Presentation is loading. Please wait.

Presentation is loading. Please wait.

Board of Directors – March 24, 2016 Denise Mannon, AHFI, CHPC Corporate Compliance Officer.

Published byKevin Small Modified over 8 years ago

Similar presentations

Presentation on theme: "Board of Directors – March 24, 2016 Denise Mannon, AHFI, CHPC Corporate Compliance Officer."— Presentation transcript:

1 Board of Directors – March 24, 2016 Denise Mannon, AHFI, CHPC Corporate Compliance Officer

2 HEALTH INSURANCE PORTABILITY & ACCOUNTABILITY ACT OF 1996 Enacted at 42 U.S.C. § 201 et seq. (42 U.S.C. 1320d-2) to create a national framework for privacy, security and transmission standards. HIPAA requires appropriate safeguards to protect the privacy of personal health information, sets limits & conditions on the uses & disclosures that may be made of such information, and gives patients rights over their health information, including the right to request corrections. http://aspe.hhs.gov/admnsimp/pl104191.htm 42 U.S.C. § 201 2

3 Security The HIPAA Security Rule concentrates on the physical safeguards related to information. CenterPoint has in place administrative, technical and physical safeguards to protect the confidentiality, integrity, and security of consumer information. Examples of those safeguards are: Servers and mainframes in a separate locked room Email encryption Keypunch access to areas Locked file cabinets Passwords (changed frequently) Antivirus and anti-spy software Policies against maintaining consumer data on portable hard drives or flash drives Debbie Lanning is the Security Officer who receives reports of a physical breach The Security Rule is located at 45 C.F.R. Part 160, & 45 C.F.R. Part 164, Subparts A & C 3

4 Privacy The HIPAA Privacy Rule establishes national standards to protect individuals’ medical records and other personal health information. The Privacy Rule is located at 45 C.F.R. Part 160, and 45 C.F.R Part 164, Subparts A & E 4

5 What is Protected by the Privacy Rule? The Privacy Rule protects all “individually identifiable health information” (IIHI) held or transmitted by a covered entity or its business associate in any form. Under HIPAA, IIHI is information that: Relates to an individual’s physical or mental health, the provision of health care to the individual, or the payment for the individual’s health care; Identifies, or could reasonably be used to identify, the individual; and Is created or received by a covered entity. The information can be in Electronic, Paper, or Oral Form 5

6 So What All Do I Need To Worry About? IIHI is more than just a name or address, it is any health information that can be used to identify a consumer, whether living or deceased, and relates to the consumer’s past, present, or future physical or mental health. Any of the following are considered IIHI: Patient names Patient Addresses Dates of Services/Appointments Telephone Numbers Social Security Numbers Photographs E-Mail Addresses 6

7 Disclosure without Authorization (see NPP) §45 C.F.R. 160, Subpart B & N.C.G.S. §122C ‑ 55(a) To establish financial benefits for the consumer N.C.G.S. § 122C-55(a2) (a3) & (g) Within a Facility N.C.G.S. § 122C-55(h) To the Dept of Corrections; N.C.G.S. § 122C-55(c) Regarding referral to/from a physician or psychiatrist N.C.G.S. § 122C-55(i) For evaluation and management for commitment N.C.G.S. § 122C-55(b) Abuse or danger to self or others N.C.G.S. § 122C-55(d) Regarding suspected abuse or neglect Care coordination; N.C.G.S. § 122C-55(a) Department of Health and Human Services/Division/DMA § 122C-55 Pursuant to Court Orders, but NOT Subpoena’s or Search Warrants § 122C-54(a) 7

8 Disclosures pursuant to Court Orders The HIPAA Privacy Rule permits programs to release information in response to a subpoena if the patient signs a consent permitting release of the information requested in the subpoena or search warrant. When the patient does not consent, a program is prohibited from releasing information in response to a subpoena, unless a court has issued an order that complies with the rule. 8

