HIPAA What’s Said Here – Stays Here….
WHAT IS HIPAA Health Insurance Portability and Accountability Act Purpose is to protect clients (patients) from job discrimination, harassment and MOST OF ALL protect their PRIVACY Protects an individual’s identifiable health information or PHI (Protected health Information)
WHY? Federal Law HUGE Federal fines Texas Violators are subject to even HARSHER fines and penalties Loss of certifications, licenses, etc. Because it is the right thing to do for our clients (#1)
ACRONYMS YOU NEED TO KNOW Protected Health Information (PHI) Any information that may identify the individual Minimum Necessary Standards (MNS) Sharing the least amount of information necessary Electronic Health Records (EHR) Client records that can be transmitted or copied and shared digitally, faxed or via internet Breach Use or disclosure that compromises the security or privacy and can pose a significant risk of financial, reputational or other harm to the individual
WHAT IS PHI? Name Zip code Birth date Telephone numbers Fax numbers addresses Social Security Number Medical Record Number Health Plan Number Account Numbers Certificate/License Numbers Vehicle Identifiers Device IDs and Serial numbers URLs IP Addresses Biometrics (finger and voice prints) Full face photographs or comparable images Any other unique, identifying number, characteristic or code
WHEN DOES HIPAA APPLY? Whenever you have a conversation including PHI in any public area When you type PHI into your computer or view it on your computer , documents, therapy notes When PHI is visible on your desk When you , fax or text PHI When you are shredding documents with PHI When you are on social sites (Facebook, blog, website) All conversations, internet, digital and paper correspondence of PHI should be considered confidential and prohibited to office use only
AVOID HIPAA BREACHES Refrain from using client names or other identifying information when talking with someone IN or OUT of the office USE the shredder USE passwords on the computer log out when you are finished; use screen saver to hide information BE discrete about your posts online When in doubt DO NOT share Use Consent to Communicate forms to get permission to share information outside of Spectrum providers
BOTTOM LINE Civil and Criminal Fines are serious Civil and Criminal Fines are serious Can start at $25,000 and go up to $1.5 Million It all boils down to this…..Hipaa songHipaa song But don’t take it too far… Dr. ZenDr. Zen
OH NO! I BREACHED! Breaches include any disclosure of PHI that compromises security or privacy and poses financial, reputational or other harm to the affected individual. PHI was stolen or hacked into (your computer files must be encrypted) Files to remain locked at all times Employee being indiscrete with PHI Sending PHI to wrong person through mail, , etc. Notify Shanna IMMEDIATELY if you even THINK you breached Don’t delay – we will conduct an assessment of the risk Reporting breaches usually protects you Those who fail to report breaches are more seriously reprimanded Avoid Fines
PRACTICE REQUIREMENTS ALL clients will now sign Patient Acknowledgement of Hipaa Privacy Practices Form Spectrum’s Notice of Privacy Practices On the website “forms” page In a binder in the waiting room Shanna will to anyone who requests one
CLIENT RECORDS Client must request records in writing with Shanna Form for sending to client From for sending to a third party Must be provided to the client in the format of their request (or as closely as possible) Must be provided within 15 days of the request
HI TECH PROTECTION Adding new levels of passwords and restrictions for PHI – contact Shanna for assistance if you do not have a secure and need to send PHI Encrypted files on your laptops, travel drives, etc. – Anywhere you keep PHI of clients (therapy notes, etc.) Client files are kept in the reception area – locked at ALL times Only employees with direct access needs will have access to the office – individual codes will be provided for door locks
TRAINING SIGNATURES Hipaa Employee Training & Confidentiality Agreement Spectrum Confidentiality Form HI-Tech Law Policy Texas HB 300 Employee Worksheet
HIPAA TEST Complete the Spectrum Hipaa Test
SUBMIT DOCUMENTS Submit all signed documents and completed test to: by Ande in the office
QUESTIONS /NEEDS Shanna Kemp (mobile)