PricewaterhouseCoopers 1 Administrative Simplification: Privacy Audioconference April 14, 2003 William R. Braithwaite, MD, PhD “Doctor HIPAA” HIPAA Today.

Slides:

Advertisements

Similar presentations

Todd Frech Ocius Medical Informatics 6650 Rivers Ave, Suite 137 North Charleston, SC Health Insurance Portability.

Advertisements

HIPAA Privacy Practices. Notice A copy of the current DMH Notice must be posted at each service site where persons seeking DMH services will be able to.

Protecting Patient Privacy:

HIPAA Basics Brian Fleetham Dickinson Wright PLLC.

HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.

Confidentiality and HIPAA

HIPAA Privacy Rule Training

Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.

National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

P E N N S Y L V A N I A C O A L I T I O N A G A I N S T D O M E S T I C V I O L E N C E P E N N S Y L V A N I A C O A L I T I O N A G A I N S T RAPE HIPAA.

What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

NAU HIPAA Awareness Training

1 Louisiana Department of Health and Hospitals Basic HIPAA Privacy Training: Policies and Procedures 01/09/

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

Health Insurance Portability and Accountability Act (HIPAA) Presented by: APS Healthcare Southwestern PA Health Care Quality Unit (HCQU) December 2010.

HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.

COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.

Jill Moore April 2013 HIPAA Update: New Rules, New Challenges.

Are you ready for HIPPO??? Welcome to HIPAA

HIPAA HIPAA Health Insurance Portability and Accountability Act of 1996.

Professional Nursing Services.  Privacy and Security Training explains:  The requirements of the federal HIPAA/HITEC regulations, state privacy laws.

RMG:Red Flags Rule 1 Regal Medical Group Red Flags Rule Identify Theft Training.

HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.

The University of Kansas Medical Center Shadow Experience Training.

Columbia University Medical Center Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy & Information Security Training 2009.

Notice of Privacy Practices Nebraska SNIP Privacy Subgroup July 18, 2002 Michael J. Brown, MHA, CPA Vice-President, Administrative & Regulatory Affairs,

HIPAA PRIVACY AND SECURITY AWARENESS.

Privacy and Security of Protected Health Information NorthPoint Health & Wellness Center 2011.

HIPAA OBJECTIVES  Define HIPAA  Define PHI  Use of PHI  Your rights  Your responsibilities.

Office of the Secretary Office for Civil Rights (OCR) Indian Health Service HIPAA Training Hosted by the Aberdeen Area Office July 24, 2012.

Copyright ©2011 by Pearson Education, Inc. Upper Saddle River, New Jersey All rights reserved. Health Information Technology and Management Richard.

Computerized Networking of HIV Providers Workshop Data Security, Privacy and HIPAA: Focus on Privacy Joy L. Pritts, J.D. Assistant Research Professor Health.

HIPAA Michigan Cancer Registrars Association 2005 Annual Educational Conference Sandy Routhier.

© 2009 The McGraw-Hill Companies, Inc. All rights reserved. 1 McGraw-Hill Chapter 2 The HIPAA Privacy Standards HIPAA for Allied Health Careers.

Medical Law and Ethics, Third Edition Bonnie F. Fremgen Copyright ©2009 by Pearson Education, Inc. Upper Saddle River, New Jersey All rights reserved.

Speak HIPAA Like a Native A Guide to Common HIPAA Nomenclature University of Miami Ethics Programs.

Building a Privacy Foundation. Setting the Standard for Privacy Health Insurance Portability and Accountability Act (HIPAA) Patient Bill of Rights Federal.

Health Insurance Portability and Accountability Act (HIPAA) CCAC.

Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill Chapter 6 The Privacy and Security of Electronic Health Information.

Health Insurance Portability and Accountability Act of 1996 HIPAA Privacy Training for County Employees.

Understanding HIPAA (Health Insurandce Portability and Accountability Act)

© 2013 The McGraw-Hill Companies, Inc. All rights reserved. Ch 8 Privacy Law and HIPAA.

Chapter 7—Privacy Law and HIPAA

HIPAA PRACTICAL APPLICATION WORKSHOP Orientation Module 1B Anderson Health Information Systems, Inc.

HIPAA THE PRIVACY RULE. 2 HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti- depressant medications.

Rhonda Anderson, RHIA, President  …is a PROCESS, not a PROJECT 2.

Copyright ©2014 by Saunders, an imprint of Elsevier Inc. All rights reserved 1 Chapter 02 Compliance, Privacy, Fraud, and Abuse in Insurance Billing Insurance.

HIPAA Privacy The Morning After Panel What do we do now? William R. Braithwaite, MD, PhD (moderator) Washington, DC Ross Hallberg, Corporate Compliance.

C HAPTER 34 Code Blue Health Sciences Edition 4. Confidentiality of sensitive information is an important issue in healthcare. Breaches of confidentiality.

HIPAA Privacy for Pharma Audioconference 5/29/2002 pwC.

PricewaterhouseCoopers 1 Administrative Simplification: Privacy, Security, and Compliance NCHCC Washington, DC February 6, 2003 William R. Braithwaite,

Roundtable on Privacy in Transition: Is Privacy Policy Working in the Healthcare Sector?

