automatisering
 
dapr programm: Themen und Termine 2017
dapr programm: Themen und Termine 2017dapr programm: Themen und Termine 2017
dapr programm: Themen und Termine 2017
 
Linea de-el-tiempo gustavo alcala
Linea de-el-tiempo gustavo alcalaLinea de-el-tiempo gustavo alcala
Linea de-el-tiempo gustavo alcala
 
Презентация
ПрезентацияПрезентация
Презентация
 
Practica 4
Practica 4Practica 4
Practica 4
 
Presentación gustavo
Presentación gustavoPresentación gustavo
Presentación gustavo
 
Imagenes dicom berenicelozano
Imagenes dicom berenicelozanoImagenes dicom berenicelozano
Imagenes dicom berenicelozano
 
раздаточные мат лы 1
раздаточные мат лы 1раздаточные мат лы 1
раздаточные мат лы 1
 
3. ley 16.744- e- continua
3. ley 16.744- e- continua3. ley 16.744- e- continua
3. ley 16.744- e- continua
 
Trabajo semestral de colotli
Trabajo semestral de colotliTrabajo semestral de colotli
Trabajo semestral de colotli
 
Practica 11
Practica 11Practica 11
Practica 11
 
thesis prentation monday
thesis prentation mondaythesis prentation monday
thesis prentation monday
 
Presentacón teoria constructivista y teoria conductista
Presentacón teoria constructivista y teoria conductistaPresentacón teoria constructivista y teoria conductista
Presentacón teoria constructivista y teoria conductista
 
las tecnologías de la información y comunicación (TIC)
las tecnologías de la información y comunicación (TIC)las tecnologías de la información y comunicación (TIC)
las tecnologías de la información y comunicación (TIC)
 
Clipping cnc 29112016 versão de impressão
Clipping cnc 29112016 versão de impressãoClipping cnc 29112016 versão de impressão
Clipping cnc 29112016 versão de impressão
 
Metodologia y proyecto investigacion
Metodologia y proyecto investigacionMetodologia y proyecto investigacion
Metodologia y proyecto investigacion
 

Similar to How to avoid being caught out by HIPAA compliance?

health insurance portability and accountability act.pptx
health insurance portability and accountability act.pptxhealth insurance portability and accountability act.pptx
health insurance portability and accountability act.pptx
amartya2087
 
Hipaa overview 073118
Hipaa overview 073118Hipaa overview 073118
Hipaa overview 073118
robint2125
 
Are You HIPAA Safe?
Are You HIPAA Safe?Are You HIPAA Safe?
Are You HIPAA Safe?
TriageLogic
 
Dispelling HIPAA Myths: Texting, Emailing, and BYOD Best Practices
Dispelling HIPAA Myths: Texting, Emailing, and BYOD Best PracticesDispelling HIPAA Myths: Texting, Emailing, and BYOD Best Practices
Dispelling HIPAA Myths: Texting, Emailing, and BYOD Best Practices
Conference Panel
 
The Health Insurance Portability and Accountability Act 
The Health Insurance Portability and Accountability Act The Health Insurance Portability and Accountability Act 
The Health Insurance Portability and Accountability Act 
Kartheek Kein
 
HIPAA and Privacy Training
HIPAA and Privacy TrainingHIPAA and Privacy Training
HIPAA and Privacy Training
JasAmataga
 
MHA690 confidentiality training
MHA690 confidentiality trainingMHA690 confidentiality training
MHA690 confidentiality trainingsdavis49
 
Dustin HIPAA
Dustin HIPAADustin HIPAA
Dustin HIPAA
Dustin Kinzinger
 
2017 HIPAA Clinical Research Training
2017 HIPAA Clinical Research Training2017 HIPAA Clinical Research Training
2017 HIPAA Clinical Research Training
Cynthia Holland
 
Marc etienne week1 discussion2 presentation
Marc etienne week1 discussion2 presentationMarc etienne week1 discussion2 presentation
Marc etienne week1 discussion2 presentation
MarcEtienne6
 
Patient confidentiality power point
Patient confidentiality power pointPatient confidentiality power point
Patient confidentiality power pointchwiso8418
 
Patient confidentiality
Patient confidentialityPatient confidentiality
Patient confidentiality
chwiso8418
 
Patient confidentiality power point
Patient confidentiality power pointPatient confidentiality power point
Patient confidentiality power pointchwiso8418
 
