Presentation is loading. Please wait.

Presentation is loading. Please wait.

Health Insurance Portability and Accountability Act of 1996 (HIPAA)

Similar presentations


Presentation on theme: "Health Insurance Portability and Accountability Act of 1996 (HIPAA)"— Presentation transcript:

1 Health Insurance Portability and Accountability Act of 1996 (HIPAA)
CYFD Implemented Externally in 2003 HIPAA Information Module in FACTS – May 2008

2 What is the HIPAA Privacy Rule?

3 HIPAA New functionality in FACTS includes a module devoted to documenting HIPAA compliance, including Date Notice Given, Acknowledgment and Disclosure of Confidential Information. The following presentation is specific to how HIPAA information is recorded in FACTS Any questions that may arise regarding confidential information and HIPAA restrictions, please contact the HIPAA Privacy Officer, Helen Quintana, at

4 FACTS Outliner After Release 4.0, you may note that there is a new HIPAA icon on the FACTS Outliner. Information included in this section of FACTS will eliminate the need for a HIPAA Case Activity Note.

5 FACTS Outliner When the HIPAA section is opened, all active participants linked to the case are listed. Inactive participants will display if/when they become active.

6 FACTS Outliner When the HIPAA section is opened, all active participants linked to the case are listed. If there are multiple people linked to a case, then there are multiple records listed in HIPAA.

7 HIPAA Information When an individual’s HIPAA record is selected on the FACTS Outliner, the user is brought to the main window of the HIPAA module. The HIPAA privacy notice should be given to clients at first contact during the investigation.

8 HIPAA Information An individual HIPAA record may also be accessed via Case Maintenance, (right click on participant.)

9 Grandfathered Cases If there is a checkmark next to ‘Grandfathered?’, then the case was active (open) sometime from April 13, 2003 to May 2008 (the time of Release 4.0.) ‘Grandfathered?’ indicates the client was in FACTS prior to the HIPAA module. It is assumed the HIPAA Privacy Notice was given to the client and the acknowledgement is in the physical file. NOTE: For any participant, Privacy Notice and Acknowledgement info may be entered in FACTS to document online. Date notice given and acknowledgment info would be helpful if special handling is granted by the privacy officer for an individual.

10 Multi PS/JS Cases? If the Multi PS/JS Cases? box has been checked, then there are multiple open cases for the client in FACTS. Multi PS/JS Cases? may indicate 2 PS cases or 2 JS cases or a combination of PS/JS cases. The HIPAA record is specific to the participant and work recorded from any case, will appear in all cases. (Similar to the Person Management window.)

11 HIPAA Tabs Privacy Notices/ Acknowledgments Disclosures Requests
Documents when the HIPAA packet was provided to the client and when the Receipt of Acknowledgment was received. Disclosures Details when the client’s confidential information was disclosed and to whom. Requests The section for the HIPAA Privacy Officer to record any and all HIPAA restrictions or clarifications.

12 HIPAA Privacy Notices/Acknowledgments Tab
User edited fields: Privacy Notice Date Notice Given to Client Notice Given to Dropdown list of all active participants in the case Reason Notice Not Given Dropdown list of reasons that the HIPAA Privacy Notice was not provided to the client

13 HIPAA Privacy Notices/Acknowledgments Tab
User edited fields: Acknowledgment Received from Client Dropdown values regarding the status of the signed HIPAA Acknowledgment. Date Good Faith Effort Dropdown reasons that the Department was unable to collect the HIPAA Acknowledgment.

14 HIPAA Privacy Notices/Acknowledgments Tab
User edited fields: Worker Information Worker Pre-fills with the worker name Acknowledgment Location A comprehensive dropdown list of CYFD locations / New Mexico Counties Comments Any comments regarding the issuance and acknowledgment of HIPAA related info

15 HIPAA Privacy Notices/Acknowledgments Tab
Buttons OK and Cancel Standard OK and Cancel functionality Copy To Add Void

16 HIPAA Privacy Notices/Acknowledgments Tab
Buttons OK and Cancel Copy To Utilized when Notice is given a Parent/ Guardian/Custodian for the client because the client is under 14 years old. Will copy information from the P/G/C record to minor participants which have been selected in the Copy To Pop-up window. Add Void

17 HIPAA Privacy Notices/Acknowledgments Tab
Copy Procedures Open the HIPAA record for the primary caretaker, complete the privacy notice, acknowledgment section and worker information. Copy to…Select minor children Information will copy (one time only) Copy Feature Does Not Cover Adults or Children age 14 to 18 Individual notice must be given to all adults in the house, if we have protected health information for the adult. Or, if they are responsible for the health information of minor children. HIPAA requires all children (from 14 to 18) to receive individual notice…each individual record must be opened and completed, (if child was not grandfathered.) Additionally if the child was grandfathered (under age 14)…individual notice will be required after age 14.

