140 likes | 270 Views
ETCH Confidentiality and HIPAA Annual Review. What you need to know. The Privacy Rule. What is HIPAA?. H ealth I nsurance P ortability and A ccountability A ct of 1996 (HIPAA).
E N D
ETCH Confidentiality and HIPAA Annual Review What you need to know. The Privacy Rule
What is HIPAA? • Health Insurance Portability and Accountability Act of 1996 (HIPAA). • Originally designed to set healthcare industry standards for electronic transmission of data about paying and collecting claims. • HIPAA applies to ETCH because we electronically transmit health information.
Why HIPAA ? • Protects patient privacy • Limits how personal health information can be used • Lets patients know what their rights are • Improves healthcare • Standardizes information processing • Improves security when transmitting health information • Allows patients to… • Access health records easily • Make corrections to health records • Know how their private information is being or may be used
The HIPAA Privacy Rule • Protection for “individually identifiable health information”. • Uses the term Protected Health Information, referred to as PHI • PHI is all types of health information that is: electronically transmitted or stored (patient database, patient records or billing information), or in paper form or verbal communications. • Failure to follow these rules can result in: • Fines for each offense up to $25,000 per year • Individual fines or prison time for offending person
What is PHI…? • PHI is any information that would let somebody identify a patient - written, spoken or electronic. • Name, ID #, information about his/her health: • X-rays, lab reports, test results, prescriptions, health insurance claims, billing records, doctors notes, letters
More on PHI • Information that gives any details about who a person is. • Name, all or part of an address, phone or fax #, date of birth, admission or discharge date. • Any of those items by themselves might NOT lead to identification of a patient, but when combined together can used for that purpose. • Know where PHI can be seen or heard. • Nursing stations, room signs, computer monitors, trash, fax, phone or mail.
What we do… • Tell patients and families about their privacy rights • Must be done upon admission • Train employees on privacy policy • Done at orientation • Annual NetL review • Make certain patient information stays private • Ask if needed in an effort to be certain • Safeguarding our computers and access to PHI • Directories and computer access to PHI is assigned via job description • NEVER share your passwords, keep monitors turned away from public view • Log off when leaving a computer
What we do… • Speak quietly or use a private space when verbally passing information. • Use only a part of a patient’s name when in public places. • Shred documents that may contain PHI. • Lock rooms, files when necessary. • Knock on patient doors prior to entering, respect a family’s request to leave a door open or closed.
Don’t let this happen Bystander Did you know the Johnson boy in room 213 has abnormal test results and is having surgery tomorrow? Yeah…it’s a real shame. His name is Bobby. His family does not have insurance and they are on government assistance. I hear they filed bankruptcy, and may lose their house.
When to use or disclose PHI? • When to share PHI with staff… • ONLY the minimum information needed to do your job • ONLY on a need to know basis • When to share PHI with patients/families • When they request the information themselves • When they give permission to share with family or friends • IF the Department of Human Services needs it to determine if the Privacy Rule is being followed • If you are unsure, do not share and seek assistance • Do not let the Privacy Rule keep you from treating the patient properly. • Privacy rule DOES allows us to share PHI to effectively treat patients and conduct proper billing Patients and families have the right to restrict the use or disclosure of PHI
Incidental disclosure of PHI • Occurs when PHI is seen or heard by someone who does not need to know. • ETCH has taken appropriate steps to limit sharing of private information. • These do not have to be eliminated entirely, but actions MUST be taken eliminate and limit them.
ETCH Privacy Policy-ADMIN O118 • Click picture on left to view policy. • Please review this policy now. Questions will follow on the test.
A good rule to work by… When making a decision about sharing PHI… IF IN DOUBT DON’T GIVE IT OUT Seek assistance if you are unsure!