SN
Uploaded bySharon Nemecek
PPTX, PDF210 views

Understanding hipaa

The document provides an overview of HIPAA guidelines for new employees at a medical facility. It explains that HIPAA is a federal law that protects patients' private health information. It establishes standards for authorized access, use and disclosure of protected health information. The summary outlines key aspects of HIPAA like patient authorization required before releasing any health records, limiting use of information to minimum necessary, and imposing security measures like password protection, encryption, and logging of computer access. Employees must complete training on HIPAA policies to ensure strict privacy, confidentiality and security of patient data.

Embed presentation

Downloaded 13 times
Understanding HIPAA Training for new employees
BACKGROUND • The Health Insurance Portability and Accountability Act is a Federal law that was enacted on August 21, 1996 • It is Public Law 104-191 • It was developed by the Department of Health and Human Services • Sections 261 through 264 of this law requires the Secretary of Health and Human Services to publicize standards for the electronic exchange, privacy, and security of health information
What is HIPAA? • It is a Federal law which set up standards that protect patients medical information. • It states that patients have the right to their own personal health records. • It states that health information cannot be used or released without the patient’s authorization
More about HIPAA • It limits the use of personal health information to the minimum for only the purpose it is needed • It imposes administrative requirements that include a designated privacy officer at medical facilities • The privacy officer will conduct HIPAA training and document and implement policies and procedures that will make sure HIPAA guidelines are being followed
PRIVACY • The Privacy Act of 1974 was established to safeguard an individual’s privacy from possible misuse of federal records and to allow individuals access to records that federal agencies maintain about them. • The Privacy Protection and Safety Commission was established to monitor these rights. • Under the United States Constitution each citizen has a right to privacy and to have their personal information protected. • It also protects citizens from invasion of personal privacy.
PRIVACY GUIDELINES • Authorization: Before any health information can be released the patient must sign the “release of information form”. This pertains to the patient requesting their medical records and also requests from other entities, a form must be signed by the patient. • Minimum Necessary: When the completed release of information has been signed by a patient, only release the minimum records necessary for the request, not the complete medical record. • Confidentiality: Under no circumstance should a patient’s medical information be shared outside the office. • Protect Access: Safeguard your work area so unauthorized access to patient’s records is avoided.
Confidentiality • Confidentiality refers to the expectation that information that a patient shares with their medical provider will only be used for their care and only for that purpose • A physician may not disclose any medical information about a patient without the patient’s permission • All employees in a healthcare setting must also maintain the confidentiality of all patients records and reports. • Identification needs to be verified before releasing patient information. • To disclose any information about a patient beyond its intended purpose without the patient’s knowledge and consent is a violation of confidentiality.
SECURITY • The Health Insurance Portability and Accountability Act- HIPAA Omnibus Rule was enacted on January 25, 2013 • The Omnibus Rule broadens the application of HIPAA privacy and security requirements to include both covered entities as well as business associates. • All medical facilities need to implement a security awareness and training program for all employees • Some requirements of this program are:  Security Reminders  Protection from malicious software  Log in monitoring  Password management
SECURITY MEASURES • Always lock your computer when you leave your work area • Do not leave a patient’s medical records unsupervised where they can be accessed by an unauthorized person • Do not open e-mail from suspicious sources to avoid malicious malware from accessing the computer systems • Always wear your employee badge when at work • Choose a strong password for your computer sign-on • When e-mailing personal medical information use encryption • If there are any questions please contact your office manager
E-MAIL GUIDELINES The following guidelines need to be followed when using e-mail at the medical facility: • When a patient e-mails our provider, you will need to educate the patient on the risks of using non-encrypted e-mail • If the patient requests to have reminders e-mailed, they need to be made aware of the risks • Document if the patient gives their approval to send e-mails for communication or reminders • Use the EHR with a patient portal function which is more secure • Use the secure HIPAA compliant e-mail application • Manually encrypt transmitted files
BREACH OF INFORMATION If there has been a breach of security of unprotected health information, the Secretary of Health and Human Services will be notified. • If the breach involves more than 500 people the Secretary must be notified within 60 days. • If the breach involves less than 500 people the Secretary must be notified within 60 days of the end of this calendar year. A notice will be submitted electronically. • A breach could involve a mailing sent out that had personal information that is visible. • Patient personal information like social security, phone number, account numbers, and insurance numbers, etc. should be protected. If you discover a breach of patient information, notify your office manager who will notify the privacy officer so the breach can be verified and handled.
TRAINING VIDEO https://youtu.be/mEu6NGPA0Cg Below is a video that will give you a better understanding of HIPPA and why following the correct procedure in handling patient accounts is so important.
SUMMARY Following HIPAA guidelines is extremely important in a medical facility. Failure to do so could lead to large fines. If you are not sure about something, it is a good idea to ask your office manager or the privacy officer. Remember that the patient’s information is private and they control who see’s it. Remember that any information you handle at our facility should not be discussed when you leave the office. We strive to have our patient’s accounts be accurate and secure. In order to do this, everyone has to work together. Use all safety precautions in your work area and throughout our facility. Your job is very important. Welcome to our team
http://www.medicinenet.com/script/main/art.asp?articlekey=31785 http://www.safetynetcenter.org/sites/default/files/images/6.%20HIPAA%20Sam ple%20Training.pdf http://www.safetynetcenter.org/sites/default/files/images/6.%20HIPAA%20Sam ple% http://www.safetynetcenter.org/sites/default/files/images/6.%20HIPAA%20Sam ple%20Training.pdf http://www.hhs.gov/hipaa/for-professionals/privacy/laws-regulations http://www.hhs.gov/hipaa/for-professionals/security/guidance/index.html http://www.hhs.gov/hipaa/for-professionals/breach-notification/breach- reporting/index.html http://www.foxgrp.com/blog/hipaa-compliant-email/ Sayles, N. B., (2014). Heaht Information Management Technology: An Applied Approach Fourth Edition Resources