18 HIPAA Privacy Notices/Acknowledgments Tab
Buttons OK and Cancel Copy To Add Utilized when a Privacy Notice/Acknowledgement has already been recorded in the client’s case and a subsequent Notice/ Acknowledgment was completed. Will create an additional Privacy Notice/ Acknowledgment record. Void Note the scroll bar that has been added to the window, indicating that if utilized up or down, new records will be displayed.

19 HIPAA Privacy Notices/Acknowledgments Tab
Adding Records Once a privacy notice has been completed (notice given and acknowledgment received) it does not expire Newborns are covered under prior notice to mom A subsequent Notice/ Acknowledgment is required to be given the child, when a child turns 14. FACTS will create tickler for workers to give notice and Add a HIPAA record for the child. Note the scroll bar that has been added to the window, indicating that if utilized up or down, new records will be displayed.

20 HIPAA Privacy Notices/Acknowledgments Tab
Buttons OK and Cancel Copy To Add Void Utilized when a Privacy Notice/ Acknowledgment record was created erroneously. Will create a database record of why the Privacy Notice/ Acknowledgment was removed and then delete the contents of the record that the user is in. Note that there are a series of Dropdown selections available for the reason that the record is being removed.

21 HIPAA Privacy Notices/Acknowledgments Tab
Once the HIPAA Privacy Notice/ Acknowledgment Tab has been completed, the date that the Privacy Notice was issued is displayed on the FACTS Outliner

22 HIPAA Disclosures The next Tab in HIPAA Information is the Disclosures tab. Utilized whenever there is a disclosure that falls outside of “normal” HIPAA disclosures that are discussed in the HIPAA Privacy Notice. The Disclosures tab is used to document those instances where special written authorization from the client is required before the Department may proceed with a disclosure of Protected Healthcare Information (PHI).

23 HIPAA Disclosures At CYFD, almost all Protected Healthcare Information (PHI) is collected, used, and disclosed in order to provide necessary services to our clients. HIPAA is not intended to delay or complicate necessary health care and services including basic administrative activities (TPO). Treatment means provision of health care or related services taken to protect clients or to improve their lives Payment means billing Medicaid for CYFD services to clients (central office function) Health Care Operations means general functions including quality assurance reviews, outcome evaluations, coordination of care, training, licensing and certification. HIPAA allows some disclosures of PHI for purposes required by law without client authorization.

24 HIPAA Disclosures Some disclosures required by law must be tracked
If disclosures are made in the presence of the individual client, his personal representative or his attorney, you do not need to obtain an Authorization for the disclosure, you also do not need to track the disclosure. However, if the disclosure is not made in the presence of the individual client, his personal representative or his attorney, you must track the disclosure. Requests of use and disclosure of PHI, for any purpose other than TPO or as required by law, must be forwarded to the Privacy Officer by the employee. These requests generally require and “Authorization” from the client. The Privacy Officer will make the determination and notify the employee. Written authorization from the client is required before the Department may proceed with a disclosure of Protected Healthcare Information (PHI).

25 HIPAA Disclosures Buttons OK and Cancel View Add Void
Utilized whenever there has been an external Personal History Information (PHI) disclosure. Will bring forward the Disclosure Details Pop-up window. Void

26 Disclosure Details Person Receiving PHI Title/ Organization Location
List the name of the person that the information is being disclosed to. Title/ Organization List the person’s title and what organization they are a part of. Location The address of the organization that the person receiving the PHI works for Date PHI Disclosed The date that the disclosure occurred on.

27 Disclosure Details Disclosure Reason PHI Disclosed
A dropdown list of reasons why PHI might be disclosed. PHI Disclosed What kinds of information was disclosed to the person receiving the PHI. If the information being disclosed doesn’t fall into any of the categories listed, there is an “Other” checkbox. If Other is selected, then the user must enter a text description describing what was disclosed. If the user needs more room for this text description, they can select the button located to the right of the Other text box and a Pop-up will appear for expanded text entry.

