Presentation is loading. Please wait.

Presentation is loading. Please wait.

Page 1 of 16 DMC HIPAA Privacy and Security DMC’S COMMITMENT TO COMPLIANCE: HIPAA PRIVACY and SECURITY DMC Corporate Audit and Compliance Department Detroit.

Published byTierra Pressly Modified over 9 years ago

Similar presentations

Presentation on theme: "Page 1 of 16 DMC HIPAA Privacy and Security DMC’S COMMITMENT TO COMPLIANCE: HIPAA PRIVACY and SECURITY DMC Corporate Audit and Compliance Department Detroit."— Presentation transcript:

1 Page 1 of 16 DMC HIPAA Privacy and Security DMC’S COMMITMENT TO COMPLIANCE: HIPAA PRIVACY and SECURITY DMC Corporate Audit and Compliance Department Detroit Medical Center© Reviewed: January, 2009

2 Page 2 of 16 DMC HIPAA Privacy and Security HIPAA RULES Privacy Became law on April 14, 2003 Information regarding patients is confidential. This information is Protected Health Information (PHI) Security Became law on April 21, 2005 Information regarding patients maintained, stored, and transmitted electronically is Electronic Protected Health Information (EPHI) General Rule: Information about our patients should only be used or disclosed as authorized.

3 Page 3 of 16 DMC HIPAA Privacy and Security USING AND DISCLOSING PHI PHI disclosure is permitted for purposes of: Treatment Payment Hospital Operations Use is limited to the “Minimum Necessary” to conduct your job duties Policies exist to guide the disclosure of information (DMC policy 1 HIM 153) Accessing your own information is inappropriate and may result in disciplinary action

4 Page 4 of 16 DMC HIPAA Privacy and Security PROTECTED INFORMATION PHI includes information: On paper In a computer Orally communicated In any other form EPHI includes information: On your computer hard drive On floppy disks, CDs or magnetic tapes Sent via the Internet - - By e-mail - Other means

5 Page 5 of 16 DMC HIPAA Privacy and Security Name Street Address, City, County, Zip Code Dates: Birth, Admission, Discharge or Date of Death Numbers: Social Security, Medical Record, FIN, Patient Account, Health Plan Beneficiary Telephone or Fax Numbers E-mail Address EXAMPLES OF PHI AND EPHI

6 Page 6 of 16 DMC HIPAA Privacy and Security Privacy Rule DO NOT share passwords or login ID DO NOT write down password where others may access it. Log-off your computer when you will be away a significant period of time “Suspend” when you will be away from your computer for a short period of time Position monitors out of view of the public eye Security Rule Change your password every 90 days Choose passwords that are NOT easily guessed Use password protected screensavers, suspense mode and keyboard locks Place disks or tapes in a secure location Immediately report anyone outside of DMC IS Security asking for your password SECURING PHI

7 Page 7 of 16 DMC HIPAA Privacy and Security Privacy Rule Use caution and respect patients’ privacy when discussing protected health information in public Read and understand the policies and procedures relating to HIPAA Privacy and Security (DMC policy 1 CG 035) When using or disclosing PHI, limit the PHI to the minimum necessary to accomplish the intended use or disclosure SECURING PHI

8 Page 8 of 16 DMC HIPAA Privacy and Security E-mail E-mail with PHI sent outside the DMC should be encrypted. The steps to encrypt e-mail are: - Type SECURE in capital letters in the subject line - E-mail will be sent to a secure holding site - The receiver will get a notification e-mail with instructions on retrieving the secure e-mail Faxes Double check fax number Use cover page which includes your contact information If fax is received by the wrong location, have the fax destroyed or returned to you SENDING PHI AND EPHI

9 Page 9 of 16 DMC HIPAA Privacy and Security DO NOT open any unknown attachments, files or unrecognizable e-mails Report any suspicious activity, such as new software or hardware appearing on your computer to the DMC Help Desk DO NOT install unapproved software/hardware or use unapproved e-mail, such as Hotmail, Yahoo, etc. Contact your manager/supervisor or the DMC Help Desk if you believe someone may have logged onto your computer PROTECTING YOUR COMPUTER AND PHI

10 Page 10 of 16 DMC HIPAA Privacy and Security EMERGENCY DOWNTIMES The DMC has a contingency plan to address system access during power failures, disasters, weather hazards, or other situations limiting access to patient data: Know the recovery plan as it relates to your job Know the related policies (available on the DMC Intraweb) Know how to report emergencies Know how the emergency may impact patient care

11 Page 11 of 16 DMC HIPAA Privacy and Security SECURING PHI ON WIRELESS DEVICES The biggest risk to PHI on Personal Digital Assistants (PDA) and laptops is theft. Secure PDA’s and Laptops: Always use password protected screen saver Passwords should be kept secure and confidential Back-up data Consider encrypting PHI Install and use virus protection software Lock devices in a secure location when not in use If device is stolen, an incident report should be filed