9 Be a HIPAA Hero ANYONE can file a complaint. It doesn’t have to be the person violated. The US Dept. of Health and Human Services, Office for Civil Rights (OCR) is responsible for administering & enforcing HIPAA Your complaint must: Be in writing, either hard copy or electronic, by mail, fax, or e- mail; Name the covered entity involved & describe the acts or omissions you believe violated the requirements of the Privacy or Security Rule; and Be filed within 180 days of when you knew that the act or omission occurred. If you need help filing a complaint or have a question about the complaint or consent forms CenterPoint can help, or e-mail OCR at OCRMail@hhs.gov. OCRMail@hhs.gov 9

10 Where to Go for More Information : US Dept of Health Human Services http://www.hhs.gov/ocr/privacy/index.html http://www.hhs.gov/ocr/privacy/index.html Substance Abuse Privacy Regulations are found at 42 C.F.R Part 2 http://ecfr.gpoaccess.gov/cgi/t/text/text- idx?c=ecfr&rgn=div5&view=text&node=42:1.0.1.1.2&idno=42http://ecfr.gpoaccess.gov/cgi/t/text/text- idx?c=ecfr&rgn=div5&view=text&node=42:1.0.1.1.2&idno=42 North Carolina State Confidentiality Rules, APSM-45-1 HIPAA Privacy Rules 45C.F.R. Part 160 and 164 Records Management & Documentation Manual, APSM-45-2 North Carolina General Statutes, 122C-51-56 Federal Substance Abuse Rule, 42C.F.R. Part 2 CenterPoint Policies and Procedures 10

Download ppt "Board of Directors – March 24, 2016 Denise Mannon, AHFI, CHPC Corporate Compliance Officer."

Similar presentations

Presented by Elena Chan, UCSF Pharm.D. Candidate Tiffany Jew, USC Pharm.D. Candidate March 14, 2007 P HARMACEUTICAL C ONSULTANTS, I NC. P RO P HARMA HIPAA.

Presented by Elena Chan, UCSF Pharm.D. Candidate Tiffany Jew, USC Pharm.D. Candidate March 14, 2007 P HARMACEUTICAL C ONSULTANTS, I NC. P RO P HARMA HIPAA.
1 The Health Insurance Portability and Accountability Act (HIPAA) A guided tutorial for GVSU employees.

1 The Health Insurance Portability and Accountability Act (HIPAA) A guided tutorial for GVSU employees.
HIPAA Basics November 1, 2014.

HIPAA Basics November 1, 2014.
1. As a Florida KidCare community partner families entrust you to not only help them navigate the Florida KidCare system but to keep the information they.

1. As a Florida KidCare community partner families entrust you to not only help them navigate the Florida KidCare system but to keep the information they.
Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.

Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.
Confidentiality and HIPAA

Confidentiality and HIPAA
HIPAA Privacy Rule Training

HIPAA Privacy Rule Training
Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.

Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.
COBB/DOUGLAS COMMUNITY SERVICES BOARD Confidentiality and Privacy of Consumer Information.

COBB/DOUGLAS COMMUNITY SERVICES BOARD Confidentiality and Privacy of Consumer Information.
National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.

National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.

The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
HIPAA Health Insurance Portability and Accountability Act.

HIPAA Health Insurance Portability and Accountability Act.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
NAU HIPAA Awareness Training

NAU HIPAA Awareness Training
 Original Intent: ◦ Act passed in 1996 with two main goals: 1.Ensure individuals would be able to maintain their health insurance between jobs (the “portability”

 Original Intent: ◦ Act passed in 1996 with two main goals: 1.Ensure individuals would be able to maintain their health insurance between jobs (the “portability”
HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.

HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.
 The Health Insurance Portability and Accountability Act of 1996.  Federal Law designed to protect sensitive information.  HIPAA violations are enforced.

 The Health Insurance Portability and Accountability Act of  Federal Law designed to protect sensitive information.  HIPAA violations are enforced.
COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.

COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.

Similar presentations

Ads by Google