Hcc_hipaa hitech training_Basic www.hcctecnologies.com
Hcc_hipaa hitech training_Basic www.hcctecnologies.comHcc_hipaa hitech training_Basic www.hcctecnologies.com
Hcc_hipaa hitech training_Basic www.hcctecnologies.com
ejazmazhar
 
Confidentiality Awareness
Confidentiality AwarenessConfidentiality Awareness
Confidentiality Awarenessitchomecare
 
CAHU EXPO Grove City, OH 2014
CAHU EXPO Grove City, OH 2014 CAHU EXPO Grove City, OH 2014
CAHU EXPO Grove City, OH 2014
Jason Karn
 
Rightscale webinar-hipaa-public-cloud
Rightscale webinar-hipaa-public-cloudRightscale webinar-hipaa-public-cloud
Rightscale webinar-hipaa-public-cloudRightScale
 
Hippa privacy and security awareness
Hippa privacy and security awarenessHippa privacy and security awareness
Hippa privacy and security awareness
Charles Taft
 
Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...
Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...
Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...
M2SYS Technology
 

Similar to How to avoid being caught out by HIPAA compliance? (20)

health insurance portability and accountability act.pptx
health insurance portability and accountability act.pptxhealth insurance portability and accountability act.pptx
health insurance portability and accountability act.pptx
 
Hipaa overview 073118
Hipaa overview 073118Hipaa overview 073118
Hipaa overview 073118
 
Are You HIPAA Safe?
Are You HIPAA Safe?Are You HIPAA Safe?
Are You HIPAA Safe?
 
Dispelling HIPAA Myths: Texting, Emailing, and BYOD Best Practices
Dispelling HIPAA Myths: Texting, Emailing, and BYOD Best PracticesDispelling HIPAA Myths: Texting, Emailing, and BYOD Best Practices
Dispelling HIPAA Myths: Texting, Emailing, and BYOD Best Practices
 
The Health Insurance Portability and Accountability Act 
The Health Insurance Portability and Accountability Act The Health Insurance Portability and Accountability Act 
The Health Insurance Portability and Accountability Act 
 
HIPAA and Privacy Training
HIPAA and Privacy TrainingHIPAA and Privacy Training
HIPAA and Privacy Training
 
MHA690 confidentiality training
MHA690 confidentiality trainingMHA690 confidentiality training
MHA690 confidentiality training
 
Dustin HIPAA
Dustin HIPAADustin HIPAA
Dustin HIPAA
 
2017 HIPAA Clinical Research Training
2017 HIPAA Clinical Research Training2017 HIPAA Clinical Research Training
2017 HIPAA Clinical Research Training
 
Marc etienne week1 discussion2 presentation
Marc etienne week1 discussion2 presentationMarc etienne week1 discussion2 presentation
Marc etienne week1 discussion2 presentation
 
Patient confidentiality power point
Patient confidentiality power pointPatient confidentiality power point
Patient confidentiality power point
 
Patient confidentiality
Patient confidentialityPatient confidentiality
Patient confidentiality
 
Patient confidentiality power point
Patient confidentiality power pointPatient confidentiality power point
Patient confidentiality power point
 
Hcc_hipaa hitech training_Basic www.hcctecnologies.com
Hcc_hipaa hitech training_Basic www.hcctecnologies.comHcc_hipaa hitech training_Basic www.hcctecnologies.com
Hcc_hipaa hitech training_Basic www.hcctecnologies.com
 
Confidentiality Awareness
Confidentiality AwarenessConfidentiality Awareness
Confidentiality Awareness
 
CAHU EXPO Grove City, OH 2014
CAHU EXPO Grove City, OH 2014 CAHU EXPO Grove City, OH 2014
CAHU EXPO Grove City, OH 2014
 
Rightscale webinar-hipaa-public-cloud
Rightscale webinar-hipaa-public-cloudRightscale webinar-hipaa-public-cloud
Rightscale webinar-hipaa-public-cloud
 
Hippa privacy and security awareness
Hippa privacy and security awarenessHippa privacy and security awareness
Hippa privacy and security awareness
 
HIPAA
HIPAAHIPAA
HIPAA
 
Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...
Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...
Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...
 

