1 / 17

HIPAA Privacy and Security Overview

HIPAA Privacy and Security Overview. Privacy and Confidentiality Presented by Jennifer McManis-Privacy Officer. PRIVACY. HIPAA-Privacy Rule Health Insurance Portability and Accountability Act of 1996 Protects Patients privacy Supports our value of respecting patients’ interest

zinna
Download Presentation

HIPAA Privacy and Security Overview

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. HIPAA Privacy and Security Overview Privacy and Confidentiality Presented by Jennifer McManis-Privacy Officer

  2. PRIVACY • HIPAA-Privacy Rule • Health Insurance Portability and Accountability Act of 1996 • Protects Patients privacy • Supports our value of respecting patients’ interest • Restores the public’s faith in each of us as healthcare professionals, and in our institution

  3. Privacy • Examples of PHI • Encounter/visit documentation • Lab Results • Appointment dates/times • Invoices/EOBs • Radiology Films and reports • History and Physicals, etc • Photographs

  4. HIPAA Myths • One doctor’s office cannot send medical records of a patient to another doctor’s office without that patient’s consent • You are prohibited from doctor/patient emails • A patient’s family member can no longer pick up prescriptions for the patient • Patients can sue health care providers for not complying with the HIPAA Privacy regulations

  5. HIPAA Myths • If a patient refuses to sign an acknowledgement stating they have received a notice of privacy practices, then you can or must refuse to provide services • You cannot share information with the patient’s family without the patient’s express consent • You can no longer fax PHI

  6. HIPAA Myths • You can no longer call patients by their name in the reception area • You can no longer have sign in sheets • You can not send billing statements with your name on the envelope • Files may not be left in any place at night except locked chart rooms • If you have fewer than 10 employees your are exempt from HIPAA

  7. PRIVACY • HIPAA Privacy Safeguards • Protect patient confidentiality • When in doubt don’t give it out! • Do not discuss patients in the cafeteria or elevator • Do not access Protected Health Information (PHI) unless you need to know in order to perform a function of your job • Do not access your own PHI on NextGen or a paper record unless you have signed a request for access

  8. PRIVACY • HIPAA PRIVACY SAFEGAURDS • Computer monitors/screens position out of public view • Lock your computer screen when not at your desk • Do not place PHI in regular trash • Rip, shred, or otherwise dispose of identifiable health information • Use a cover sheet when faxing PHI • Staff discussion of PHI held in areas where conversation is not easily overheard • Do not share passwords or logons

  9. Privacy • Patient Rights • Access • Alternative Communications • Amendments • Restrictions • Accounting of Disclosures • Notice Of Privacy Practices • Privacy Complaints

  10. Security • Key Element of protecting patient’s PHI is the maintenance of security for the computer systems which houses and transmits ePHI (electronic protected health information) • Control Access to ePHI • Email Security • Audit Trails

  11. Breach Notification Requirements • Report all Breaches to your Privacy Officer • Even the “oops” • All Breaches must be investigated to determine if it is necessary to notify the patient • All Breaches that require patient notification are reported to the Office for Civil Rights annually

  12. Privacy Violations • Faxing to the wrong individual/location • Wrong “sticky” patient label placed on a document, then it is handed to the wrong patient • Lab results sent to the incorrect provider • Disposing of prescription bottles in the trash without removing the patient label • Not allowing a patient access to their medical records

  13. Privacy Violations • Patient requested we send 2006 test results to another provider. In addition to the 2006 results, 2004 and 2005 results were released • Wrong Patient Name placed on prescription and given to the wrong patient • Patient records were sent to the wrong insurance company

  14. Privacy: Release of Information • When is an Authorization not Required? • Treatment • Payment • Healthcare Operations • Required by Law • Release only Minimum Necessary

  15. Privacy: Release of Information • Verify Identity • Family and Friends • Divorced Parents • Legal Guardians • Step-Parents • Foster Parents

  16. HIPAA: Questions?????????

More Related