Presentation is loading. Please wait.

Presentation is loading. Please wait.

What is HIPAA? HIPAA stands for “Health Insurance Portability & Accountability Act” It was an Act of Congress passed into law in 1996. HEALTH INSURANCE.

Similar presentations


Presentation on theme: "What is HIPAA? HIPAA stands for “Health Insurance Portability & Accountability Act” It was an Act of Congress passed into law in 1996. HEALTH INSURANCE."— Presentation transcript:

1 What is HIPAA? HIPAA stands for “Health Insurance Portability & Accountability Act” It was an Act of Congress passed into law in 1996. HEALTH INSURANCE PORTABILITY & Accountability Act The first part of the act guaranteed that individuals could move from one health plan to another without losing insurance coverage or be denied coverage because of pre-existing conditions. We will NOT be addressing this material !!! June 2014 HIPAA - Overview

2 Health Insurance Portability & Accountability Act
The second part of the Act addressed the subject of healthcare fraud and abuse. We will NOT be addressing this material either !!! June 2014 HIPAA - Overview

3 The Privacy Rule The final area of the Act, which is not in its name, addresses “Administrative Simplification”. This section is intended to “decrease costs and administrative burdens of providing health care” The funny thing is … It’s the MOST complicated portion of the HIPAA regulations! Administrative Simplification covers 3 areas: Transaction and Code Sets – NOT covering Security – NOT covering The Privacy Rule The Privacy Rule is the ONLY area we ARE covering. It is the area of HIPAA most commonly addressed by the everyday healthcare world. June 2014 HIPAA - Overview

4 It provides the patient with the right to:
The Privacy Rule helps to create a national standard to protect PHI, or Protected Health Information. It provides the patient with the right to: Authorize the Disclosure of PHI Restrict release of PHI Obtain a copy of their PHI Request amendment of their PHI Obtain a list of those receiving their PHI The patient also may: File complaints with the Office for Civil Rights for suspected mishandling of PHI Request a Notice of PHI Practices from providers and health plans Have reasonable requests for confidential communication of PHI accomodated June 2014 HIPAA - Overview

5 Health Information vs. PHI
Oral or Recorded Info Created/received by a provider, health plan, public health authority, life insurer, school, or clearinghouse Relates to Past, Present, or Future Physical or Mental Health or Other Health Condition Concerns provision or past/present/future payment of healthcare PHI Individually identifiable Transmitted or maintained in any form or medium June 2014 HIPAA - Overview

6 Who must comply with HIPAA? “Covered Entities”
Public and private health plans Healthcare clearinghouses Any healthcare provider who transmits health information in electronic transactions Business associates – entities that perform business on behalf of these others (more later) June 2014 HIPAA - Overview

7 Health Care Providers “Providers of services”
e.g. institutional providers such as hospitals “Providers of medical or health services” e.g. physicians, dentists, and other practitioners Any other person or organization that furnishes, bills, or is paid for health care Electronic Transactions Claims Benefit eligibility inquiries Referral authorization requests Other transactions under HHS standards Includes direct or third party (e.g. billing service) June 2014 HIPAA - Overview

8 Business Associates Person or organization
Functions or activities on behalf of a covered entity: Claims processing Data analysis Utilization review Billing Services to a covered entity: Legal / accounting / financial / consulting Management / administrative / accreditation These must involve use or disclosure of PHI – it does NOT include situations where access to PHI is incidental A covered entity can be a business associate of another covered entity June 2014 HIPAA - Overview

9 Business Associate Contract
Covered entity must impose “specific written safeguards” on PHI used or disclosed by the business associate Covered entity may NOT contractually authorize any use or disclosure of PHI that would violate the Privacy Rule June 2014 HIPAA - Overview

10 The Cost of Non-Compliance
Potential loss of licensure and/or accreditation Civil Monetary Penalties pursued by the Office for Civil Rights $100 per violation Capped at $25k per calendar year per violation June 2014 HIPAA - Overview

11 The Cost of Non-Compliance
Criminal Penalties Pursued by the US Dept of Justice “Knowingly obtaining or disclosing PHI” – up to $50k fine and 1 yr in prison “Under false pretenses” – up to $100k fine and 5 yrs in prison “Intent to sell, transfer, or use...” – up to $250k fine and 10 yrs in prison June 2014 HIPAA - Overview

12 What Training is Required
All employees, volunteers, and contractors New employees must received training no later than 30 days after starting a position Training should be department specific (i.e. Health Information Management staff vs. a front desk receptionist) Training when policies are revised Documentation of training maintained in writing or electronically for six (6) years June 2014 HIPAA - Overview


Download ppt "What is HIPAA? HIPAA stands for “Health Insurance Portability & Accountability Act” It was an Act of Congress passed into law in 1996. HEALTH INSURANCE."

Similar presentations


Ads by Google