Presentation on theme: "PRESENTOR: MARIA ROSARIO DIANA O. CAINGLET. HIPAA (Health Insurance Portability and Accountability Act of 1996) Designed to protect the patient while."— Presentation transcript:
HIPAA (Health Insurance Portability and Accountability Act of 1996) Designed to protect the patient while mandating the electronic documentation of all clinician-patient interactions. This law is important to all healthcare workers because it further provides stipulations on privacy and security of patient health information. HIPAA is act of 1996 but under the federal law effective on April 14, 2003.
Requires all dictated clinician-patient interactions to be transformed into an electronic format not merely paper-based documentation as previously done. According to the designers of the HIPAA, the law will facilitate easier processing of health insurance claims which will save as estimated $9B annually. While the industry serves as an economic harbor, HIPAA further provides privacy for patients over secure and manageable electronic systems by dissemination of awareness of the eventual cost savings as well as the penalties for noncompliance.
Although already required, many US physicians/clinicians are yet to comply with the law because of its initial capital expenses which can reach $20,000 for upgrading of technology, personal training and maintenance of HIPAA monitoring.
What are the consequences for breaking HIPAA. Hipaa violation can bring civil and criminal penalties. Fines is $100 for each violation of the law per person to a limit of $25,000 for each identical requirement. Criminal Penalties can include not only large fines, but also jail time. Selling patient’s information is more serious than accidental; this penalty can be high as $250,000 fine or a prison sentence of 10 years.
Others: Knowingly releasing patient information is violation of HIPAA can result in one-year jail sentence and $50,000 fine. Gaining access to health information under false pretenses can result in five-year jail sentence and $100,000 fine Releasing patient information with harmful intent or selling the information can lead to a 10 year jail time and $250,000 fine.
As a health worker, we should be aware of miscompliance, which usually involves the patient confidentiality. As the law secures privacy of health documentation, we have become part of the medical team in the sense that health information is known: > the names of the patient >the physician > the illness >the treatment > the prognosis
>location Dates (except for the year) phone and fax no. Email addresses SSN (social security numbers) Account numbers Professional license numbers License plate numbers Web URLs Internet protocols Description of photos
!!!! As a general rule, no known health information by virtue of the profession can be revealed to anyone other than the patient !!!!! In so far as our concern, this means that PHI or patient health information or IIHI (individually identifiable health information ) should not be discussed with others in any way. HENCE ONCE HEALTH INFORMATION IS KNOWN NOT ONLY MUST THE MANAGEMENT OF THE COMPANY PROVIDE TECHNOLOGY THAT ENSURES SECURITY OF INFORMATION (E.G USERNAMES AND PASSWORDS) BUT IT MUST ALSO ORIENT ITS EMPLOYEES ON THE PRIVACY COMPONENT OF HIPAA TO AVOID FUTURE PROBLEMS AND ISSUES THAT MAY INCLUDE LEGAL SUITS.
Only doctors, nurses, therapist, social worker, and other clinicians can use this information to determine how to treat patients. Billing use confidential information to bill patients, insurance companies: Medicare, Medicaid and other private insurance. Staff performing quality assurance for the improvement activities can review this information to make sure patients receive good care.
Generally uses beyond those listed above are not allowed. However, HIPAA requires health care workers to use or share only “minimum information” only to do their jobs effectively.
UNDER HIPAA, RETENTION OF RECORDS FOR SOFT COPIES SHOULD BE RETAINED AT LEAST 6 YEARS. SINCE WORK IS DONE THROUGH THE USE OF TECHNOLOGY, A FORM OF SECURITY (e.g. FIREWALLS, SPYWARES) MUST ALWAYS BE UTILIZED SINCE ANY TRANSACTION DONE THROUGH THE WIRES CAN BE EASILY TAMPERED OR HACKED. ALL HOMEBASED EMPLOYEE MUST HAVE THIS SPECIALIZED SOFTWARE TO PROTECT MEDICAL REPORTS.
USE OF PASSWORDS HELPS A LOT ESPECIALLY WHEN WORKING IN A COMPANY. ONLY ONE PERSON CAN GAIN ACCESS TO ONE SET OF COMPUTER FILES. NEVER LEAVE YOUR SCREEN WHERE ANYBODY CAN READ FROM IT. TURNING OFF THE MONITOR CAN PREVENT THIS CIRCUMSTANCE OR THE SCREENSAVER CAN BE LOCKED. MAKE A LIST OF ALL THE PERSONNEL INVOLVED IN PROCESSING MEDICAL RECORDS FOR SECURITY PURPOSES, CONFIDENTIAL COMMUNICATION SHOULD NOT BE INCLUDED WHEN USING EMAILS OR ANY ONLINE FEATURE OF THE COMPUTER.
Sample of statement of confidentiality I, _________, as a health staff working on behalf of ___________, located on ________agree not to disclose any information pertaining to _______, accounts (and/or patients of the practices or accounts). I shall not copy any customer files, software files, manuals, references, materials, or documents or any sort of _______ for the direct benefit of _________. I shall not disclose any such lists or information to person who are not employee of ________. I agree to comply in all respects with all applicable legislator both federal and state, regarding privacy and confidentiality with respect to customer documents, including but not limited to HIPAA regulations as now in effect or as may be promulgated in the future. In the event of breach of contract, then I will abide by the disciplinary actions or sanction of ___________.
1. WHAT DOES HIPAA MEANS: A. HEALTH INSURANCE FOR PATIENTS AND ACCOUNTANTS B. HANDY INSURANCE FOR PATIENTS AND ACCOUNTANTS. C. HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT. D. HEALTH INSURANCE PORTABILITY AND ACCESSIBILITY ACT.
2. THE FOLLOWING PRINCIPLE WITH REGARD TO HEALTH INFORMATION MUST BE IMBIBED BY THE HEALTHCARE MEMBER. A. ACCOUNTABILITY B. PORTABILITY C. SECURITY D. CONFIDENTIALITY
3. THE FOLLOWING ARE EXAMPLES OF IIHI, EXCEPT: A. JOHANNA DR. KILMER LAS VEGAS 2011
4. WHAT IS THE INITIAL CAPITAL EXPENSE FOR HIPAA COMPLIANCE? A. $200,000 B. $2,000 C. $20,005 D. $20,000
5. Give at least 3 ways to support patient confidentiality. 1. 2. 3. References: (HCPRO training booklet for health care workers, pub 03/2003); MTCA Module 15, pub 2006 *** thank you *****