2. Why privacy?
• Patient’s disclose personal information to their
health care provider.
• This is any information that is not commonly
shared with strangers.
Always wonder:
• Are you a stranger to the patient?
• Would you tell your personal health
information to a stranger?
3. HIPAA
• The Office for Civil Rights enforces the HIPAA
Privacy Rule, which protects the privacy of
individually identifiable health information;
the HIPAA Security Rule, which sets national
standards for the security of electronic
protected health information; and the
confidentiality provisions of the Patient Safety
Rule, which protect identifiable information
being used to analyze patient safety events
and improve patient safety.
Source: http://www.hhs.gov/ocr/privacy/
4. Your responsibilities…
• Disclose a detailed explanation for accessing
each patients’ medical record.
Failure to do so will result in the flag and
investigation by confidentiality officers.
• Do not leave any
computers, tablets, kiosks, etc. unattended
while patient information is visible.
5. Your responsibilities cont’d…
• Do have password protection on all electronic
devices that have access to patient health
information.
• Apply a computer screen safeguard in areas of
heavy patient traffic.
Always question:
• If this were my personal information; is it
protected from unwanted strangers?
6. Federal Consequences…
HIPAA Violation Minimum Penalty Maximum Penalty
Individual did not know (and
by exercising reasonable
diligence would not have
known) that he/she violated
HIPAA
$100 per violation, with an
annual maximum of $25,000
for repeat violations (Note:
maximum that can be
imposed by State Attorneys
General regardless of the
type of violation)
$50,000 per violation, with
an annual maximum of $1.5
million
HIPAA violation due to
reasonable cause and not
due to willful neglect
$1,000 per violation, with an
annual maximum of
$100,000 for repeat
violations
$50,000 per violation, with
an annual maximum of $1.5
million
HIPAA violation due to
willful neglect but violation
is corrected within the
required time period
$10,000 per violation, with
an annual maximum of
$250,000 for repeat
violations
$50,000 per violation, with
an annual maximum of $1.5
million
HIPAA violation is due to
willful neglect and is not
corrected
$50,000 per violation, with
an annual maximum of $1.5
million
$50,000 per violation, with
an annual maximum of $1.5
million
Source: http://www.ama-assn.org//ama/pub/physician-resources/solutions-managing-your-practice/coding-billing-insurance/hipaahealth-
insurance-portability-accountability-act/hipaa-violations-enforcement.page