Health Insurance Portability and Accountability Act of 1996 (HIPAA) 11/13/2018 Health Insurance Portability and Accountability Act of 1996 (HIPAA)
The organization has adopted a policy of zero tolerance for employees who knowingly/willingly violate confidentiality/security of Protected Health Information. Any staff member who knowingly/willingly breaches confidentiality/security of Protected Health Information will result in termination.
Health Information Portability and Accountability Act Privacy -anything written or verbally spoken -conscious effort by healthcare workers to keep patient information secret -includes physical condition, emotional status, financial information, and etc. -P.H.I. should not be discussed in public places -breaches of confidentiality should be reported to someone who can actively advocate for the patient -P.H.I. is to be given out on a need to know basis only -protecting PHI is everyone’s responsibility -we must have a written or verbal consent to release PHI, except in emergencies
Health Information Portability and Accountability Act Security -any PHI that is on a computer system preventing computer viruses or malicious software by using caution when opening email attachments and using caution when downloading from the internet -Phishing- deceptive e-mail directing you to an official looking, but phony website -Physical security- as it relates to HIPAA, is securing of physical devices and media from loss or theft
Health Information Portability and Accountability Act Security -keeping passwords confidential -changing passwords on a regular basis decreases the risk of a password being compromised. -when creating a password try not to use people, places, and sports teams -use upper and lower case letters -report any suspicious activity related to PHI immediately
PATIENT RIGHTS The right to receive a Notice of the Privacy Practices The right to obtain access, inspect and copy their PHI The right to an accounting of the disclosures of their PHI The right to receive confidential communications The right to request an amendment to their PHI
The patient has a right to request a restriction of their PHI PATIENT RIGHTS The patient has a right to request a restriction of their PHI The patient has a right to receive an accounting of disclosures outside of treatment, payment or operations. The patient has a right to file a complaint to our organization or to the Secretary of Health and Human Services about the organization’s privacy practices and/or suspected violations.
Is it ok to text patient orders? Question: Is it ok to text patient orders?
messaging is strictly prohibited. Answer: No, Never! Unsecure text messaging is strictly prohibited.
Can we share our user names and passwords with anyone Question: Can we share our user names and passwords with anyone (including co-workers, Students, and etc.)?
No, Never!!!!! You are responsible for your userid and password! Answer: No, Never!!!!! You are responsible for your userid and password!
on a prayer list at church when they are a patient in Question: Can you put someone on a prayer list at church when they are a patient in this facility?
information from work – no. unspoken prayer requests. Answer: If you have learned the information from work – no. You can always have unspoken prayer requests.
If I have seen a patient during an earlier hospital stay, can I Question: If I have seen a patient during an earlier hospital stay, can I look at old chart information?
Answer: Yes, if you receive a referral or need information for the treatment plan.
When talking to a referring facility – what initial Question: When talking to a referring facility – what initial information are you allowed to give?
You are allowed to give as much information as needed. Answer: You are allowed to give as much information as needed. This falls under continuity of care.
Is it a HIPAA violation to access portions of the chart Question: Is it a HIPAA violation to access portions of the chart that I do not need?
Answer: Yes
If your immediate family member is in the hospital, Question: If your immediate family member is in the hospital, can you look at their records?
hospital policy for obtaining Answer: No – you must follow hospital policy for obtaining records.
Is it a HIPAA violation to look at your own test Question: Is it a HIPAA violation to look at your own test results? Must you sign a release of information form first and go through the health information department?
hospital policy on obtaining records, which requires that Answer: You must follow the hospital policy on obtaining records, which requires that you sign a release of information and Health Information will copy your records for you.
Patient information in a Question: Am I allowed to discuss Patient information in a public area?
of your surroundings and Answer: You need to be aware of your surroundings and be discrete.
who is in the hospital without looking Question: Can you go in and see who is in the hospital without looking at information?
No, this would be considered Answer: No, this would be considered a HIPAA violation.
Is it okay to send Protected Health Information in a text Question: Is it okay to send Protected Health Information in a text Message?
No, this would be considered Answer: No, this would be considered a HIPAA violation.
Should I review document(s) for the correct Question: Should I review document(s) for the correct patient name prior to giving the document(s) to the patient?
document for the correct patient name prior to giving Answer: Yes, Always review your document for the correct patient name prior to giving document(s) to the patient.
The organization has adopted a policy of zero tolerance for employees who knowingly/willingly violate confidentiality/security of Protected Health Information. Any staff member who knowingly/willingly breaches confidentiality/security of Protected Health Information will result in termination.
Questions Who can I contact about HIPAA? Debbie Martin, Director of Health Information HIPAA Privacy Officer Maleigha Amyx, Director of Information Services HIPAA Security Officer