H I P A A
description
Transcript of H I P A A
-
H I P A ASandy L. Hunter M.A. Ed, NREMT-P
-
What?HIPAA stands for the Health Insurance Portability and Accountability ActHIPAA is a Federal law passed in 1996
-
Covered? The EMC Program is NOT a covered entity.. but
-
Covered? Our students WILL function within covered entities. So
-
Covered? We need to cover this information.
-
HIPAASpecifies what is required to protect the security and privacy of personally identifiable health care information (PHI)Applies to most health care providers, including ambulance services
-
HIPAAs Major ProvisionsElectronic Transactions and Code Sets (TCS)Security Privacy
-
Transaction RuleRequires providers to submit electronic claims in standard formats approved by HHSExamples: ICD-9 CodesHCPCS CodesOther designated code sets
-
Centers for Medicare and Medicaid Services Common Procedure Coding System (HCPCS)
-
Transaction RuleRequires payors to accept transactions in the standard formats
-
Security RuleWill require covered entities to protect against unauthorized access and interception of PHIExpected to require use of encryption technology and other safeguards
-
Security RuleThere must be appropriate administrative, technical, and physical safeguards to protect the privacy of protected health information.
-
Security RuleExamples:Locking up run formsRole based accessComputer passwords
-
Security RuleExamples:Adding security statements to e-mails and faxesSecuring computers and fax machines
-
The Privacy Rule
Why is this an issue?
-
Privacy?Emergency Transportation
-
Privacy?ACLS.
-
Privacy?Intubation
-
Privacy?
W.M.D.
-
The Privacy Rule
-
The Requirements Notifying patients about their privacy rightsAdopting and implementing privacy proceduresTraining employees in privacy practices
-
The Requirements Designating a Privacy OfficerSecuring patient records and limiting access to them
-
What to ProtectAny information that can identify a patient that relates to their physical or mental health
-
What to ProtectProtected Patient Health Information (PHI)
-
What to ProtectIncludes written, verbal, electronic, photographic, etc.
-
Sources or PHIRun sheetsDispatch logsBilling formsIncident reports
-
Sources or PHIPersonal notes VideotapesInternet picturesConversations
-
Sources or PHIHospital recordsTransfer paperworkAmbulance certification lettersAny others???????
-
There are the three times you can divulge PHI without the patients authorization.
-
TreatmentPayment Health Care Operations (like QA)
-
Scenarios.
-
OK You are the supervisor today.
-
You are on a call when a first-responder asks you for information to complete their run sheet. Can you give them PHI?
-
Yes? orNo?
-
Yes. You absolutely can give them this information. It is permissible because they aided in the TREATMENT.
-
Actually you can give it to them because the FR aided in providing TREATMENT.
-
You are at the scene of a car crash when a police officer stops directing traffic to ask if the patient is drunk. Can you give the information?
-
Yes? orNo?
-
Well actually there are two problems here. One is that the patients medical condition is confidential. What is the other?
-
The other is that you cant call the patient drunk without a legal test.
-
No. Is Correct! The officer was not in on the TREATMENT so (in general) they cant have the information. Plus.
-
You cant call the patient drunk without a legal test.
-
You are on a call where you suspect a child has been abused. Can you report that to anyone?
-
Yes? orNo?
-
Yes. KRS 620.030 - 620.050 requires you to report it.
-
No is actually the wrong answer because KRS 620.030 - 620.050 requires you to report it.
-
You have completed your patient care report (that has NO patient identifiers on it). Do you have to physically secure that form?
-
Yes? orNo?
-
Yes. That is the policy of the program and it just makes good sense!
-
No? Well, yes you do have to secure it. It is the policy of the program and it just makes good sense!
-
You are at a hospital to pick up a patient for transfer. The staff says they cannot give you ANY information on the pt. because of HIPAA.
-
They are:Right?orWrong?
-
The staff may think this is true but actually they can and SHOULD give any pertinent information to you.
-
This includes face sheets and medical information that may be pertinent (like allergies and medications).