Recently uploaded

ventilator, child on ventilator, newborn
ventilator, child on ventilator, newbornventilator, child on ventilator, newborn
ventilator, child on ventilator, newborn
Pooja Rani
 
Artificial Intelligence to Optimize Cardiovascular Therapy
Artificial Intelligence to Optimize Cardiovascular TherapyArtificial Intelligence to Optimize Cardiovascular Therapy
Artificial Intelligence to Optimize Cardiovascular Therapy
Iris Thiele Isip-Tan
 
The Impact of Meeting: How It Can Change Your Life
The Impact of Meeting: How It Can Change Your LifeThe Impact of Meeting: How It Can Change Your Life
The Impact of Meeting: How It Can Change Your Life
ranishasharma67
 
Navigating Women's Health: Understanding Prenatal Care and Beyond
Navigating Women's Health: Understanding Prenatal Care and BeyondNavigating Women's Health: Understanding Prenatal Care and Beyond
Navigating Women's Health: Understanding Prenatal Care and Beyond
Aboud Health Group
 
Nursing Care of Client With Acute And Chronic Renal Failure.ppt
Nursing Care of Client With Acute And Chronic Renal Failure.pptNursing Care of Client With Acute And Chronic Renal Failure.ppt
Nursing Care of Client With Acute And Chronic Renal Failure.ppt
Rommel Luis III Israel
 
BOWEL ELIMINATION BY ANUSHRI SRIVASTAVA.pptx
BOWEL ELIMINATION BY ANUSHRI SRIVASTAVA.pptxBOWEL ELIMINATION BY ANUSHRI SRIVASTAVA.pptx
BOWEL ELIMINATION BY ANUSHRI SRIVASTAVA.pptx
AnushriSrivastav
 
Health Education on prevention of hypertension
Health Education on prevention of hypertensionHealth Education on prevention of hypertension
Health Education on prevention of hypertension
Radhika kulvi
 
India Clinical Trials Market: Industry Size and Growth Trends [2030] Analyzed...
India Clinical Trials Market: Industry Size and Growth Trends [2030] Analyzed...India Clinical Trials Market: Industry Size and Growth Trends [2030] Analyzed...
India Clinical Trials Market: Industry Size and Growth Trends [2030] Analyzed...
Kumar Satyam
 
10 Ideas for Enhancing Your Meeting Experience
10 Ideas for Enhancing Your Meeting Experience10 Ideas for Enhancing Your Meeting Experience
10 Ideas for Enhancing Your Meeting Experience
ranishasharma67
 
Navigating Challenges: Mental Health, Legislation, and the Prison System in B...
Navigating Challenges: Mental Health, Legislation, and the Prison System in B...Navigating Challenges: Mental Health, Legislation, and the Prison System in B...
Navigating Challenges: Mental Health, Legislation, and the Prison System in B...
Guillermo Rivera
 
Yemen National Tuberculosis Program .ppt
Yemen National Tuberculosis Program .pptYemen National Tuberculosis Program .ppt
Yemen National Tuberculosis Program .ppt
Esam43
 
Myopia Management & Control Strategies.pptx
Myopia Management & Control Strategies.pptxMyopia Management & Control Strategies.pptx
Myopia Management & Control Strategies.pptx
RitonDeb1
 
Introduction to Forensic Pathology course
Introduction to Forensic Pathology courseIntroduction to Forensic Pathology course
Introduction to Forensic Pathology course
fprxsqvnz5
 
Telehealth Psychology Building Trust with Clients.pptx
Telehealth Psychology Building Trust with Clients.pptxTelehealth Psychology Building Trust with Clients.pptx
Telehealth Psychology Building Trust with Clients.pptx
The Harvest Clinic
 
ICH Guidelines for Pharmacovigilance.pdf
ICH Guidelines for Pharmacovigilance.pdfICH Guidelines for Pharmacovigilance.pdf
ICH Guidelines for Pharmacovigilance.pdf
NEHA GUPTA
 
VVIP Dehradun Girls 9719300533 Heat-bake { Dehradun } Genteel ℂall Serviℂe By...
VVIP Dehradun Girls 9719300533 Heat-bake { Dehradun } Genteel ℂall Serviℂe By...VVIP Dehradun Girls 9719300533 Heat-bake { Dehradun } Genteel ℂall Serviℂe By...
VVIP Dehradun Girls 9719300533 Heat-bake { Dehradun } Genteel ℂall Serviℂe By...
rajkumar669520
 
Medical Technology Tackles New Health Care Demand - Research Report - March 2...
Medical Technology Tackles New Health Care Demand - Research Report - March 2...Medical Technology Tackles New Health Care Demand - Research Report - March 2...
Medical Technology Tackles New Health Care Demand - Research Report - March 2...
pchutichetpong
 