More Related Content

PPTX
Hipaa overview 073118
byrobint2125
 
PPTX
facturacion medica
byKarla Rivas
 
PDF
HIPAA and How it Applies to You
byWinston & Strawn LLP
 
PPT
PROCEDIMIENTOS Y MODIFICADORES
byGinnette Reyes
 
PPTX
Introduccion a la Facturación Electrónica
byMilca V. Martínez Vázquez
 
PPTX
HIPAA AND INFORMATION TECHNOLOGY
bymariaradziminski
 
PPTX
nda
byRohit K.
 
PDF
The EU’s Medical Device Regulation
byStefano Bolletta
 
Hipaa overview 073118
byrobint2125
 
facturacion medica
byKarla Rivas
 
HIPAA and How it Applies to You
byWinston & Strawn LLP
 
PROCEDIMIENTOS Y MODIFICADORES
byGinnette Reyes
 
Introduccion a la Facturación Electrónica
byMilca V. Martínez Vázquez
 
HIPAA AND INFORMATION TECHNOLOGY
bymariaradziminski
 
nda
byRohit K.
 
The EU’s Medical Device Regulation
byStefano Bolletta
 

What's hot

PDF
HIPAA for Dummies
byhipaacompliance
 
PPT
Decreto 4747 blog
byCarlosUseche68
 
DOCX
Patient Information System
byKirk Teegardin
 
PPTX
Clinical Evaluation Report.pptx
byAllensmith572606
 
PDF
Risk Based Classification of Medical Devices and grouping
byPaulyne Wairimu
 
PPTX
Clinical research
byPristyn Research Solutions
 
HIPAA for Dummies
byhipaacompliance
 
Decreto 4747 blog
byCarlosUseche68
 
Patient Information System
byKirk Teegardin
 
Clinical Evaluation Report.pptx
byAllensmith572606
 
Risk Based Classification of Medical Devices and grouping
byPaulyne Wairimu
 
Clinical research
byPristyn Research Solutions
 

Similar to Understanding hipaa

PPTX
Presentation hippa
bymaggie_Platt
 
PPTX
HIPAA and Privacy Training
byJasAmataga
 
PPTX
Hipaa training
bymussell
 
PPTX
What is HIPAA and How it is important to all
byNatashaDanielleHudso
 
PPTX
Hipaa privacy rule
bycomplianceonline123
 
PPTX
Hippa compliance training
byscapoccia
 
PPTX
Patient confidentiality 9.26.13
bypneville0629
 
PPTX
Mha690 w1 d2
byLindsey Polich
 
PPTX
Privacy & security training.pptx
byQmcleod
 
PPTX
Privacy & security training.pptx
byQmcleod
 
PPTX
Hipaa 2012
byTina Welch
 
DOCX
Confidentiality 9.26.13
bypneville0629
 
PPTX
Confidentiality
by12ort
 
DOCX
This training program is designed to introduce staff
bysawanda
 
PPTX
Confidentiality in the healthcare system
bypfor2012
 
PPTX
Hipaa presentation
bylakeener
 
PPTX
Shontea shepard hippa training
bysshontea
 
DOCX
Patient confidentilty
bySheena705
 
PPTX
Mha 690 presentation hippa
bybelle0508
 
PPTX
Patient confidentiality training
bySheena705
 
