An Overview for In-Home Service Providers Legal advice must be tailored to specific circumstances. Information provided in this presentation should not.

Slides:



Advertisements
Similar presentations
H = P = A = HIPAA DEFINED HIPAA … A Federal Law Created in 1996 Health
Advertisements

SIMPLIFYING PRIVACY: HIPAA PRIVACY STANDARDS AND RESEARCH Angela M. Vieira General Counsel Childrens Hospital and Health Center June 5, 2004.
HIPAA Privacy Practices. Notice A copy of the current DMH Notice must be posted at each service site where persons seeking DMH services will be able to.
HIPAA AWARENESS TRAINING
The Department has declared itself to be a single covered entity. Thus, each and every one of our divisions is a covered entity and must comply with.
Minimum Necessary Standard Version 1.0
 What is the Privacy Rule? The Standards for Privacy of Individually Identifiable Health Information (Privacy Rule) governs the use and disclosure of.
“Reaching across Arizona to provide comprehensive quality health care for those in need” Our first care is your health care Arizona Health Care Cost Containment.
Headaches and Pitfalls in Business Associate Contract Management © 2013 Christiansen IT Law American Bar Association Health Law Section eHealth, Privacy.
HIPAA Training: Health Insurance Portability and Accountability Act.
HIPAA Basics Brian Fleetham Dickinson Wright PLLC.
HIPAA: Privacy, Security, and HITECH, Oh My! Presented by Stephanie L. Ganucheau, Special Assistant Attorney General.
HIPAA Basics November 1, 2014.
HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.
The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
HIPAA What’s New? What Is HIPAA Health Insurance Portability and Accountability Act of 1996 Health Insurance Portability and Accountability Act.
Changes to HIPAA (as they pertain to records management) Health Information Technology for Economic Clinical Health Act (HITECH) – federal regulation included.
 Original Intent: ◦ Act passed in 1996 with two main goals: 1.Ensure individuals would be able to maintain their health insurance between jobs (the “portability”
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
Health Insurance Portability and Accountability Act (HIPAA) Presented by: APS Healthcare Southwestern PA Health Care Quality Unit (HCQU) December 2010.
H IPAA PRIVACY WORK GROUP FOR EYE BANKS EBAA HIPAA PRIVACY WORK GROUP Christina W. Strong, Esq., Facilitator.
 The Health Insurance Portability and Accountability Act of  Federal Law designed to protect sensitive information.  HIPAA violations are enforced.
© 2011 The McGraw-Hill Companies, Inc. All rights reserved. 2.5 HIPAA Legislation and its Impact on Physician Practices 2-15 The Health Insurance Portability.
COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.
Jill Moore April 2013 HIPAA Update: New Rules, New Challenges.
Are you ready for HIPPO??? Welcome to HIPAA
Professional Nursing Services.  Privacy and Security Training explains:  The requirements of the federal HIPAA/HITEC regulations, state privacy laws.
Privacy, Security and Compliance Concerns for Management and Boards November 15, 2013 Carolyn Heyman-Layne, Esq. 1.
Protecting Client Data HIPAA, HITECH and PIPA Part 1A
Health Insurance Portability & Accountability Act (HIPAA)
March 19, 2009 Changes to HIPAA Privacy and Security Requirements Joel T. Kopperud Scott A. Sinder Rhonda M. Bolton.
HIPAA Compliance Strategies for Employers, METs, MEWAs and Taft Hartley Union Trust Funds The HIPAA Colloquium at Harvard University Presented by: Melissa.
© Copyright 2014 Saul Ewing LLP The Coalition for Academic Scientific Computation HIPAA Legal Framework and Breach Analysis Presented by: Bruce D. Armon,
2 HIPAA, HITECH, and Medical Records. Learning Outcomes When you finish this chapter, you will be able to: 2.1Discuss the importance of medical records.
HIPAA COMPLIANCE FANTASTIC FOUR CASEY FORD MANINDER SINGH RANGER OLSOM Information Security in Real Business.
Medical Records in Court: Life after HIPAA North Carolina Conference of Superior Court Judges, October 2003 Presented by Jill Moore, UNC School of Government.
HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.
HIPAA Health Insurance Portability & Accountability Act of 1996.
Notice of Privacy Practices Nebraska SNIP Privacy Subgroup July 18, 2002 Michael J. Brown, MHA, CPA Vice-President, Administrative & Regulatory Affairs,
HIPAA PRIVACY AND SECURITY AWARENESS.
Privacy and Security of Protected Health Information NorthPoint Health & Wellness Center 2011.
Dealing with Business Associates Business Associates Business Associates are persons or organizations that on behalf of a covered entity: –Perform any.
LAW SEMINARS INTERNATIONAL CLOUD COMPUTING: LAW, RISKS AND OPPORTUNITIES Developing Effective Strategies for Compliance With the HITECH Act and HIPAA’s.
Computerized Networking of HIV Providers Workshop Data Security, Privacy and HIPAA: Focus on Privacy Joy L. Pritts, J.D. Assistant Research Professor Health.
HITECH Act and HIPAA: Important Compliance Update Susan E. Ziel Gerald “Jud” DeLoss.
HIPAA Michigan Cancer Registrars Association 2005 Annual Educational Conference Sandy Routhier.
HIPAA SURVIVAL SKILLS: An Update University of Miami1 Marisabel Davalos, M.S.Ed., CIP Associate Director of Educational Initiatives November, 2008.
Advanced Issues in Privacy: Drafting and Negotiating Business Associate Contracts Thomas E. Jeffry, Jr. Partner Davis Wright Tremaine LLP Los Angeles,
Health Insurance Portability and Accountability Act of 1996 HIPAA Privacy Training for County Employees.
HIPAA BASIC TRAINING Presented by Anderson Health Information Systems, Inc.
HealthBridge is one of the nation’s largest and most successful health information exchange organizations. Tri-State REC: Privacy and Security Issues for.
Copyright ©2014 by Saunders, an imprint of Elsevier Inc. All rights reserved 1 Chapter 02 Compliance, Privacy, Fraud, and Abuse in Insurance Billing Insurance.
HITECH and HIPAA Presented by Rhonda Anderson, RHIA Anderson Health Information Systems, Inc
HIPAA A Sea of Confusion, A Wave of the future and A High Tide of Confidentiality.
1 Changes to Privacy Regulations under ARRA May 4, 2009 Melissa Goldstein, J.D. The George Washington University School of Public Health and Health Services.
Top 10 Series Changes to HIPAA Devon Bernard AOPA Reimbursement Services Coordinator.
Configuring Electronic Health Records Privacy and Security in the US Lecture b This material (Comp11_Unit7b) was developed by Oregon Health & Science University.
HIPAA Overview Why do we need a federal rule on privacy? Privacy is a fundamental right Privacy can be defined as the ability of the individual to determine.
HIPAA/HITECH TRAINING. Why are we here?  HIPAA  HITECH  PHI  Minimum Necessary “Need to Know”  Breaches and Fines.
HIPAA TRIVIA Do you know HIPAA?. HIPAA was created by?  The Affordable Care Act  Health Insurance companies  United States Congress  United States.
UNDERSTANDING WHAT HIPAA IS AND IS NOT
Enforcement, Business Associates and Breach Notification. Oh my!
Health Information Privacy & Security
What is HIPAA? HIPAA stands for “Health Insurance Portability & Accountability Act” It was an Act of Congress passed into law in HEALTH INSURANCE.
HIPAA CONFIDENTIALITY
HIPAA Administrative Simplification
HIPAA.
HIPPA/HITECH Act Requirements Under the Business Associate Agreement Between CNI and Military Health Services.
National Congress on Health Care Compliance
Presentation transcript:

