The Health Information Protection Act. What is the Health Information Protection Act (HIPA)? HIPA is legislation that speaks to access to, and protection.

Slides:



Advertisements
Similar presentations
Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.
Advertisements

The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group
NAU HIPAA Awareness Training
1 Louisiana Department of Health and Hospitals Basic HIPAA Privacy Training: Policies and Procedures 01/09/
COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.
1 Opening the Door: Access to Government Information A primer for Media Students Mohawk College Sept. 18, 2002 Bob Spence Communications Co-ordinator Office.
Information & Compliance UL University of Limerick & UL employees obliged to comply with certain legislation, including: Freedom of Information.
The Problem Solvers TM Privacy Rights: Minors and Parents Michael J. Hewitt Marcel Daigle Singleton Urquhart LLP.
Kathy O’Brien NEON and NORrad – Current PHI Sharing and How Best to Comply with PHIPA August 26, 2004.
Building Privacy into Health Information Technology Ann Cavoukian, Ph.D. Information & Privacy Commissioner/Ontario Information Technology.
Complying with Privacy to Enable Innovation & Research
© Information and Privacy Commissioner of Ontario, 2006 Circle of Care Ontario University & College Health Association - May 24, Manuela Di Re Associate.
Bev White, Manager, Research Ethics Research Services, IWK Health Centre.
Presentation by Mark Grady Vancouver Island University June 13, 2012.
Hong Kong Privacy Code on Human Resource Management
Version 6.0 Approved by HIPAA Implementation Team April 14, HIPAA Learning Module The following is an educational Powerpoint presentation on the.
CUMC IRB Investigator Meeting November 9, 2004 Research Use of Stored Data and Tissues.
The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy.
Anglican Province of Canada Privacy Policy. Commitment to Privacy The Privacy Policy, including the Web Privacy Statement, is the Anglican Province of.
Taking Steps to Protect Privacy A presentation to Hamilton-area Physiotherapy Managers by Bob Spence Communications Co-ordinator Office of the Ontario.
Contemporary Issues in Canadian Health Care Nola M. Ries, MPA, LLM Adjunct Assistant Professor, University of Victoria Research Associate, Health Law Institute,
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Obtaining, Storing and Using Confidential Data October 2, 2014 Georgia Department of Audits and Accounts.
Privacy Law for Network Administrators Steven Penney Faculty of Law University of New Brunswick.
HIPAA PRIVACY AND SECURITY AWARENESS.
“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.
Confidentiality, Consents and Disclosure Recent Legal Changes and Current Issues Presented by Pam Beach, Attorney at Law.
Health Insurance Portability and Accountability Act (HIPAA)
Copyright ©2011 by Pearson Education, Inc. Upper Saddle River, New Jersey All rights reserved. Health Information Technology and Management Richard.
IVCC Information Security Plan Important information about the privacy of student records Adapted from SVCC Information Security Plan, 3/03. IVCC Revision.
Part 6 – Special Legal Rights and Relationships Chapter 35 – Privacy Law Prepared by Michael Bozzo, Mohawk College © 2015 McGraw-Hill Ryerson Limited 34-1.
“What’s Ethics Got To Do With It” Presentation to the Canberra Evaluation Forum Gary Kent Head Governance Australian Institute of Health and Welfare.
Privacy and the Civil Commitment Process Allyson K. Tysinger Assistant Attorney General June 4-5, 2008.
AICP New England 13 th Annual Education Day PRIVACY Jenny Erickson Vice President, Legislative and Regulatory Affairs The Life Insurance Association of.
Understanding HIPAA (Health Insurandce Portability and Accountability Act)
PricewaterhouseCoopers 1 Administrative Simplification: Privacy Audioconference April 14, 2003 William R. Braithwaite, MD, PhD “Doctor HIPAA” HIPAA Today.
The right item, right place, right time. DLA Privacy Act Code of Fair Information Principles.
FleetBoston Financial HIPAA Privacy Compliance Agnes Bundy Scanlan Managing Director and Chief Privacy Officer FleetBoston Financial.
HIPAA THE PRIVACY RULE. 2 HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti- depressant medications.
PIPEDA and Receivables Management Robin Gould-Soil Receivables Management Association of Canada November 16, 2011.
Retha Britz Copyright 2013 All rights reserved for this presentation 1 Other important considerations for RECs Retha Britz.
BC Public Libraries November, 2008 Privacy Principles.
Rhonda Anderson, RHIA, President  …is a PROCESS, not a PROJECT 2.
A Professional Corporation Stinson, Mag & Fizzell (402) Business Associates 101 Jennifer Wolfe Jerram, B.S.N., J.D.
HIPAA Privacy Rules: What Are Plan Sponsors Required to Do?
An Introduction to the Privacy Act Privacy Act 1993 Promotes and protects individual privacy Is concerned with the privacy of information about people.
Privacy Practices.
Privacy Information for Advisors. Agenda PIPEDA Advisor Required Privacy Program Our MGA Privacy Program Recommendations for Advisors.
Presented by Ms. Teki Akuetteh LLM (IT and Telecom Law) 16/07/2013Data Protection Act, 2012: A call for Action1.
Juvenile Legislative Update 2013 Confidential Records and Protected Disclosures.
HIPAA Training Workshop #3 Individual Rights Kaye L. Rankin Rankin Healthcare Consultants, Inc.
Nassau Association of School Technologists
PRIVACY TRAINING For CAILBA members
Kids' legal rights in medical care, your obligations and risk minimisation 27 April 2017.
Privacy Education Session CMHA-WECB/CCHC Volunteers/Students
What is HIPAA? HIPAA stands for “Health Insurance Portability & Accountability Act” It was an Act of Congress passed into law in HEALTH INSURANCE.
Privacy principles Individual written policies
Obligations of Educational Agencies: Parents’ Bill of Rights
Health Insurance Portability and Accountability Act
Privacy & Access to Information
Confidential Records and Protected Disclosures
Move this to online module slides 11-56
Health Insurance Portability and Accountability Act
Move this to online module slides 11-56
Data Protection What’s new about The General Data Protection Regulation (GDPR) May 2018? Call Kerry on Or .
HIPAA Privacy and Security Summit 2018 HIPAA Privacy Rule: Compliance Plans, Training, Internal Audits and Patient Rights Widener University Delaware.
Mandatory Breach Reporting (isn’t *that* bad)
Move this to online module slides 11-56
Presentation transcript:

