I.G. Subpoenas and the HIPAA Privacy Rule The views and opinions expressed in the presentation are those of the presenter, and not necessarily official.

Slides:



Advertisements
Similar presentations
Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.
Advertisements

PRIVACY ACT OF 1974 OVERVIEW. FAIR INFORMATION PRACTICES The Privacy Act is primarily concerned with fair information practices. The Privacy Act is primarily.
HIPAA Privacy: Implementing Privacy for Government Health Plans Roberta M. Ward Senior Counsel, Privacy Officer California Department of Health Services.
0 Jumping through Two Hoops: the HIPAA Privacy Rule and State Law Compliance Issues Bruce Merlin Fried, Esq. The fifth National HIPAA Summit November 1,
HIPAA In Relation to Other Federal Laws Professor Peter P. Swire Ohio State University Consultant, Morrison & Foerster LLP Glasser LegalWorks/HIPAA Conference.
SIMPLIFYING PRIVACY: HIPAA PRIVACY STANDARDS AND RESEARCH Angela M. Vieira General Counsel Childrens Hospital and Health Center June 5, 2004.
HIPAA Privacy Practices. Notice A copy of the current DMH Notice must be posted at each service site where persons seeking DMH services will be able to.
Responding to Subpoenas and Law Enforcement Demands for PHI: An Overview Janet A. Newberg Chair, Health Law Section Felhaber Larson Fenlon & Vogt, P.A.
The Department has declared itself to be a single covered entity. Thus, each and every one of our divisions is a covered entity and must comply with.
Minimum Necessary Standard Version 1.0
 What is the Privacy Rule? The Standards for Privacy of Individually Identifiable Health Information (Privacy Rule) governs the use and disclosure of.
HIPAA: Privacy, Security, and HITECH, Oh My! Presented by Stephanie L. Ganucheau, Special Assistant Attorney General.
Chapter 6 Federal Regulation of Pharmacy Practice.
HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.
HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.
HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) ; Victoria Nemerson.
National Cancer Institute Cancer Therapy Evaluation Program (CTEP) presents: How to Obtain Protected Health Information (PHI) from an Outside Healthcare.
1 Louisiana Department of Health and Hospitals Basic HIPAA Privacy Training: Policies and Procedures 01/09/
North Carolina State University Health Information Privacy 4/16/03.
WHAT IS HIPAA? The Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides certain protections for any of your health information.
 Original Intent: ◦ Act passed in 1996 with two main goals: 1.Ensure individuals would be able to maintain their health insurance between jobs (the “portability”
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.
Health Insurance Portability and Accountability Act (HIPAA)
POP QUIZ!! What does CMS stand for? What does HIPAA stand for?
August 10, 2001 NESNIP PRIVACY WORKGROUP HIPAA’s Minimum Necessary Standard Presented by: Mildred L. Johnson, J.D.
2 HIPAA, HITECH, and Medical Records. Learning Outcomes When you finish this chapter, you will be able to: 2.1Discuss the importance of medical records.
1 Sixth National HIPAA Summit The Health Lawyer as Business Associate March 28, 2003 Session VI 3:00 pm Gerald E. DeLoss, Esquire Barnwell Whaley Patterson.
CUMC IRB Investigator Meeting November 9, 2004 Research Use of Stored Data and Tissues.
HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.
HIPAA Health Insurance Portability & Accountability Act of 1996.
Implementing and Enforcing the HIPAA Privacy Rule.
Notice of Privacy Practices Nebraska SNIP Privacy Subgroup July 18, 2002 Michael J. Brown, MHA, CPA Vice-President, Administrative & Regulatory Affairs,
© 2009 The McGraw-Hill Companies, Inc. All rights reserved. 1 McGraw-Hill Chapter 5 HIPAA Enforcement HIPAA for Allied Health Careers.
Sharing Low-Income Customer Information Water & Energy Utilities LIOB Meeting - January 2009 Seaneen M Wilson Division of Water & Audits.
CHAPTER © 2012 The McGraw-Hill Companies, Inc. All rights reserved. 2 HIPAA, HITECH, and Medical Records.
HIPAA The Privacy Rule Health Insurance Portability and Accountability Act of 1996 (HIPAA) The 104 th Congress passed the Act, Public Law ,
DSDS Quality Assurance Unit State of Alaska, Dept. of Health and Social Services Division of Senior and Disabilities Services (DSDS) Quality Assurance.
1 Disclosures © HIPAA Pros 2002 All rights reserved.
Confidentiality, Consents and Disclosure Recent Legal Changes and Current Issues Presented by Pam Beach, Attorney at Law.
1 HIPAA OVERVIEW ETSU. 2 What is HIPAA? Health Insurance Portability and Accountability Act.
Privacy and Security Laws for Health Care Organizations Presented by Robert J. Scott Scott & Scott, LLP
Computerized Networking of HIV Providers Workshop Data Security, Privacy and HIPAA: Focus on Privacy Joy L. Pritts, J.D. Assistant Research Professor Health.
NE SNIP PRIVACY WORKGROUP Use and Disclosure of Protected Health Information Regarding a Deceased Individual.
HIPAA Michigan Cancer Registrars Association 2005 Annual Educational Conference Sandy Routhier.
Practicing In Harmony with HIPAA The views and opinions expressed in the presentation are those of the presenter, and not necessarily official positions.
Medical Law and Ethics, Third Edition Bonnie F. Fremgen Copyright ©2009 by Pearson Education, Inc. Upper Saddle River, New Jersey All rights reserved.
Copyright ©2014 by Saunders, an imprint of Elsevier Inc. All rights reserved 1 Chapter 02 Compliance, Privacy, Fraud, and Abuse in Insurance Billing Insurance.
A Road Map to Research at Jefferson: HIPAA Privacy and Security Rules for Researchers Presented By: Privacy Officer/Office of Legal Counsel October 2015.
Welcome….!!! CORPORATE COMPLIANCE PROGRAM Presented by The Office of Corporate Integrity 1.
HIPAA Health Insurance Portability and Accountability Act.
Human Subjects Update E. Wethington, Chair, UCHS.
Copyright © 2011 Delmar, Cengage Learning. ALL RIGHTS RESERVED. Discussion Insurance Fraud For this Discussion board, let’s look at a case study. While.
HIPAA TRIVIA Do you know HIPAA?. HIPAA was created by?  The Affordable Care Act  Health Insurance companies  United States Congress  United States.
WHAT GUARDIANSHIP ATTORNEYS SHOULD KNOW BY RACHEL ANNE BROOKS MARCH 15, 2016 Health Care Privacy.
The Medical College of Georgia HIPAA Privacy Rule Orientation.
HIPAA Training Workshop #2 Trainer: Kaye L. Rankin Rankin Healthcare Consultants, Inc.
Juvenile Legislative Update 2013 Confidential Records and Protected Disclosures.
HIPAA Training Workshop #3 Individual Rights Kaye L. Rankin Rankin Healthcare Consultants, Inc.
HIPAA Privacy Rule Training
Health Insurance Portability and Accountability Act of 1996
DOL Employee Benefit Plan Audits & How to Prepare
UNDERSTANDING WHAT HIPAA IS AND IS NOT
Chapter 3 Legal Issues.
What is HIPAA? HIPAA stands for “Health Insurance Portability & Accountability Act” It was an Act of Congress passed into law in HEALTH INSURANCE.
HIPAA Administrative Simplification
HIPAA Pros - Disclosures
HIPAA Pros - Minimum Necessary
Lesson 1  7 Basic Components of an Effective Compliance Plan
HIPAA Policy & Procedure Strategies
Presentation transcript:

