2. Understanding HIPAA
(What is HIPAA?)
HIPAA is Health Insurance Portability and Accountability Act which is the laws
that is in place to protect PHI (Personal Health Information
Requires the Department of Health to adopt national standards for electronic
health care transactions, unique health identifiers and security
Congress incorporated within HIPAA, provisions that mandated the adaption of
Federal Privacy protection for individually identifiable health information
3. Identifying PHI
PHI stands for Protected Health Information. It is the protection of individually
identifiable health information. Individually identifiable health information is that
which can be linked to a particular person. Specifically, this information can relate
to:
•The
individual's past, present or future physical or mental health or condition,
•The
provision of health care to the individual, or,
•The
past, present, or future payment for the provision of health care to the
individual.
Common identifiers of health information include names, social security numbers,
addresses, and birth dates.
4. Ways to safeguard PHI
Periodically change of access codes for all individual that have access to PHI
Choose a password that has no relevance to you personally or that can be
easily compromised
Only access information that is relevant to your specific job
If patient information is seen or heard in the course of doing the job that is
not need to know, remember that this information is confidential. You are not
permitted to repeat it or share it with others - even friends, family, or other
employees who do not have a need to know it.
5. Workplace violations
Health care employees abuse position and access PHI unauthorized
Views private and confidential information despite HiPPA training
You are only permitted to access and use patient information as it relates to
your job. If you see or hear patient information in the course of doing your
job that you do not need to know, remember that this information is
confidential. You are not permitted to repeat it or share it with others - even
friends, family, or other employees who do not have a need to know it.
6. Steps to avoid unauthorized access by
employees
Initiate regular HIPPA training to remind employees of that accessing PHI is a
federal violation which can lead to a host of consequences
Initiate pop-up screens with reminders every time a user requests PHI
Inform employees that electronic medical records are audited on a regular for
inappropriate access
Vocalize sanctions for violators
Periodically require Privacy quiz to be able to access