The Docs PPG - 30.05.2024.pptx..........
The Docs PPG - 30.05.2024.pptx..........The Docs PPG - 30.05.2024.pptx..........
The Docs PPG - 30.05.2024.pptx..........
TheDocs
 
Neuro Saphirex Cranial Brochure
Neuro Saphirex Cranial BrochureNeuro Saphirex Cranial Brochure
Neuro Saphirex Cranial Brochure
RXOOM Healthcare Pvt. Ltd. ​
 
Dimensions of Healthcare Quality
Dimensions of Healthcare QualityDimensions of Healthcare Quality
Dimensions of Healthcare Quality
Naeemshahzad51
 

Recently uploaded (20)

ventilator, child on ventilator, newborn
ventilator, child on ventilator, newbornventilator, child on ventilator, newborn
ventilator, child on ventilator, newborn
 
Artificial Intelligence to Optimize Cardiovascular Therapy
Artificial Intelligence to Optimize Cardiovascular TherapyArtificial Intelligence to Optimize Cardiovascular Therapy
Artificial Intelligence to Optimize Cardiovascular Therapy
 
The Impact of Meeting: How It Can Change Your Life
The Impact of Meeting: How It Can Change Your LifeThe Impact of Meeting: How It Can Change Your Life
The Impact of Meeting: How It Can Change Your Life
 
Navigating Women's Health: Understanding Prenatal Care and Beyond
Navigating Women's Health: Understanding Prenatal Care and BeyondNavigating Women's Health: Understanding Prenatal Care and Beyond
Navigating Women's Health: Understanding Prenatal Care and Beyond
 
Nursing Care of Client With Acute And Chronic Renal Failure.ppt
Nursing Care of Client With Acute And Chronic Renal Failure.pptNursing Care of Client With Acute And Chronic Renal Failure.ppt
Nursing Care of Client With Acute And Chronic Renal Failure.ppt
 
BOWEL ELIMINATION BY ANUSHRI SRIVASTAVA.pptx
BOWEL ELIMINATION BY ANUSHRI SRIVASTAVA.pptxBOWEL ELIMINATION BY ANUSHRI SRIVASTAVA.pptx
BOWEL ELIMINATION BY ANUSHRI SRIVASTAVA.pptx
 
Health Education on prevention of hypertension
Health Education on prevention of hypertensionHealth Education on prevention of hypertension
Health Education on prevention of hypertension
 
India Clinical Trials Market: Industry Size and Growth Trends [2030] Analyzed...
India Clinical Trials Market: Industry Size and Growth Trends [2030] Analyzed...India Clinical Trials Market: Industry Size and Growth Trends [2030] Analyzed...
India Clinical Trials Market: Industry Size and Growth Trends [2030] Analyzed...
 
10 Ideas for Enhancing Your Meeting Experience
10 Ideas for Enhancing Your Meeting Experience10 Ideas for Enhancing Your Meeting Experience
10 Ideas for Enhancing Your Meeting Experience
 
Navigating Challenges: Mental Health, Legislation, and the Prison System in B...
Navigating Challenges: Mental Health, Legislation, and the Prison System in B...Navigating Challenges: Mental Health, Legislation, and the Prison System in B...
Navigating Challenges: Mental Health, Legislation, and the Prison System in B...
 
Yemen National Tuberculosis Program .ppt
Yemen National Tuberculosis Program .pptYemen National Tuberculosis Program .ppt
Yemen National Tuberculosis Program .ppt
 
Myopia Management & Control Strategies.pptx
Myopia Management & Control Strategies.pptxMyopia Management & Control Strategies.pptx
Myopia Management & Control Strategies.pptx
 
Introduction to Forensic Pathology course
Introduction to Forensic Pathology courseIntroduction to Forensic Pathology course
Introduction to Forensic Pathology course
 
Telehealth Psychology Building Trust with Clients.pptx
Telehealth Psychology Building Trust with Clients.pptxTelehealth Psychology Building Trust with Clients.pptx
Telehealth Psychology Building Trust with Clients.pptx
 
ICH Guidelines for Pharmacovigilance.pdf
ICH Guidelines for Pharmacovigilance.pdfICH Guidelines for Pharmacovigilance.pdf
ICH Guidelines for Pharmacovigilance.pdf
 
VVIP Dehradun Girls 9719300533 Heat-bake { Dehradun } Genteel ℂall Serviℂe By...
VVIP Dehradun Girls 9719300533 Heat-bake { Dehradun } Genteel ℂall Serviℂe By...VVIP Dehradun Girls 9719300533 Heat-bake { Dehradun } Genteel ℂall Serviℂe By...
VVIP Dehradun Girls 9719300533 Heat-bake { Dehradun } Genteel ℂall Serviℂe By...
 