Presentation hippa
bymaggie_Platt
 
HIPAA and Privacy Training
byJasAmataga
 
Hipaa training
bymussell
 
What is HIPAA and How it is important to all
byNatashaDanielleHudso
 
Hipaa privacy rule
bycomplianceonline123
 
Hippa compliance training
byscapoccia
 
Patient confidentiality 9.26.13
bypneville0629
 
Mha690 w1 d2
byLindsey Polich
 
Privacy & security training.pptx
byQmcleod
 
Privacy & security training.pptx
byQmcleod
 
Hipaa 2012
byTina Welch
 
Confidentiality 9.26.13
bypneville0629
 
Confidentiality
by12ort
 
This training program is designed to introduce staff
bysawanda
 
Confidentiality in the healthcare system
bypfor2012
 
Hipaa presentation
bylakeener
 
Shontea shepard hippa training
bysshontea
 
Patient confidentilty
bySheena705
 
Mha 690 presentation hippa
bybelle0508
 
Patient confidentiality training
bySheena705
 

More from Sharon Nemecek

DOCX
Hipaa training plan organizational resources
bySharon Nemecek
 
DOCX
Complete feasibility report
bySharon Nemecek
 
DOCX
Eliminating human errors in medical coding
bySharon Nemecek
 
PPTX
Nemecek presentation
bySharon Nemecek
 
DOCX
All about hypothyroidism
bySharon Nemecek
 
PPTX
Fighting alzheimer’s
bySharon Nemecek
 
Hipaa training plan organizational resources
bySharon Nemecek
 
Complete feasibility report
bySharon Nemecek
 
Eliminating human errors in medical coding
bySharon Nemecek
 
Nemecek presentation
bySharon Nemecek
 
All about hypothyroidism
bySharon Nemecek
 
Fighting alzheimer’s
bySharon Nemecek
 

Recently uploaded

PPTX
OCCULTISM IN JEHOVAH'S WITNESSES' ARTWORK
byDaniel Barnea
 
PDF
BÀI GIẢNG POWERPOINT CHÍNH KHÓA PHIÊN BẢN AI TIẾNG ANH 6 CẢ NĂM, THEO TỪNG BÀ...
byNguyen Thanh Tu Collection
 
PDF
Agents in Artificial Intelligence: Types, Architecture and Real-World Examples
byARTHIDEVARANIP
 
PDF
CHUYÊN ĐỀ ÔN LUYỆN TUYỂN SINH 9 LÊN 10 - MÔN TOÁN - CÓ LỜI GIẢI CHI TIẾT - TH...
byNguyen Thanh Tu Collection
 
PDF
Overview of Ethiopian Agriculture: Systems and Economic Impact.pdf
byinebaseifu
 
PPTX
Introduction Pharmacotherapeutics _ PT1 2026.pptx
byRavinandan A P
 
PDF
19 January 2026 Andreas Schleicher Digital Education Outlook 2026.pdf
byEduSkills OECD
 
DOCX
COMMUNITY HEALTH NURSING OSCE CHECKLIST.docx
byGeetha S R
 
PDF
The Unique Wildlife of Ethiopia: From the Simien to the Bale Mountains
byfirtunagebremicheal
 
PPTX
Electric Charges and Fields 25.pptx notes of lecture 25 by lakshay neet 2026 2.0
byhh3360156
 