I.G. Subpoenas and the HIPAA Privacy Rule The views and opinions expressed in the presentation are those of the presenter, and not necessarily official positions of the Office of Inspector General, Department of Health and Human Services

The Inspector General’s Authority Inspector General Act of U.S.C. App 3 Inspector General Subpoenas 5 U.S. C. App 3 §6(a)(4) “to require by subpoena the production of all [documents] necessary in the performance of the functions assigned by this Act.”

HIPAA Privacy Rule 45 C.F.R. § permits covered entities to disclosure protected health information (PHI) without patient consent for the 12 “national priorities” listed in this section. Most disclosures to the HHS IG will come under 45 C.F.R. §§ (a) and (d)

The Inspector General as Health Oversight Agency Definition of a health oversight agency 45 C.F.R. § Regulation preamble 65 Fed. Reg (Dec 28, 2000)

The Health Oversight Exception 45 C.F.R. § (d) Permits covered entities to disclose protected health information to a health oversight agency for oversight activities authorized by law.

The Health Oversight Exception Examples of health oversight activities: audits, civil, administrative or criminal investigations, inspections, licensure or disciplinary actions, civil, administrative or criminal proceedings or actions

The Health Oversight Exception More health oversight activities: Health fraud investigations conducted with the FBI/DoJ. Both IG subpoenas and DoJ’s administrative subpoenas (18 U.S.C. §3486) are used. The HIPAA Privacy Rule permits covered entities to disclose to both types of subpoena under the health oversight exception.

The Health Oversight Exception More health oversight activities Joint investigations with other agencies: health oversight investigation conducted in conjunction with an investigation related to a claim for public benefits not related to health. Example: social security number fraud involving Medicaid and other public benefits such as food stamps, housing vouchers.

The Required by Law Exception 45 C.F.R. § (a) Permits covered entities to “disclose protected health information to the extent that such use or disclosure is required by law and the use or disclosure complies with and is limited to the relevant requirements of such law.”

Required by Law Definition of required by law 45 C.F.R. § Includes subpoenas issued by a governmental inspector general. Also includes the “Medicare conditions of participation with respect to health care providers participating in the program.”

Overlap of Health Oversight and Law Enforcement Some requests for disclosure of PHI could fit under more than one exception in 45 C.F.R. § Regulation Preamble 65 F.R : Covered entity may disclose PHI as permitted by one paragraph of § regardless of whether the disclose fails to meet the requirements under a different paragraph of § or elsewhere in the rule.

Health Care Fraud as Health Oversight Regulation Preamble 65 Fed. Reg explains that health care fraud was moved from law enforcement in the notice of proposed rule making to health oversight in the final rule.

Informing the Covered Entity Subpoena cover letter OIG will cite applicable section of the HIPAA Privacy Rule that permits disclosure OIG may demand a suspension of accounting of disclosures per 45 C.F.R. § Verification of Identity 45 C.F.R. § (h)(2)(ii)

Conclusion The HIPAA Privacy Rule permits covered entities to disclose PHI in response to IG subpoenas. The OIG will work with covered entities to allay concerns about an IG subpoena; however, when necessary, we will take action to enforce the subpoena. If a covered entity has questions about disclosure of PHI related to an IG subpoena from the HHS OIG, it should contact the Office of Counsel to the Inspector General at (202)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.