Presentation is loading. Please wait.

Presentation is loading. Please wait.

WHAT IS HIPAA AND HOW TO COMPLY WITH IT?

Published byCecil Carter Modified over 5 years ago

Similar presentations

Presentation on theme: "WHAT IS HIPAA AND HOW TO COMPLY WITH IT?"— Presentation transcript:

1 WHAT IS HIPAA AND HOW TO COMPLY WITH IT?
Health Insurance Portability and Accountability Act of 1996 LMC 2005

2 WHAT IS HIPAA? HIPAA stands for Health Insurance Portability and Accountability Act, a federal law enacted in 1996 to help employees maintain health insurance when they move to a different job, and to receive health insurance regardless of preexisting conditions. LMC 2005

3 What is HIPAA…continued
The newest part of HIPAA also ensures privacy for patients and their health information. Covered entities include any health care provider, health care clearing house, and health care plans. LMC 2005

4 LMC AND HIPAA LMC is dedicated to maintaining patient privacy and securing any protected health information (PHI) from inappropriate use or disclosure. This presentation is intended to introduce you to HIPAA and to the general guideline to help you implement these requirements in your job. LMC 2005

5 HIPAA: RIGHTS AND RESPONSIBILITIES
Every patient will be given a Notice of Privacy Practices (NPP) at the first point of service delivery from LMC. The NPP will inform patients of their privacy rights. These rights include: The right to restrict certain release of information, which the patient can revoke or change at any time. The patient may request that their name not be included on the general registry. The right to request confidential communications. Examples would include having their medical information mailed to an alternate address, or contacting them at an alternate phone number. LMC 2005

6 PATIENTS’ RIGHTS… continued
The right to receive a paper copy of the Notice of Privacy Practices (NPP). The right to amend protected health information (PHI) through a request to the Privacy Officer. The right to an accounting of disclosures or releases done without patient authorization. Examples include disease reporting and animal bite reporting. The right to inspect and copy, and to obtain a copy of their medical record. LMC 2005

7 WHO DOES THE PATIENT GO TO FOR THESE SERVICES?
Most of these restrictions can be handled by each department. For those requests that cannot, contact the LMC Privacy Officer: George Evans Director of Information Services LMC 2005

8 WHO does HIPAA cover and protect?
HIPAA covers all PATIENTS and their protected health information (PHI). HIPAA covers ANYONE who deals with patients or their protected health information. HIPAA covers any ORGANIZATION and their BUSINESS ASSOCIATES who deal with patients and/or their protected health information LMC 2005

9 THE PATIENT JOURNEY AND HIPAA
At every point where we come in contact with the patient or with protected health information, we must each do our part to maintain privacy. Think of the “journey” of a patient through the LMC system: LMC 2005

10 WHERE DO WE INTERACT WITH THE PATIENT?
Registration/scheduling process Waiting area Treatment area During transport Billing inquiry requests LMC 2005

11 PASSWORD PROTECTION PLAN
PASSWORD DOS AND DON’TS DO protect your password DO use good password choices DO change your password if you feel it has been violated DON’T share your password with anyone DON’T use anyone else’s password DON’T work under anyone else’s password DON’T leave passwords displayed on keyboards or monitors LMC 2005

12 COMPUTER SECURITY Each user is responsible for maintaining the integrity of his or her computer password. Your password is linked to ‘you’. Protect yourself by protecting your password. LMC 2005

13 Computer Security …What is the difference between “privacy” and “security?”
Privacy refers to WHAT is protected: Health information about an individual, and the determination of WHO is permitted to use or disclose or access the information, is protected. Security refers to HOW private information is safeguarded: Privacy is ensured by controlling access to information and protecting it from inappropriate disclosure and accidental or intentional destruction or loss. LMC 2005

14 Privacy/Security Issues: Types of Violations of HIPAA
Accidentally releasing patient information to a non-intended recipient. Examples include discussing patient information in public location. Accessing a patient record without a legitimate business need to know Using another person’s user ID. Allowing another employee to access LMC information systems with my password. Failure to log off when leaving station, allowing unattended and unauthorized access. Purposeful break in Confidentiality Agreement. LMC 2005

15 Ask Yourself this Question:
Before accessing protected health information: Do I have a business need to know? LMC 2005

16 Who can lodge a complaint?
Privacy related complaints may be made by Patients Family members Visitors Anyone LMC 2005

17 Where can people make complaints?
Secretary of Department of Health and Human Services (federal government) LMC Privacy Officer NOTE: All privacy-related complaints handled by LMC staff must be forwarded to the LMC Privacy Officer for tracking purposes according to the law. LMC 2005

18 What are LMC Privacy Policies and Where Can I Find Them?
The LMC Privacy Policies are: Protected Health Information Privacy Compliance Notice of Privacy Practices Business Associates Patient Complaints and Grievances These policies may be viewed as needed upon arrival to Lexington Medical Center via access to the Intranet LMC 2005

19 Here’s the situation. What would you do?
You notice that your department has a broken computer that can no longer be used. What should you do? Call Help Desk at 2022 so they can pick up the computer. Take computer and have it repaired and then take it home. Throw it in the dumpster. Press ‘enter’ to see answer Correct Answer: 1. Call Help Desk at 2022 so they can pick up the computer. LMC 2005

20 What would you do? You have printed too many copies of a document containing PHI. What should you do with the extra copies? Throw copies in the nearest waste basket. Shred copies and throw them away. Dispose of copies in locked recycle bin. Press ‘enter’ to see answer Correct Answer: 3. Dispose of copies in locked recycle bin. LMC 2005