PPTX
ANTISEPTICS AND DISINFECTANTS CHAPTER NO.05.pptx
byGanu Gavade
 
PPTX
Complete Overview of Shopfloor in Odoo 18
byCeline George
 
PDF
Bedah Permendikdasmen Nomor 6 Tahun 2026_Budaya Sekolah Aman dan Nyaman_Rev.pdf
byHappyLaila
 
PPTX
Complete Overview of Roles in Odoo 18 Planning
byCeline George
 
PPTX
Redox Titration - Oxidation and Reduction
byKhushbu Shah
 
PPTX
Nanomaterials and its types - Dr.M.Jothimuniyandi
byJothimuniyandi
 
PPTX
Allow Quantity Modification in Combo in Odoo 19 pos
byCeline George
 
PPTX
ART aPPRECIATION - Lesson 1 AND 2 COVERAGE
byChristineVallenteArc1
 
PPTX
Introduction of Carbohydrates - Dr.M.Jothimuniyandi
byJothimuniyandi
 
PPTX
ANTI- RHEUMATICS CHAPTER NO.05 PHARMACOGNOSY
byGanu Gavade
 
OCCULTISM IN JEHOVAH'S WITNESSES' ARTWORK
byDaniel Barnea
 
BÀI GIẢNG POWERPOINT CHÍNH KHÓA PHIÊN BẢN AI TIẾNG ANH 6 CẢ NĂM, THEO TỪNG BÀ...
byNguyen Thanh Tu Collection
 
Agents in Artificial Intelligence: Types, Architecture and Real-World Examples
byARTHIDEVARANIP
 
CHUYÊN ĐỀ ÔN LUYỆN TUYỂN SINH 9 LÊN 10 - MÔN TOÁN - CÓ LỜI GIẢI CHI TIẾT - TH...
byNguyen Thanh Tu Collection
 
Overview of Ethiopian Agriculture: Systems and Economic Impact.pdf
byinebaseifu
 
Introduction Pharmacotherapeutics _ PT1 2026.pptx
byRavinandan A P
 
19 January 2026 Andreas Schleicher Digital Education Outlook 2026.pdf
byEduSkills OECD
 
COMMUNITY HEALTH NURSING OSCE CHECKLIST.docx
byGeetha S R
 
The Unique Wildlife of Ethiopia: From the Simien to the Bale Mountains
byfirtunagebremicheal
 
Electric Charges and Fields 25.pptx notes of lecture 25 by lakshay neet 2026 2.0
byhh3360156
 
ANTISEPTICS AND DISINFECTANTS CHAPTER NO.05.pptx
byGanu Gavade
 
Complete Overview of Shopfloor in Odoo 18
byCeline George
 
Bedah Permendikdasmen Nomor 6 Tahun 2026_Budaya Sekolah Aman dan Nyaman_Rev.pdf
byHappyLaila
 