12 Page 12 of 16 DMC HIPAA Privacy and Security PENALTIES FOR HIPAA VIOLATIONS Disciplinary action up to and including termination Exclusion from participation in Medicare and Medicaid programs Jail sentences for employees, administrators and physicians: HIPAA Specific – - Up to One Year for misuse of protected health information - Up to Five Years for misuse of PHI under false pretenses - Up to Ten Years for misuse with intent to sell, transfer or use PHI for commercial advantage, personal gain or malicious harm

13 Page 13 of 16 DMC HIPAA Privacy and Security PENALTIES HIPAA violations may result in millions of dollars in fines: $50,000 for misuse of protected health information $100,000 for misuse of PHI under false pretenses $250,000 for misuse with intent to sell, transfer or use PHI for commercial advantage, personal gain or malicious harm

14 Page 14 of 16 DMC HIPAA Privacy and Security HIPAA REPORTING DMC will take disciplinary action for breaches of privacy and information security, up to and including termination: You are required to understand the law, and how it affects your job Even an “accidental” disclosure could have consequences As a condition of employment, employees agree to read and abide by the policies and procedures covering HIPAA Individuals should immediately report any observed or suspected HIPAA breach to - - Your manager/supervisor - Corporate Audit and Compliance Department at: 1.313.993.0317 - Compliance Hotline at: 1.888.484.9200

15 Page 15 of 16 DMC HIPAA Privacy and Security HIPAA SUMMARY Safeguarding PHI is everyone’s job. If you have questions or concerns about your responsibility in protecting patient health information: - Talk to your supervisor - Send your questions to - hipaahelp@dmc.org - Call Corporate Audit and Compliance Department at: 1.313.993.0317

16 Page 16 of 16 DMC HIPAA Privacy and Security SUMMARY We hope this NetLearning course has been both informative and helpful. Feel free to review this course until you are confident about your knowledge of the material presented. Click any of the following menu selections located on the left side of the screen: Take Test button to complete the requirements for this course My Records button to return to your CBL Courses to Complete list Exit button to close the Student Interface

Download ppt "Page 1 of 16 DMC HIPAA Privacy and Security DMC’S COMMITMENT TO COMPLIANCE: HIPAA PRIVACY and SECURITY DMC Corporate Audit and Compliance Department Detroit."

Similar presentations

HIPAA Security.

HIPAA Security.
HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.

HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.
Privacy and Information Security Training (2006-07) VUMC Privacy Website www.mc.vanderbilt.edu/privacy.

Privacy and Information Security Training ( ) VUMC Privacy Website
HIPAA Training: Health Insurance Portability and Accountability Act.

HIPAA Training: Health Insurance Portability and Accountability Act.
Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.

Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.
HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.

HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.
HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website: www.mc.vanderbilt.edu/HIPAA.

HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website:
Confidentiality and HIPAA

Confidentiality and HIPAA
COBB/DOUGLAS COMMUNITY SERVICES BOARD Confidentiality and Privacy of Consumer Information.

COBB/DOUGLAS COMMUNITY SERVICES BOARD Confidentiality and Privacy of Consumer Information.
The Health Insurance Portability and Accountability Act Basic HIPAA Training For CMU workforce with access to PHI.

The Health Insurance Portability and Accountability Act Basic HIPAA Training For CMU workforce with access to PHI.
HIPAA Security Training 2005

HIPAA Security Training 2005
HIPAA Health Insurance Portability and Accountability Act.

HIPAA Health Insurance Portability and Accountability Act.
To run in Slide Show mode If using PowerPoint 2003 click Slide Show, View Show from the Menu Bar. If using PowerPoint 2010 click the Slide Show tab, then.

To run in Slide Show mode If using PowerPoint 2003 click Slide Show, View Show from the Menu Bar. If using PowerPoint 2010 click the Slide Show tab, then.
1 HIPAA Privacy and Security Cindy Cummings, RHIT.

1 HIPAA Privacy and Security Cindy Cummings, RHIT.
WORKFORCE CONFIDENTIALITY HIPAA Reminders. HIPAA 101 The Health Insurance Portability and Accountability Act (HIPAA) protects patient privacy. HIPAA is.

WORKFORCE CONFIDENTIALITY HIPAA Reminders. HIPAA 101 The Health Insurance Portability and Accountability Act (HIPAA) protects patient privacy. HIPAA is.
HIPAA Health Insurance Portability and Accountability Act.

HIPAA Health Insurance Portability and Accountability Act.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
NAU HIPAA Awareness Training

NAU HIPAA Awareness Training
1 Louisiana Department of Health and Hospitals Basic HIPAA Privacy Training: Policies and Procedures 01/09/2009 0.

1 Louisiana Department of Health and Hospitals Basic HIPAA Privacy Training: Policies and Procedures 01/09/

Similar presentations

Ads by Google