An Overview for In-Home Service Providers

Legal advice must be tailored to specific circumstances. Information provided in this presentation should not be used as a substitute for advice of competent counsel. Please consult your own attorney if you have any questions regarding any particular issue.

HIPAA = The Health Insurance Portability and Accountability Act of HIPAA is a federal law that establishes the Administrative Simplification Standards. The Administrative Simplification Standards improve the identification of fraud and provide security and privacy of an individual’s health information.

Privacy Standards (4/14/03) Transactions and Code Sets (10/16/03) National Employer Identifier (7/30/04; 8/1/05) Security Standards (4/21/05; 06) Enforcement Rule (3/16/06) National Provider Identifier (5/23/07; 08) Breach Notification (9/23/09)

HITECH Act of the American Recovery and Reinvestment Act of 2009 (ARRA) imposes new obligations on covered entities (CE) and business associates (BA). Breach Notification BA directly responsible for compliance with the Security Rule and directly liable for violations of the Security Rule and breaches.

EVERYONE!

Protected Health Information (PHI) & e-PHI Covered Entity (CE) Business Associate (BA) Use Disclosure Minimum Necessary Improper use/disclosure Security Incident Breach

“individually identifiable health information…that is: Transmitted by electronic media; Maintained in electronic media; or Transmitted or maintained in any other form or medium.” 45 CFR sec

PHI that is transmitted and/or maintained in an electronic format. 45 CFR sec

A CE must comply with HIPAA. A CE is: A health plan; A health care clearinghouse; or A health care provider who transmits any health information in electronic form in connection with a transaction covered by this subchapter. 45 CFR sec

A person/company/firm that performs a function for the CE that requires the use, disclosure, or creation of PHI. A BA may also be a CE. 45 CFR sec

“Use” means, with respect to individually identifiable health information, the sharing, employment, application, utilization, examination, or analysis of such information within an entity that maintains such information.” 45 CFR sec

“Disclosure means the release, transfer, provision of access to, or divulging in any other manner of information outside the entity holding the information.” 45 CFR CE BA PHI

“When using or disclosing PHI or when requesting PHI from another CE, a CE must make reasonable efforts to limit PHI to the minimum necessary to accomplish the intended purpose of the use, disclosure, or request.” 45 CFR sec (b)(1)

BAs must report to DSS: Uses or disclosures not permitted or required by the Business Associate provisions of their respective contract(s) or by HIPAA.

BAs must report to DSS: Attempted or successful unauthorized access, use, modification, or destruction of information or interference with systems operations in an information system. 45 CFR

Unauthorized acquisition, access, use, or disclosure of PHI which compromises security or privacy of information, except where the unauthorized person to whom such information is disclosed would not reasonably have been able to retain the information. 42 USC sec & 45 CFR sec

Notice sent to an individual of a breach of his/her PHI is required under the ARRA HITECH Act! Breaches involving PHI of more than 500 individuals in one incident must be immediately reported to HHS by the CE for posting on the HHS website.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.