Page 1 of 16 DMC HIPAA Privacy and Security DMC’S COMMITMENT TO COMPLIANCE: HIPAA PRIVACY and SECURITY DMC Corporate Audit and Compliance Department Detroit.

Slides:



Advertisements
Similar presentations
HIPAA Security.
Advertisements

HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.
Privacy and Information Security Training ( ) VUMC Privacy Website
HIPAA Training: Health Insurance Portability and Accountability Act.
Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.
HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.
HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website:
Confidentiality and HIPAA
COBB/DOUGLAS COMMUNITY SERVICES BOARD Confidentiality and Privacy of Consumer Information.
The Health Insurance Portability and Accountability Act Basic HIPAA Training For CMU workforce with access to PHI.
HIPAA Security Training 2005
HIPAA Health Insurance Portability and Accountability Act.
To run in Slide Show mode If using PowerPoint 2003 click Slide Show, View Show from the Menu Bar. If using PowerPoint 2010 click the Slide Show tab, then.
1 HIPAA Privacy and Security Cindy Cummings, RHIT.
WORKFORCE CONFIDENTIALITY HIPAA Reminders. HIPAA 101 The Health Insurance Portability and Accountability Act (HIPAA) protects patient privacy. HIPAA is.
HIPAA Health Insurance Portability and Accountability Act.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
NAU HIPAA Awareness Training
1 Louisiana Department of Health and Hospitals Basic HIPAA Privacy Training: Policies and Procedures 01/09/
HIPAA Health Insurance Portability and Accountability Act.
HIPAA Security Understanding the Regulations And Your Role in Protecting Confidential Data.
Health Insurance Portability & Accountability Act “HIPAA” To every patient, every time, we will provide the care that we would want for our own loved ones.
Are you ready for HIPPO??? Welcome to HIPAA
1 Electronic Information Security – What Researchers Need to Know University of California Office of the President Office of Research May 2005.
HIPAA What’s Said Here – Stays Here…. WHAT IS HIPAA  Health Insurance Portability and Accountability Act  Purpose is to protect clients (patients)
HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.
HIPAA Health Insurance Portability & Accountability Act of 1996.
HIPAA Basic Training for Privacy and Information Security Vanderbilt University Medical Center VUMC HIPAA Website: HIPAA Basic.
HIPAA Privacy & Security EVMS Health Services 2004 Training.
Columbia University Medical Center Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy & Information Security Training 2009.
DMC’s Commitment to Compliance Comprehensive Compliance Program 2010
HIPAA Privacy & Security Kay Carolin Barbara Ann Karmanos Cancer Center March 2009.
HIPAA PRIVACY AND SECURITY AWARENESS.
Privacy and Security of Protected Health Information NorthPoint Health & Wellness Center 2011.
HIPAA OBJECTIVES  Define HIPAA  Define PHI  Use of PHI  Your rights  Your responsibilities.
1 HIPAA OVERVIEW ETSU. 2 What is HIPAA? Health Insurance Portability and Accountability Act.
Health Insurance Portability and Accountability Act (HIPAA)
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
HIPAA Training Developed for Ridgeview Institute 2012 Hospital Wide Orientation.
HIPAA Michigan Cancer Registrars Association 2005 Annual Educational Conference Sandy Routhier.
Page 1 of 23 DMC’S COMMITMENT TO COMPLIANCE: COMPLIANCE PROGRAM CODE OF CONDUCT 2009 DMC Corporate Audit and Compliance Department Detroit Medical Center©
Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill Chapter 6 The Privacy and Security of Electronic Health Information.
Health Insurance Portability and Accountability Act of 1996 HIPAA Privacy Training for County Employees.
Understanding HIPAA (Health Insurandce Portability and Accountability Act)
Privacy & Confidentiality
HIPAA Health Insurance Portability and Accountability Act of 1996.
A Road Map to Research at Jefferson: HIPAA Privacy and Security Rules for Researchers Presented By: Privacy Officer/Office of Legal Counsel October 2015.
HIPAA: Breach Notification By: Office of University Counsel For: Jefferson IRB Continuing Education September 2014.
HIPAA/HITECH TRAINING. Why are we here?  HIPAA  HITECH  PHI  Minimum Necessary “Need to Know”  Breaches and Fines.
 Health Insurance and Accountability Act Cornelius Villalon Jr.
The Health Insurance Portability and Accountability Act of 1996 “HIPAA” Public Law
HIPAA TRIVIA Do you know HIPAA?. HIPAA was created by?  The Affordable Care Act  Health Insurance companies  United States Congress  United States.
HIPAA Training. What information is considered PHI (Protected Health Information)  Dates- Birthdays, Dates of Admission and Discharge, Date of Death.
The Health Insurance Portability and Accountability Act (HIPAA) requires Plumas County to train all employees in covered departments about the County’s.
HIPAA Privacy What Every Staff Member Needs to Know.
Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill/Irwin Chapter 6 The Privacy and Security of Electronic Health Information.
Health Insurance Portability and Accountability Act (HIPAA) Primer for Observers, Volunteers, Medical Students Dr. Michael Palumbo- Privacy Officer/ EVP.
Reviewed by: Gunther Kohn Chief Information Officer, UB School of Dental Medicine Date: October 20, 2015 Approved by: Sarah L. Augustynek Compliance Officer,
The Health Insurance Portability and Accountability Act 
Developed for Ridgeview Institute 2015 Hospital Wide Orientation
HIPAA Online Student Orientation
HIPAA PRIVACY AWARENESS, COMPLIANCE and ENFORCEMENT
Disability Services Agencies Briefing On HIPAA
The Health Insurance Portability and Accountability Act Basic HIPAA Training For CMU workforce with access to PHI.
The Health Insurance Portability and Accountability Act
HIPAA & PHI TRAINING & AWARENESS
The Health Insurance Portability and Accountability Act
The Health Insurance Portability and Accountability Act
Presentation transcript:

Page 1 of 16 DMC HIPAA Privacy and Security DMC’S COMMITMENT TO COMPLIANCE: HIPAA PRIVACY and SECURITY DMC Corporate Audit and Compliance Department Detroit Medical Center© Reviewed: January, 2009

Page 2 of 16 DMC HIPAA Privacy and Security HIPAA RULES Privacy Became law on April 14, 2003 Information regarding patients is confidential. This information is Protected Health Information (PHI) Security Became law on April 21, 2005 Information regarding patients maintained, stored, and transmitted electronically is Electronic Protected Health Information (EPHI) General Rule: Information about our patients should only be used or disclosed as authorized.

Page 3 of 16 DMC HIPAA Privacy and Security USING AND DISCLOSING PHI PHI disclosure is permitted for purposes of: Treatment Payment Hospital Operations Use is limited to the “Minimum Necessary” to conduct your job duties Policies exist to guide the disclosure of information (DMC policy 1 HIM 153) Accessing your own information is inappropriate and may result in disciplinary action

Page 4 of 16 DMC HIPAA Privacy and Security PROTECTED INFORMATION PHI includes information: On paper In a computer Orally communicated In any other form EPHI includes information: On your computer hard drive On floppy disks, CDs or magnetic tapes Sent via the Internet - - By - Other means

Page 5 of 16 DMC HIPAA Privacy and Security Name Street Address, City, County, Zip Code Dates: Birth, Admission, Discharge or Date of Death Numbers: Social Security, Medical Record, FIN, Patient Account, Health Plan Beneficiary Telephone or Fax Numbers Address EXAMPLES OF PHI AND EPHI

Page 6 of 16 DMC HIPAA Privacy and Security Privacy Rule DO NOT share passwords or login ID DO NOT write down password where others may access it. Log-off your computer when you will be away a significant period of time “Suspend” when you will be away from your computer for a short period of time Position monitors out of view of the public eye Security Rule Change your password every 90 days Choose passwords that are NOT easily guessed Use password protected screensavers, suspense mode and keyboard locks Place disks or tapes in a secure location Immediately report anyone outside of DMC IS Security asking for your password SECURING PHI