Medical Technology Tackles New Health Care Demand - Research Report - March 2...
Medical Technology Tackles New Health Care Demand - Research Report - March 2...Medical Technology Tackles New Health Care Demand - Research Report - March 2...
Medical Technology Tackles New Health Care Demand - Research Report - March 2...
 
The Docs PPG - 30.05.2024.pptx..........
The Docs PPG - 30.05.2024.pptx..........The Docs PPG - 30.05.2024.pptx..........
The Docs PPG - 30.05.2024.pptx..........
 
Neuro Saphirex Cranial Brochure
Neuro Saphirex Cranial BrochureNeuro Saphirex Cranial Brochure
Neuro Saphirex Cranial Brochure
 
Dimensions of Healthcare Quality
Dimensions of Healthcare QualityDimensions of Healthcare Quality
Dimensions of Healthcare Quality
 

How to avoid being caught out by HIPAA compliance?

  • 1. How to avoid being caught out by HIPAA compliance
  • 2. What is HIPAA compliance? HIPAA, the Health Insurance Portability and Accountability Act, is a compliance standard for protecting sensitive patient data. All Covered Entities must ensure they secure protected health information and that physical, network and process security measures are in place and diligently followed. All covered entities must: • Safeguard • Recognize • Ensure the integrity, confidentiality and availability of all PHI they create, receive, maintain or transmit. and defend against expected threats to ensure security and integrity of the information. compliance by everyone in the workforce.
  • 3. Do you have the patient's authorization? HIPAA compliance usually does not allow covered entities to share PHI unless authorized by patients. The exception to this rule is for access to quality health care or other important public benefits. In these cases the embargo on sharing PHI will result in an unnecessary interference. The following cases don't require the patient's authorization: • Disclosure's required by law • Public health reporting • Audits and investigations • Judicial proceedings etc. • Administrative proceedings • Law enforcement purposes • Research purposes
  • 4. How to release information A Covered Entity must obtain written authorization before releasing protected health information (PHI), unless the compliance specifically permits disclosure. An authorization must include: • A description of the information that will be disclosed • The authorized person • The person who will get the information • Description of the purpose • The expiration date • The patient's signature Other information may be needed depending on the requirement
  • 5. Electronic Protected Health Information (ePHI) Electronic protected health information (ePHI) refers to any protected health information (PHI) that is enclosed under HIPAA compliance regulations and is produced, saved, transferred or received in an electronic form. ePHI must include the following information: • Patient name • Address • Social Security number • Email address • Fingerprints • Photographic images etc. All devices carrying ePHI should be HIPAA compliant, including: • Personal Computer • Tablet • Smart Phone etc.
  • 6. Covered Entities must ensure that policies, procedures and training have been efficiently arranged and access (whether onsite or offsite) is provided as per the requirements of the HIPAA Privacy Rule. The following factors should be considered for users accessing PHI: The scope, intricacy and capabilities of the entity Hardware and software security capabilities The costs involved Risks to PHI User Access
  • 7. Disposing of PHI Covered Entities must apply the right managerial, technical and physical provisions to guard the confidentiality of PHI and ePHI in any form while disposing of it. Examples of proper disposal methods are: • For paper records; shredding, burning, pulping or pulverizing. • For ePHI; deleting/clearing , purging or destroying the media. Covered entities may also use other appropriate methods of disposal.
  • 8. Backup plans Covered Entities must implement protocols to safeguard and ensure continuous access to PHI, including a contingency plan for disaster cases. Most data recovery methods are based on either data backups or replications. For ePHI Data backups can be removable media such as CDs, flash drives, etc. or storage systems like dedicated backup applications. For all other PHI Data replication methods can be used for all other kinds of PHI.
  • 9. Thank you Solid and regularly adhered to business practices are required to ensure you meet HIPAA Security standards. With a better understanding of the correct ways to handle PHI and ePHI, Covered Entities can be more secure in the knowledge that they will not be caught out in compliance mandates. Check out LepideAuditor Suite - an automated solution to handling ePHI and meeting HIPAA compliance: https://www.lepide.com/lepideauditor/