Recommended
More Related Content
What's hot
What's hot (19)
Similar to Confidentiality and HIPAA Privacy
Similar to Confidentiality and HIPAA Privacy (20)
Recently uploaded
Recently uploaded (20)
Confidentiality and HIPAA Privacy
- 1. Confidentiality SHERRYL LINKOUS MHA 690 – HEALTH CARE CAPSTONE INSTRUCTOR: DR. JEFFREY TRASK JUNE 2, 2016
- 2. Overview • Introduc*on • HIPAA Privacy Rule • Unauthorized Access / Breaches • Penal*es for Viola*ng HIPAA • What can we do? • Summary
- 3. Have the urge to look at a patient’s medical record?
- 4. HIPAA Privacy Rule § Federal Law § Applies to health plans, health care clearinghouses, healthcare professionals § Protected Health Informa*on (PHI) § Employees may access PHI ONLY when necessary to perform their job-‐related du*es.
- 5. Unauthorized Access / Breaches § Access must be authorized § Pa*ent Confiden*ality Breach in UCLA Hospital § Hospital failed to take adequate steps to protect pa*ent confiden*ality § Incident led to termina*ons, suspensions, warnings of over 120 employees
- 6. Penalties § Civil penal*es of $100 per viola*on § Maximum civil penal*es of $25,000 per year, per person, per standard § Criminal penal*es for willful offenses of $50,000 to $250,000 and imprisonment § Addi*onal penal*es under state law § Lawsuits § Unaware or “not knowing” is not valid excuse and s*ll punishable
- 7. What can we do? § Know the organiza*on’s policy on Pa*ent Confiden*ality and adhere to them § Your responsibility to report any privacy/security breaches involving PHI § Implement administra*ve, technical, and physical safeguards required by the HIPAA privacy and security rule § Recurrent organiza*on training on HIPAA and steps to safeguard PHI § Protect all means/forms that contain PHI – files, computers, etc.
- 8. What can we do? § DO keep computer sign-‐on codes and passwords secret, and DO NOT allow unauthorized persons access to your computer. Also, use locked screensavers for added privacy. § DO keep notes, files, memory s*cks, and computers in a secure place, and be careful NOT to leave them in open areas outside your workplace, such as a library, cafeteria, or airport. § DO NOT place PHI or PII on a mobile device without required approval. DO use encryp*on when sending or storing PHI or PII on mobile devices, including “thumb” or “flash” drives. § DO hold discussions of PHI in private areas and for job-‐related reasons only. Also, be aware of places where others might overhear conversa*ons, such as in recep*on areas. § DO make certain when mailing documents that no sensi*ve informa*on is shown on postcards or through envelope windows, and that envelopes are closed securely. § DO follow procedures for the proper disposal of sensi*ve informa*on, such as shredding documents or using locked recycling drop boxes. § When sending an e-‐mail, DO NOT include PHI or other sensi*ve informa*on such as Social Security numbers, unless you have the proper wricen approval to store the informa*on and use encryp*on.
- 9. Summary § It is everyone’s responsibility to protect pa*ent’s confiden*ality § So again, do you have the urge to look at a pa*ent’s medical record?
- 10. References Greene, A. H. (2012, April). HIPAA Compliance for Clinician Tex*ng. Journal of AHIMA , pp. 34-‐36. Retrieved from hcp://library.ahima.org/doc?oid=105342#.V020n-‐pf17g HHS.gov. (2016). Health Informa2on Privacy . Retrieved March 30, 2016, from The HIPAA Privacy Rule: hcp://www.hhs.gov/hipaa/for-‐professionals/privacy/ HIPAA. (2009). Beyond the HIPAA Privacy Rule: Enhancing Privacy, Improving Health Through Research. Retrieved October 30, 2014, from hcp://www.ncbi.nlm.nih.gov/books/NBK9571/ #_ncbi_dlg_citbx_NBK9571 HIPAA. (2014). HIPAA Viola2ons. Retrieved May 6, 2015, from Healthcare Business and Technology: hcp://www.healthcarebusinesstech.com/hipaa-‐viola*ons/