Presentation on theme: "POP QUIZ!! What does CMS stand for? What does HIPAA stand for?"— Presentation transcript:
1 POP QUIZ!! What does CMS stand for? What does HIPAA stand for? Which is a record of all of your visits with one doctor, EMR or EHR?Documents in a medical file are considered what kind of documents?In a patient’s chart, if something is SUBJECTIVE, what does that mean?
2 POP QUIZ!! What does CMS stand for? What does HIPAA stand for? Centers for Medicare and Medicaid ServicesWhat does HIPAA stand for?Health Insurance Portability and Accountability ActWhich is a record of all of your visits with one doctor, EMR or EHR?Electronic MEDICAL RecordDocuments in a medical file are considered what kind of documents?Legal documentsIn a patient’s chart, if something is SUBJECTIVE, what does that mean?It’s in their own words.
4 2.3 Covered Entities and Business Associates 2-12Electronic data interchange (EDI)—system-to-system exchange of data in a standardized formatThe electronic exchange of health care information is called a transaction
5 2.3 Covered Entities and Business Associates (Continued) 2-13Health care organizations that must obey HIPAA regulations are called covered entities (CEs)Transmit information electronicallyClearinghouse—company that helps providers handle electronic transactions and manage EMR systemsBusiness Associates (BA)—organizations that work for covered entities but are not themselves CEsLaw firms; outside medical billers, coders, and transcriptionists; accountants; collection agencies
6 2.4 HIPAA Privacy Rule2-14HIPAA Privacy Rule—law regulating the use and disclosure of patients’ protected health information (PHI)Protected health information (PHI)—individually identifiable health information that is transmitted or maintained by electronic mediaBoth use and disclosure of PHI are necessary and permitted for patients’ treatment, payment, and health care operations (TPO)
7 2.4 HIPAA Privacy Rule (Continued) 2-15Minimum necessary standard—taking reasonable safeguards to protect PHI from incidental disclosureDesignated record set (DRS)—CE’s records that contain PHINotice of Privacy Practices (NPP)—description of a CE’s principles and procedures related to the protection of patients’ health informationFor use or disclosure other than for TPO, a CE must have the patient sign an authorization
8 2.4 HIPAA Privacy Rule (Continued) 2-16Health information can be released for reasons other than TPO in some casesSubpoena—order of a court for a party to appear and testifySubpoena duces tecum—order of a court directing a party to appear, testify, and bring specified documents or itemsDe-identified health information—medical data from which individual identifiers have been removed
9 2.5 HIPAA Security Rule2-17The HIPAA Security Rule requires CEs to establish safeguards to protect PHIEncryption—method of converting a message into encoded textPassword—confidential authentication information (the key)
10 2.6 HITECH Breach Notification Rule 2-18HITECH Act requires CEs to notify affected individuals following the discovery of a breach of unsecured health informationBreach—impermissible use or disclosure of PHI that could pose significant risk to the affected personBreach notification—document notifying an individual of a breach
11 2.7 HIPAA Electronic Health Care Transactions and Code Sets 2-19HIPAA Electronic Health Care Transactions and Code Sets (TCS)—rule governing the electronic exchange of health informationUnder HIPAA, a code set is any group of codes used for encoding data elementsHIPAA National Identifier—identification systems for employers, health care providers, health plans, and patientsNational Provider Identifier (NPI)—unique ten-digit identifier assigned to each provider
12 2.8 Fraud and Abuse Regulations 2-20HIPAA created the Health Care Fraud and Abuse Control Program to uncover and prosecute fraud and abuseThe HHS Office of the Inspector General (OIG) has the task of detecting health care fraud and abuse and enforcing all the related lawsHas the authority to investigate suspected fraud cases and to audit the records of physicians and payersAudit—formal examination of a physician’s records
13 2.8 Fraud and Abuse Regulations (Continued) 2-21Qui tam—cases in which a relator accuses another party of fraud or abuse against the federal governmentRelator—person who makes an accusation of fraud or abuse