-
Wrong is the correct answer. The staff can and SHOULD give you any pertinent information.
-
This includes face sheets and medical information that may be pertinent (like allergies and medications).
-
You transported a cardiac patient to the ER. Your partner tells you to get the patient to sign the privacy notice . It is required.
-
Your partner is:Right? orWrong?
-
If this had been a non-emergency patient it would have been. It is not required for emergency patients. However
-
You should leave the information with the patients chart or family.
-
This is the right answer. This was an emergency patient and therefore it is not required.You will need to document the reason it was not signed.
-
While transporting a patient to the ER, you decide to call in a report. Your partner says Dont give out any patient information!
-
Are you allowed to give out PHI over the radio or telephone?
-
Yes? orNo?
-
Yes You certainly may BUT you should use the most secure method possible.And only give whats needed.
-
Your partner needs to learn more about HIPAA. You certainly may give out and receive this information over the airwaves.
-
You are invited to participate in a CISD session. When you arrive none of the participants are willing to talk about the call.
-
They are all afraid that HIPAA prevents them from talking. ---- Can they talk about it?
-
Yes? orNo?
-
Actually, they can talk but they should follow the minimum necessary rule.
-
You respond to a disaster scene. The local Red Cross representative wants to access PHI to identify victims. Can you divulge it?
-
Yes? orNo?
-
Yes, you are expressly allowed in this event to do so.
-
Actually. you are expressly allowed in this event to do so.
-
You are a student who has just finished a call. An ER nurse asks you to give him a verbal report of the call. Can you give the report?
-
Yes? orNo?
-
Yes, if the nurse is involved in the patients care BUT you should do it in a way that bystanders do not hear the information needlessly.
-
You may give the report if the nurse is involved in the patients care. BUT you should do it in a way that bystanders do not hear the information needlessly.
-
You are a student who has just finished a call. An ER ward clerk asks for patient information so they can complete the billing form. Can you give the information?
-
Yes? orNo?
-
Yes, you may give it to help the hospital complete its billing BUT you should do it in a way that bystanders do not hear the information needlessly.
-
You may give the report to help the hospital complete its billing. BUT you should do it in a way that bystanders do not hear the information needlessly.
-
You are meeting with your preceptor back at the station. She wants to go over the call with you to see if you have any questions. Is this permitted?
-
Yes? orNo?
-
Yes, you may. You two were involved in the call and this is for QA, educational purposes. Remember the minimum necessary rule.
-
You are allowed to do this but remember to follow the minimum necessary rule.
-
You are on a personal trip when you come across a medical emergency. After stopping to help, you ask EMS for a copy of the run report for your records. Is this OK?
-
Yes? orNo?
-
They can give the information that is necessary. However, this is tricky. EMS should get your information in case there is a blood borne pathogen issue.
-
They should not just give you a copy of the run report as a private citizen.
-
They may give you minimally necessary information. This is probably not a copy of the entire report.
-
You decide to ride with a service as a visiting third-rider. During your shift the crew responds to a great car crash. Can you take pictures of the car (not the patient)?
-
Yes? orNo?
-
Not if it could identify the patient.
-
You are at work when a process server delivers a subpoena for you to testify in civil case. Can you divulge privileged information in the case?
-
Yes? orNo?
-
Yes. A court may compel you to testify.
-
Actually a court may compel you to testify.
-
What ifs?
-
What if?If you are asked to allow a patient to see their own PHI. What should you do?
-
What if?You should direct them to the Privacy Officer of the agency.
-
What if?Do not give out PHI without authorization!
-
What if?If you are using a computer that contains PHI, how should you protect that information?
-
What if?Virus protectionPasswordsHide the screen
-
What if?Sanctions can includeWarningsSuspensionsTermination of relationshipFailing grades
-
The Golden Rule of HIPAA:
What You See Here What You Hear Here When You Leave Here Let It Stay Here!
2003, Page, Wolfberg & Wirth, LLC.
-
Any Questions?
-
Thank [email protected]