The Health Information Protection Act

What is the Health Information Protection Act (HIPA)? HIPA is legislation that speaks to access to, and protection of personal health information…

WHO WHO does HIPA apply to? HIPA applies to all designated Trustees under the Act Trustees must have custody or control over personal health information…

WHAT WHAT does HIPA apply to? It’s all about Personal Health Information (PHI) such as: –Information about a health service provided –Information collected during the provision of service –Organ and/or tissue donation including samples collected –Registration information

PHI includes documentation too! paper records microfilm x-ray film electronic records

Where do you see PHI?

HIPA protects the rights of the individual & guides the professional… Collection Use Consent Access Disclosure

Collection KEY WORD: Collection What is collection?

Collection cannot be random… It must relate to a program, activity, or service that benefits the patient You should always try to obtain consent HIPA s25 Manner of Collection

How does this apply to me? You must know why you are collecting the information! Follow the policies, standards, laws If you are ever unsure about collection, consult with the Ministry of Health privacy officer or the Ministry of Justice and Attorney General.

Consent KEY WORD: Consent It’s more than just asking permission…

What is consent? Where ever possible the collection of PHI should stem from the consent of the individual to whom it relates (Preamble) Individuals have the right to consent to the use and disclosure of their PHI as well as to revoke that consent. HIPA s5-7

Consent has three very similar faces… Express (or “expressed”) Implied Deemed

Informed is important! How do you ensure that your client/patient is fully informed? HIPA s9&10

How do you meet your obligations? Understand why consent is required and what the law mandates… Speak with the person/client directly Call us if you need more information!

KEY WORD: ACCESS Disclosure is not access…

What is Access? Individuals: Have the right to access PHI about himself/herself in the custody and control of a trustee. (HIPA s12) Can request access to their personal health information. HIPA s32 to 34

Access cont’d… Trustees: Trustees can “access” PHI within the organization When Trustees external to the organization need to access PHI it becomes a disclosure

Trustees have obligations… You have a ‘duty to assist’ Meet the 30 day timeline for written requests or request an extension Inform the person of their right to review HIPA s 35 to 40

KEY WORD: DISCLOSURE Access within the circle of care is appropriate…

What is Disclosure? Disclosure can generally manifest itself as: –Disclosure of PHI for treatment, program, or evaluation purposes –Disclosure of registration information –Disclosure of PHI for research purposes HIPA s27, s28, s29

Disclosure Without Consent

Privacy vs. Confidentiality… Quite a Difference!

The Protection of Privacy Protect the integrity, accuracy and confidentiality of the information; Protect against any reasonably anticipated threat or hazard; Protect against loss of the information; or Unauthorized access to or use, disclosure or modification of the information.

How do you currently protect personal health information?

Breach KEY WORD: Breach

What do you do when you become aware of a potential breach? Report Document Investigate Follow-up

Failure to Comply with HIPA… Individuals: –Fines up to $50,000 and/or up to one year in jail per offence Corporations: –Fines up to $500,000 per offence –Officers and directors of a corporation can be fined up to $50,000 and/or receive up to one year in jail per offence

Good faith clause protects trustees and employees … HIPA s61(a)

General Duties of Trustee Trustee must establish policies to: Protect integrity, accuracy & confidentiality Protect against reasonably anticipated threat or hazard to security, loss or unauthorized access Ensure compliance with HIPA by employees s.16 Duty to Protect

General Duties (continued) Must store info. in format retrievable, readable and useable for full retention period (s. 17(2)(a)) Destroy info. in a manner that protects privacy (s. 17(2)(b)) Must ensure information management service provider meets same confidentiality standards (s. 18)

Right to Appeal: The Office of the Information and Privacy Commissioner

Right to Appeal If access is refused; If a person is not satisfied with the decision of a Trustee pursuant to Section 36; The person requests an amendment to their information and it is not done; The person believes that there has been a contravention of the Act.

The Office of the Information and Privacy Commissioner Independent Third Party Powers to investigate, review decisions, and make recommendations Conduct public education programs

Questions?

Additional Information Saskatchewan Ministry of Health: Saskatchewan Information and Privacy Commissioner: PIPEDA: Privacy Commissioner of Canada:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.