PricewaterhouseCoopers 1 Administrative Simplification: Strategic Thinking in Compliance National HIPAA Summit V Baltimore, MD October 31, 2002 William.

HIPAA Overview Why do we need a federal rule on privacy? Privacy is a fundamental right Privacy can be defined as the ability of the individual to determine.

CH 10. Confidentiality A. Confidentiality about sensitive medical information is necessary to preserve the patient’s dignity. B. In order to receive payment.

1 Administrative Simplification: The Last Word National HIPAA Summit 8 Baltimore, MD March 9, 2004 William R. Braithwaite, MD, PhD “Doctor HIPAA”

Table of Contents. Lessons 1. Introduction to HIPAA Go Go 2. The Privacy Rule Go Go.

HIPAA Privacy What Every Staff Member Needs to Know.

Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill/Irwin Chapter 6 The Privacy and Security of Electronic Health Information.

HIPAA Training Workshop #3 Individual Rights Kaye L. Rankin Rankin Healthcare Consultants, Inc.

Health Insurance Portability and Accountability Act of 1996

What is HIPAA? HIPAA stands for “Health Insurance Portability & Accountability Act” It was an Act of Congress passed into law in HEALTH INSURANCE.

HIPAA Administrative Simplification

Disability Services Agencies Briefing On HIPAA

National Congress on Health Care Compliance

HIPAA SECURITY RULE Copyright © 2008, 2006, 2004 by Saunders an imprint of Elsevier Inc. All rights reserved.

HIPAA Privacy and Security Update - 5 Years After Implementation

Presentation transcript:

PricewaterhouseCoopers 1 Administrative Simplification: Privacy Audioconference April 14, 2003 William R. Braithwaite, MD, PhD “Doctor HIPAA” HIPAA Today is a Watershed Date: - Where Should We Be - How to Get There

PricewaterhouseCoopers 2 Why HIPAA Privacy is Important… Privacy important to consumers a fundamental component of high-quality, patient- centered healthcare. When individuals worry about misuse of their personal health information, they take steps to circumvent the system to protect their privacy. Source: California HealthCare Foundation and Consumers Union. Promoting Health, Protecting Privacy: A Primer. Oakland, Calif: California HealthCare Foundation and Consumers Union; January 1999.

PricewaterhouseCoopers 3 Principles of Fair Info Practices Notice Existence and purpose of record-keeping systems must known. Choice – information is: Collected only with knowledge and permission of subject. Used only in ways relevant to the purpose for which the data was collected. Disclosed only with permission or overriding legal authority. Access Individual right to see records and assure quality of information. –accurate, complete, and timely. Security Reasonable safeguards for confidentiality, integrity, and availability of information. Enforcement Violations result in reasonable penalties and mitigation.

PricewaterhouseCoopers 4 Individual’s Rights Individuals have the right to: A written notice of information practices from health plans and providers. Inspect and obtain a copy of their PHI (DRS). Obtain an accounting of disclosures. Amend their records. Request restrictions on uses and disclosures. Accommodation of reasonable communication requests. Complain to the covered entity and to HHS.

PricewaterhouseCoopers 5 Enforcement by HHS Enforcement by investigating complaints. not HIPAA police force -- OCR not OIG for privacy. Fines by HHS are unlikely (and small). Fines and jail time possible from DOJ. Where intent can be proven. BUT, real risk comes from Civil liability from private lawsuits. Federal Trade Commission (Eli Lilly). New privacy laws (federal and state).

PricewaterhouseCoopers 6 Registration: What does HIPAA require? Give the patient a copy of the Notice of Privacy Practices. Make a good faith effort to obtain a patient’s written acknowledgement of receipt of the Notice. The registration clerk must have been trained in privacy. The system the registration clerk uses must have security settings to allow minimum access and to prevent unauthorized access. Public access must be limited in areas where medical records are visible. Follow verification procedures to ensure the identity and authority of individuals requesting medical records. Patient requests to exercise their rights are initiated at the Reception Area: Request for Alternative Communications Request for Access to Records Amendment Request Form Complaints Accounting of Disclosure Request for Further Restriction

PricewaterhouseCoopers 7 Authorization is necessary for the use or disclosure of protected health information for purposes other than treatment, payment or health care operation. Requests for access to psychotherapy notes, HIV/AIDS information will require special protections and always require an authorization. The minimum necessary standard does not apply when treating patients. The patient may approach the treating physician to request amendment or correction of information they believe to be incorrect in their medical record or other designated record set. The physician who wrote the entry can immediately amend the medical record to reflect the patient’s request if the physician considers the request valid or The physician can request the patient put the request in writing preferably using an Amendment Request form. Clinicians: What does HIPAA require?

PricewaterhouseCoopers 8 Keys to Compliance Data Flow Where and how is PHI is stored and transmitted. Job Descriptions Accuracy required to refine role-based access. Policies & Procedures Focus on those needed to support patient rights. All workforce members must be trained to know them & follow them. Enforcement Administrative commitment to consistently monitor and enforce privacy/security incidents.

PricewaterhouseCoopers 9 Questions?