Our Goals Define what HIPAA is. Learn simple ways to protect information. Learn how to continually develop procedures. Learn how to continually give training. Discuss the following 3 items: Regulations and Glossary of Terms Forms & Records Policies & Procedures HIPAA
The HIPAA Law Quite simple. Gives a general policy outline. Quite vague on procedures and specifics. Up for interpretation. HIPAA
The HIPAA Law Attorneys interpret it and give you a scary outlook. Medical professionals who have researched the law give you a much more comfortable outlook. HIPAA
The Basics Privacy The more electronic the world gets, the easier it is to steal information. Bank accounts Credit cards HIPAA
The Basics Privacy Act Telemarketers Personal identity thieves Lost identity Electronic billing HIPAA
The Government and Personal Information Freely talked about. Freely passed around. Freely entered and passed online. Freely stolen. HIPAA
The Government and Personal Information HIPAA Privacy Act was created in 1996 to protect patients rights Enforcement began in 2003 Heavier enforcement in April 2005 when HIPAA Security came in to affect HIPAA
Electronic Billing Insurance Companies Coding Dentists are already using CDT-5. Physicians are currently using ICD-10.
Electronic Billing Insurance Companies Health Identification Numbers Used instead of Social Security Numbers.
HIPAA Law One more scary thing… You have to pay the finesnot the doctor. $250,000 and/or 10 years in federal prison HIPAA
What Do You Have to Do to Protect Information and to Avoid the Fines? Understand and have answers to two basic questions. Continually have training. Keep records. HIPAA
The Two Questions… Do I have the patients permission? What have I done to protect the patients privacy? HIPAA
Due Diligence Having an answer for each question. You cant be fined for doing due diligence. They can have you change something, but they cant fine you. HIPAA
Due Diligence Can I call a person by their name? Can I leave information on a patients voicemail or answering machine? Can they sign in on the sign-in sheet?
Creating Diversion TV in the lobby. Interesting magazines. Good volume of music.
The Seriousness of the Law Why Would Anybody Steal Chart Information? Personal Identity Theft Money HIPAA
The Seriousness of the Law Why is that important? Unsupervised, outside service doing business in this office Cleaning Service Repair Service Charts HIPAA
The Seriousness of the Law Penalties $250,000 with the intent to sell, transfer or use information for commercial advantage, malicious harm or personal gain. (CA Law - $250,000), and/or 10 years in federal prison for personal and financial gain. The doctor will be charged $100 per chart up to $25,000. (CA law - $2,500) Knowing and willful – $100,000 and 5 years in prison. (CA law - $25,000)
The Seriousness of the Law Penalties If it is traced back to an employee causing the breach, then the same fine applies to them. If you are answering those two questions and doing due diligence then you have nothing to worry about.
Protected Health Information (PHI) PHI - Any information that can identify the patients health information Name, Address, DL#, SS# Telephone numbers FAX numbers E-mails Medical records numbers Health plan beneficiary numbers Account numbers Certificate/ license numbers
Protected Health Information (PHI) PHI - Any information that can identify the patients health information Vehicle numbers URLS IP address Finger, Voice, Teeth or Retina prints Photographic Images
Securing the PHI Secure Information Charts Appointment Books Message Pads
Securing the PHI Charts HIPAA says that charts must be secured. Close the office door after hours. Lock it. The janitor doesnt need to be in there.
Securing the PHI Charts Turn charts over and away from viewing the PHI.
Securing the PHI Appointment Books Turn them over or close them after use. Place them in a drawer after hours.
Securing the PHI Message Pads/Sticky Pads Cover them Dont plaster the sticky notes all over a viewable wall. Shred all information to be discarded.
Securing the PHI Shredders Shredding is mandatory. Crosscut shredders are the best. Can be done at the office. Can be done by an outside service.
Securing the PHI Shredder Trucks Use a truck that shreds at your office Dont use one that takes your charts away and says they will shred it at their site
How Long Do I Have To Keep Charts Seven years for adults The Dental Association recommends 10 years. 20 years for children. If a minor leaves your practice before they become an adult, then their childhood records need to be kept for 20 years after their last appointment.
How Long Do I Have To Keep Charts? It is best to keep them at least 30 years, if not indefinitely.