Hipaa basics.pp2
-
Upload
martykoepke -
Category
Business
-
view
1.131 -
download
0
description
Transcript of Hipaa basics.pp2
![Page 1: Hipaa basics.pp2](https://reader034.fdocuments.net/reader034/viewer/2022051818/54bb79a54a79595f4d8b456c/html5/thumbnails/1.jpg)
THE BASICS OF HIPAA
![Page 2: Hipaa basics.pp2](https://reader034.fdocuments.net/reader034/viewer/2022051818/54bb79a54a79595f4d8b456c/html5/thumbnails/2.jpg)
HIPAA: WHAT IS IT?
• HIPAA does the following: • Creates standards for protecting the privacy of
health information • Creates standards for the security of health
information • Creates standards for electronic exchange of
health information
![Page 3: Hipaa basics.pp2](https://reader034.fdocuments.net/reader034/viewer/2022051818/54bb79a54a79595f4d8b456c/html5/thumbnails/3.jpg)
WHAT IS COVERED BY HIPAA?
• Protected Health Information The HIPAA privacy rule covers and sets standards for the collecting, sharing and storing of a person’s Protected Health Information, or PHI, for short. PHI is information that:
• Relates to past, present or future physical or mental health or condition, payments and provisions about healthcare.
• Identifies the individual in a personal way. • Provides a reasonable basis to be used to identify the
individual. • Is created or received by a Covered Entity.
![Page 4: Hipaa basics.pp2](https://reader034.fdocuments.net/reader034/viewer/2022051818/54bb79a54a79595f4d8b456c/html5/thumbnails/4.jpg)
WHAT IS PRIVATE HEALTH INFORMATION?
Protected health information (PHI) is: • Individually identifiable health information • Transmitted or maintained in any form or medium by a
Covered Entity or its Business Associate • Health information, including demographic information • Relates to an individual’s physical or mental health or
the provision of or payment for health care • Identifies the individual
![Page 5: Hipaa basics.pp2](https://reader034.fdocuments.net/reader034/viewer/2022051818/54bb79a54a79595f4d8b456c/html5/thumbnails/5.jpg)
TYPES OF PHI
• Billing Information • Medical Insurance Forms • Prescriptions • Patient Charts/Records (Paper or Electronic)
![Page 6: Hipaa basics.pp2](https://reader034.fdocuments.net/reader034/viewer/2022051818/54bb79a54a79595f4d8b456c/html5/thumbnails/6.jpg)
WHAT DOES HIPAA APPLY TO?
• Forms • Spoken Communication • E-mails • Faxes
![Page 7: Hipaa basics.pp2](https://reader034.fdocuments.net/reader034/viewer/2022051818/54bb79a54a79595f4d8b456c/html5/thumbnails/7.jpg)
PROTECTING PHI WITH HIPAA MEANS:
• Removal of certain identifiers so that the individual who is subject of the PHI may no longer be identified
• Application of statistical method or • Stripping of listed identifiers such as:
• Names • Geographic subdivisions < state • All elements of dates • SSNs
• Not discussing PHI with anyone, other than those directly responsible for providing health care (provider, clinician, technician, etc.)
![Page 8: Hipaa basics.pp2](https://reader034.fdocuments.net/reader034/viewer/2022051818/54bb79a54a79595f4d8b456c/html5/thumbnails/8.jpg)
PATIENT’S RIGHTS
• Patients have the right to obtain and amend their PHI to: Request restrictions on uses and disclosures, Request more confidential communications, Receive an accounting of disclosures, Complain about privacy violations
• Use and disclosure of PHI: Patients have the right to know how their PHI Patients are entitled to know how their PHI will be
used and who will receive their PHI. • Patients have a right to see privacy disclosures regarding
their PHI
![Page 9: Hipaa basics.pp2](https://reader034.fdocuments.net/reader034/viewer/2022051818/54bb79a54a79595f4d8b456c/html5/thumbnails/9.jpg)
SPECIAL RULES OF HIPAA
• Special rules for certain types of entities: • Some Covered Entities have additional privacy
regulations covering areas like directories, marketing and fund raising.
• Administrative requirements of Covered Entities may keep details record-keeping and procedural compliance issues.
![Page 10: Hipaa basics.pp2](https://reader034.fdocuments.net/reader034/viewer/2022051818/54bb79a54a79595f4d8b456c/html5/thumbnails/10.jpg)
ENFORCEMENT OF HIPAA
• There are potential penalties and fines for noncompliance. • Penalties start at $100, and can be as strict as $25,000 per year
• If an employee or patient makes a complaint, it will be investigated, and if necessary, subsequent corrective action will follow.
• Covered Entities or programs will have a process to receive and investigate complaints.
![Page 11: Hipaa basics.pp2](https://reader034.fdocuments.net/reader034/viewer/2022051818/54bb79a54a79595f4d8b456c/html5/thumbnails/11.jpg)
ANTI-RETALIATION POLICY
• Retaliation against anyone who may file a complaint is strictly prohibited
• Individuals may file a complaint with either the Covered Entity or the U.S. Department of Health and Human Services.
![Page 12: Hipaa basics.pp2](https://reader034.fdocuments.net/reader034/viewer/2022051818/54bb79a54a79595f4d8b456c/html5/thumbnails/12.jpg)
REASONABLE PHYSICAL AND TECHNOLOGICAL SAFEGUARDS
• Telephones – How do you know the person you are talking to is authorized to receive an employee’s PHI?
• Disposing of PHI – When you dispose of PHI (both hard copy and electronic) how can you be certain that it is appropriately destroyed?
• E-mail – How can you be sure PHI is secure when it’s sent via e-mail?
• Fax machines – When faxing PHI, how can you be sure the right person will read it on the other end?
• Mail – Sending PHI through the mail may have restrictions.
• Storing PHI – Safeguarding PHI on computer databases, file cabinets, even laptop computers will have to follow procedure.
![Page 13: Hipaa basics.pp2](https://reader034.fdocuments.net/reader034/viewer/2022051818/54bb79a54a79595f4d8b456c/html5/thumbnails/13.jpg)
WHAT DOES THIS MEAN TO YOU?
• Do not let anyone use your username and password • Log off of your computer, when you walk away from it, • Do not use anyone else’s username and password • Do not discuss private health information of any patient outside of
the care setting • Do not discuss private health information of any patient with
someone other than a direct care giver • Do not look up any health records, unless it is a patient under your
care and the information is for the purpose of providing patient care • Do not look up your own private health information