28 HIPAA Disclosures Once the Disclosure Details Pop-up window has been saved, the user returns to the Disclosures tab, where any PHI disclosures are listed by date they occurred.

29 HIPAA Disclosures Buttons OK and Cancel View Add Void
In order to see the details of any previously entered disclosure, the user can select the View button. The disclosure details of the highlighted case are then displayed. Add Void

30 HIPAA Disclosures Buttons OK and Cancel View Add Void
If disclosure information was erroneously entered for a case, the Void button can be utilized. The Void functionality is the same as the Void button in the Privacy Notices/ Acknowledgment tab. Once completed and saved, the row highlighted in the Disclosures tab is removed.

31 HIPAA Ticklers There will be a HIPAA tickler for new cases in FACTS
There will be individual ticklers for children who are over 14 in new case or in cases where children turn 14.

32 HIPAA request forms are available on the CYFD Intranet.
HIPAA Requests The Requests Tab documents the various types of requests received by the HIPAA Privacy Officer, any decisions made by the HIPAA Privacy Officer regarding these requests, appeals of the HIPAA Privacy Officer’s ruling, and outcomes of the Appeal. If any of these requests are made, the employee is not to instruct the client, but to have the individual fill out the request form and submit it to the Privacy Officer. HIPAA request forms are available on the CYFD Intranet.

33 HIPAA Requests The HIPAA Privacy Officer is the only person who can edit the fields in this tab. For everyone else, this tab is read-only. Once the Privacy Officer completes a request, FACTS will send an to all open worker assignments for the case instructing the worker to view the request tab for specific information.

34 Requests – Sample E-mail

35 HIPAA Requests – Activity - Amendment
There are five types of request activities that are detailed on this tab. The first is a request for an amendment of PHI. CYFD Privacy Officer may approve or deny any requests for amendment of PHI. An individual has the right to request an amendment of PHI or a record about the individual (if they believe that the information contained in the record is inaccurate). If the record was not created by our agency, the Privacy Officer may deny the request and refer the individual to the originator of the record.

36 HIPAA Requests – Activity – Restrict PHI
There are five types of Request Activities that are detailed on this tab. The second is a Request to Restrict Disclosure of PHI. CYFD Privacy Officer may approve or deny any requests for restriction of PHI. An individual may request that CYFD restrict the use or disclosure of their PHI to carry out treatment, payment, or health care operations and other standard disclosures permitted under Section (b) (family members, personal representatives, relative...who are identified by the individual and involved with the individual's care or payment related to the individual's care.) A client may request CYFD not disclose to one of these individuals or a certain organization. 

37 HIPAA Requests – Activity – Alt Form of Comm
There are five types of request activities that are detailed on this tab. The third is a request for an alternative form of communication (Alt Form of Comm) CYFD Privacy Officer may approve or deny any requests for alternative form of communication of PHI. An individual has the right to request that confidential information be sent to them by alternative means or to alternative locations. The covered entity must provide a reasonable accommodation to this request. This request, although it may be simple for a worker to accommodate, must be in writing by the individual and forwarded to the Privacy Officer for approval/denial.

38 HIPAA Requests – Activity – Inspect/Copy
There are five types of request activities that are detailed on this tab. The fourth is a request to inspect and copy (access to PHI) CYFD Privacy Officer may approve or deny any requests to inspect and copy. An individual has a right of access to inspect and obtain a copy of PHI in a designated record set for as long as the information is maintained in that record except for Psychotherapy notes, or Information compiled for use in a civil, criminal, or administrative action or proceeding.

39 HIPAA Requests – Activity – Accntg of Disclosure
There are five types of request activities that are detailed on this tab. The last is a request for accounting (Accntg) of disclosures. CYFD Privacy Officer may approve or deny any requests to inspect and copy. An individual has a right to request an accounting of all disclosers made by CYFD in the previous six years except for disclosures made to carry out the payment, treatment or operations of the covered entity (CYFD), any disclosures made prior to the compliance date (when HIPAA went into effect) and other allowable disclosures.

40 FACTS Outliner Once the HIPAA Privacy Officer has entered information into the Request Tab, “Special Handling” will appear on the FACTS Outliner. Appearance of “Special Handling” on the outliner cues the user to look in the Requests Tab of that individual’s HIPAA module for additional information.

41 HIPAA Resources CYFD intranet
Again, if there are any questions regarding HIPAA issues, please contact: Helen Quintana


Download ppt "Health Insurance Portability and Accountability Act of 1996 (HIPAA)"

Similar presentations


Ads by Google