21 What would you do? Your friend is having lab work done today. She contacts you at work and requests that you access her lab results on the computer and let her know the outcome. What should you do? Look up her labs and call her back with her results. Do not look up her labs. Tell her to contact her physician for the results. Press ‘enter’ to see answer Correct Answer: Do not look up her labs. Tell her to contact her physician for the results. LMC 2005

22 What would you do? A “Mayday” is called for ICU Bed 1. You are concerned about a coworker who was admitted to ICU during the night. It is OK for you to access the patient record online to see if this is your coworker.  True False Press ‘enter’ to see answer Correct Answer: False. It is NOT OK for you to access the patient record online to see if this is your coworker.  LMC 2005

23 What would you do? Press ‘enter’ to see answer
You see a well-known local football coach waiting in the ED with his family. He is also a family friend. You are concerned. What should you do? Go online and search for medical information pertaining to your friend and or his family member. Ask a co-worker why this family is here. Say hello to your friend and respect their right to privacy. Press ‘enter’ to see answer Correct Answer: 3. Say hello to your friend and respect their right to privacy. LMC 2005

24 What is HIPAA? Health Insurance Portability and Accountability Act
Health Insurance Privacy and Authorization Act Health Insurance Procurement Action Act Health Insurance Portability and Accountability Act Press ‘enter’ to see answer LMC 2005

25 True or False ? Press ‘enter’ to see answer The following indicators are considered PHI (protected health information): Patient’s name Patient’s date of birth Patient’s diagnosis Patient’s visit or account number for billing purposes Patient’s social security number Patient’s billing information Correct Answer: True. Any individual identifiable health information is considered PHI. LMC 2005

26 HIPAA Reminders: Be aware of WHERE you discuss patient information
SHRED paper containing PHI LOG OFF computer  before you walk  away Do not access PHI in any medium unless  you have the RIGHT OR NEED TO KNOW DO NOT SHARE your computer LOGIN or password KEEP patient RECORDS  in SECURE location LMC 2005

27 THIS IS SERIOUS: CIVIL AND CRIMINAL PENALTIES
CAN BE APPLIED TO INDIVIDUALS OR ORGANIATION $ per violation, not to exceed $25,000 per violation per person or incident $50,000 and up to one year in prison for knowingly obtaining or disclosing individual identifiable health information (IIHI) illegally $100,000 and up to 5 years in prison if done under false pretenses. $250,000 and up to ten years in prison if done with the intent to sell, transfer, or use for commercial advantage, personal gain or malicious harm. LMC 2005

28 How to get more information on HIPAA:
Ask your supervisor or director Go to Contact George Evans, Director of Information Services & LMC Privacy Officer or Contact Tammy Grubbs in Information Services Both can be reached at or via LMC 2005

29 DOCUMENTATION OF TRAINING:
Your clinical rotation group will be asked to sign a “HIPAA Training Confirmation” Form along with a “Confidentiality Acknowledgement” upon arrival to clinical areas. LMC 2005

Download ppt "WHAT IS HIPAA AND HOW TO COMPLY WITH IT?"

Similar presentations

HIPAA Privacy Practices. Notice A copy of the current DMH Notice must be posted at each service site where persons seeking DMH services will be able to.

HIPAA Privacy Practices. Notice A copy of the current DMH Notice must be posted at each service site where persons seeking DMH services will be able to.
HIPAA Workforce Training

HIPAA Workforce Training
Online Course Privacy Contacting Patients and Verification START Click to begin…

Online Course Privacy Contacting Patients and Verification START Click to begin…
Independent Contractor Orientation HIPAA What Is HIPAA? Health Insurance Portability and Accountability Act of 1996 The Health Insurance Portability.

Independent Contractor Orientation HIPAA What Is HIPAA? Health Insurance Portability and Accountability Act of 1996 The Health Insurance Portability.
Privacy and Information Security Training (2006-07) VUMC Privacy Website www.mc.vanderbilt.edu/privacy.

Privacy and Information Security Training ( ) VUMC Privacy Website
1 The Health Insurance Portability and Accountability Act (HIPAA) A guided tutorial for GVSU employees.

1 The Health Insurance Portability and Accountability Act (HIPAA) A guided tutorial for GVSU employees.
And the finer details of patient privacy TCH Confidential Understanding HIPAA.

And the finer details of patient privacy TCH Confidential Understanding HIPAA.
1. As a Florida KidCare community partner families entrust you to not only help them navigate the Florida KidCare system but to keep the information they.

1. As a Florida KidCare community partner families entrust you to not only help them navigate the Florida KidCare system but to keep the information they.
Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.

Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.
HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.

HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.
HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website: www.mc.vanderbilt.edu/HIPAA.

HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website:
Confidentiality and HIPAA

Confidentiality and HIPAA
COBB/DOUGLAS COMMUNITY SERVICES BOARD Confidentiality and Privacy of Consumer Information.

COBB/DOUGLAS COMMUNITY SERVICES BOARD Confidentiality and Privacy of Consumer Information.
LMC 2005 1 WHAT IS HIPAA AND HOW TO COMPLY WITH IT? Health Insurance Portability and Accountability Act of 1996.

LMC WHAT IS HIPAA AND HOW TO COMPLY WITH IT? Health Insurance Portability and Accountability Act of 1996.
National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.

National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.

The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) 252-9321; Victoria Nemerson.

HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) ; Victoria Nemerson.
HIPAA Health Insurance Portability and Accountability Act.

HIPAA Health Insurance Portability and Accountability Act.
HIPAA 101 Education. WHAT IS HIPAA??? WHAT IS HIPAA? The Health Insurance Portability and Accountability Act The Health Insurance Portability and Accountability.

HIPAA 101 Education. WHAT IS HIPAA??? WHAT IS HIPAA? The Health Insurance Portability and Accountability Act The Health Insurance Portability and Accountability.

Similar presentations

Ads by Google