Complete Overview of Roles in Odoo 18 Planning
byCeline George
 
Redox Titration - Oxidation and Reduction
byKhushbu Shah
 
Nanomaterials and its types - Dr.M.Jothimuniyandi
byJothimuniyandi
 
Allow Quantity Modification in Combo in Odoo 19 pos
byCeline George
 
ART aPPRECIATION - Lesson 1 AND 2 COVERAGE
byChristineVallenteArc1
 
Introduction of Carbohydrates - Dr.M.Jothimuniyandi
byJothimuniyandi
 
ANTI- RHEUMATICS CHAPTER NO.05 PHARMACOGNOSY
byGanu Gavade
 

Understanding hipaa

  • 1.
  • 2.
    BACKGROUND • The HealthInsurance Portability and Accountability Act is a Federal law that was enacted on August 21, 1996 • It is Public Law 104-191 • It was developed by the Department of Health and Human Services • Sections 261 through 264 of this law requires the Secretary of Health and Human Services to publicize standards for the electronic exchange, privacy, and security of health information
  • 3.
    What is HIPAA? •It is a Federal law which set up standards that protect patients medical information. • It states that patients have the right to their own personal health records. • It states that health information cannot be used or released without the patient’s authorization
  • 4.
    More about HIPAA •It limits the use of personal health information to the minimum for only the purpose it is needed • It imposes administrative requirements that include a designated privacy officer at medical facilities • The privacy officer will conduct HIPAA training and document and implement policies and procedures that will make sure HIPAA guidelines are being followed
  • 5.
    PRIVACY • The PrivacyAct of 1974 was established to safeguard an individual’s privacy from possible misuse of federal records and to allow individuals access to records that federal agencies maintain about them. • The Privacy Protection and Safety Commission was established to monitor these rights. • Under the United States Constitution each citizen has a right to privacy and to have their personal information protected. • It also protects citizens from invasion of personal privacy.
  • 6.
    PRIVACY GUIDELINES • Authorization:Before any health information can be released the patient must sign the “release of information form”. This pertains to the patient requesting their medical records and also requests from other entities, a form must be signed by the patient. • Minimum Necessary: When the completed release of information has been signed by a patient, only release the minimum records necessary for the request, not the complete medical record. • Confidentiality: Under no circumstance should a patient’s medical information be shared outside the office. • Protect Access: Safeguard your work area so unauthorized access to patient’s records is avoided.
  • 7.
    Confidentiality • Confidentiality refersto the expectation that information that a patient shares with their medical provider will only be used for their care and only for that purpose • A physician may not disclose any medical information about a patient without the patient’s permission • All employees in a healthcare setting must also maintain the confidentiality of all patients records and reports. • Identification needs to be verified before releasing patient information. • To disclose any information about a patient beyond its intended purpose without the patient’s knowledge and consent is a violation of confidentiality.
  • 8.
    SECURITY • The HealthInsurance Portability and Accountability Act- HIPAA Omnibus Rule was enacted on January 25, 2013 • The Omnibus Rule broadens the application of HIPAA privacy and security requirements to include both covered entities as well as business associates. • All medical facilities need to implement a security awareness and training program for all employees • Some requirements of this program are:  Security Reminders  Protection from malicious software  Log in monitoring  Password management
  • 9.
    SECURITY MEASURES • Alwayslock your computer when you leave your work area • Do not leave a patient’s medical records unsupervised where they can be accessed by an unauthorized person • Do not open e-mail from suspicious sources to avoid malicious malware from accessing the computer systems • Always wear your employee badge when at work • Choose a strong password for your computer sign-on • When e-mailing personal medical information use encryption • If there are any questions please contact your office manager
  • 10.
    E-MAIL GUIDELINES The followingguidelines need to be followed when using e-mail at the medical facility: • When a patient e-mails our provider, you will need to educate the patient on the risks of using non-encrypted e-mail • If the patient requests to have reminders e-mailed, they need to be made aware of the risks • Document if the patient gives their approval to send e-mails for communication or reminders • Use the EHR with a patient portal function which is more secure • Use the secure HIPAA compliant e-mail application • Manually encrypt transmitted files
  • 11.
    BREACH OF INFORMATION Ifthere has been a breach of security of unprotected health information, the Secretary of Health and Human Services will be notified. • If the breach involves more than 500 people the Secretary must be notified within 60 days. • If the breach involves less than 500 people the Secretary must be notified within 60 days of the end of this calendar year. A notice will be submitted electronically. • A breach could involve a mailing sent out that had personal information that is visible. • Patient personal information like social security, phone number, account numbers, and insurance numbers, etc. should be protected. If you discover a breach of patient information, notify your office manager who will notify the privacy officer so the breach can be verified and handled.
  • 12.
    TRAINING VIDEO https://youtu.be/mEu6NGPA0Cg Below isa video that will give you a better understanding of HIPPA and why following the correct procedure in handling patient accounts is so important.
  • 13.
    SUMMARY Following HIPAA guidelinesis extremely important in a medical facility. Failure to do so could lead to large fines. If you are not sure about something, it is a good idea to ask your office manager or the privacy officer. Remember that the patient’s information is private and they control who see’s it. Remember that any information you handle at our facility should not be discussed when you leave the office. We strive to have our patient’s accounts be accurate and secure. In order to do this, everyone has to work together. Use all safety precautions in your work area and throughout our facility. Your job is very important. Welcome to our team
  • 14.