Page 7 of 16 DMC HIPAA Privacy and Security Privacy Rule Use caution and respect patients’ privacy when discussing protected health information in public Read and understand the policies and procedures relating to HIPAA Privacy and Security (DMC policy 1 CG 035) When using or disclosing PHI, limit the PHI to the minimum necessary to accomplish the intended use or disclosure SECURING PHI

Page 8 of 16 DMC HIPAA Privacy and Security with PHI sent outside the DMC should be encrypted. The steps to encrypt are: - Type SECURE in capital letters in the subject line - will be sent to a secure holding site - The receiver will get a notification with instructions on retrieving the secure Faxes Double check fax number Use cover page which includes your contact information If fax is received by the wrong location, have the fax destroyed or returned to you SENDING PHI AND EPHI

Page 9 of 16 DMC HIPAA Privacy and Security DO NOT open any unknown attachments, files or unrecognizable s Report any suspicious activity, such as new software or hardware appearing on your computer to the DMC Help Desk DO NOT install unapproved software/hardware or use unapproved , such as Hotmail, Yahoo, etc. Contact your manager/supervisor or the DMC Help Desk if you believe someone may have logged onto your computer PROTECTING YOUR COMPUTER AND PHI

Page 10 of 16 DMC HIPAA Privacy and Security EMERGENCY DOWNTIMES The DMC has a contingency plan to address system access during power failures, disasters, weather hazards, or other situations limiting access to patient data: Know the recovery plan as it relates to your job Know the related policies (available on the DMC Intraweb) Know how to report emergencies Know how the emergency may impact patient care

Page 11 of 16 DMC HIPAA Privacy and Security SECURING PHI ON WIRELESS DEVICES The biggest risk to PHI on Personal Digital Assistants (PDA) and laptops is theft. Secure PDA’s and Laptops: Always use password protected screen saver Passwords should be kept secure and confidential Back-up data Consider encrypting PHI Install and use virus protection software Lock devices in a secure location when not in use If device is stolen, an incident report should be filed

Page 12 of 16 DMC HIPAA Privacy and Security PENALTIES FOR HIPAA VIOLATIONS Disciplinary action up to and including termination Exclusion from participation in Medicare and Medicaid programs Jail sentences for employees, administrators and physicians: HIPAA Specific – - Up to One Year for misuse of protected health information - Up to Five Years for misuse of PHI under false pretenses - Up to Ten Years for misuse with intent to sell, transfer or use PHI for commercial advantage, personal gain or malicious harm

Page 13 of 16 DMC HIPAA Privacy and Security PENALTIES HIPAA violations may result in millions of dollars in fines: $50,000 for misuse of protected health information $100,000 for misuse of PHI under false pretenses $250,000 for misuse with intent to sell, transfer or use PHI for commercial advantage, personal gain or malicious harm

Page 14 of 16 DMC HIPAA Privacy and Security HIPAA REPORTING DMC will take disciplinary action for breaches of privacy and information security, up to and including termination: You are required to understand the law, and how it affects your job Even an “accidental” disclosure could have consequences As a condition of employment, employees agree to read and abide by the policies and procedures covering HIPAA Individuals should immediately report any observed or suspected HIPAA breach to - - Your manager/supervisor - Corporate Audit and Compliance Department at: Compliance Hotline at:

Page 15 of 16 DMC HIPAA Privacy and Security HIPAA SUMMARY Safeguarding PHI is everyone’s job. If you have questions or concerns about your responsibility in protecting patient health information: - Talk to your supervisor - Send your questions to - - Call Corporate Audit and Compliance Department at:

Page 16 of 16 DMC HIPAA Privacy and Security SUMMARY We hope this NetLearning course has been both informative and helpful. Feel free to review this course until you are confident about your knowledge of the material presented. Click any of the following menu selections located on the left side of the screen: Take Test button to complete the requirements for this course My Records button to return to your CBL Courses to Complete list Exit button to close the Student Interface

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.