Presentation is loading. Please wait.

Presentation is loading. Please wait.

New School Violence Law; HIPAA Privacy Training

Published byประเวศ วอชิงตัน Modified over 5 years ago

Similar presentations

Presentation on theme: "New School Violence Law; HIPAA Privacy Training"— Presentation transcript:

1 New School Violence Law; HIPAA Privacy Training
Presented by: Tracey K. Jaensch, Esq.

2 What We Will Cover New Personnel and Privacy Issues Arising from Marjory Stoneman HS Public Safety Act Overview of HIPAA Privacy Requirements Exceptions Related to Law Enforcement Take Aways

3 HIPAA Privacy and Security Rule Overview
Health Insurance Portability and Accountability Act (HIPAA) Amendment – Health Information Technology for Economic and Clinical Health (HITECH) Act Purpose of Mandates properly protect individuals’ health information while allowing the flow of health information needed to provide and promote high quality health care

4 HIPAA Privacy Rule Applicable only to Covered Entities and Business Associates Requires implementation of standards to safeguard protected health information (PHI)

5 HIPAA Privacy Rule Covered Entities Business Associates
health plans (fully insured or self-funded) health care providers (e.g. Crossroads) healthcare clearinghouses Business Associates person or organization that performs, or assists in performing, a service or function on behalf of a covered entity that involves use or disclosure of PHI

6 Entities Specifically NOT Covered
HIPAA Privacy Rule Entities Specifically NOT Covered Employers Life, Disability, and Workers’ Compensation Insurers Law Enforcement Agency School? What services provided and who pays for services

7 HIPAA Privacy Rule PHI is:
individually identifiable health information in any form Electronic Written Oral that is created or received by a covered entity or business associate

8 Examples of PHI Names and Addresses Premiums and coverage amounts
Account numbers Geographic subdivisions smaller than a State, including street address, city, county, zip Certificate/license numbers All elements of dates (except year) directly related to an individual, including birth date, admission date, discharge date, or date of death Internet Protocol (IP) address Telephone and Fax numbers, Addresses Biometric identifiers, including finger and voice prints, full face photographic images, etc. Social Security Numbers Medical record numbers and Health Plan Beneficiary Numbers Any other unique identifying number, characteristic, etc.

9 HIPAA Privacy Rule Defines when PHI is: required to be disclosed
permitted to be used or disclosed without consent permitted to be used or disclosed only with authorization from the individual

10 HIPAA Security Rule contains requirements for the storage, transmission and access to electronic PHI applies to covered entities and business associates

11 HIPAA Privacy and Security Rule Overview
Enforcement of Privacy and Security Rule Privacy and Security Officer Office for Civil Rights (OCR) in the U.S. Department of Health and Human Services (HHS) States Attorney General

12 HIPAA Privacy and Security Rule Overview
Civil Penalties States Attorney General max recovery of $25K OCR 4 tiers up to $1.5M for willful violations Individuals may share in civil penalties recovered

13 Privacy Rule Compliance
Permitted Uses and Disclosures To the individual involved; For routine disclosures for health purposes with or without the individual’s consent; OR With the individual’s authorization, to make non-routine disclosures.

14 Privacy Rule Compliance
Routine Disclosures Health care Treatment; Health care Payment; OR Health care Operations -Disclosures generally permitted with or without individual’s consent

15 Privacy Rule Compliance
Non-Routine Disclosures (Non-TPO) Those disclosures relating to: Marketing Employment decisions; or Non-health purposes. - Must Get Written Authorization

16 Privacy Rule Compliance
Minimum Necessary Standard Any disclosure of PHI must be in a limited data set or, if more information is needed, the minimum necessary Incidental disclosures not a violation

17 Communications with Family Members
Compliance with Privacy Rules Communications with Family Members HIPAA allows communication of PHI to the individual A parent of a minor child and the executor or administrator of a deceased individual’s estate are treated under HIPAA as if they are the individual To disclose PHI to other family members (for example, a spouse) you must obtain the written consent of the individual

18 A law enforcement organization is not a covered entity.
LAW ENFORCMENT AND HIPPA 45 CFR Chapters 160 and CFR § (f) A law enforcement organization is not a covered entity. A covered entity may disclose protected health information (PHI) for a law enforcement purpose, to a law enforcement official, only under several sets of circumstances.

19 LAW ENFORCMENT AND HIPPA 45 CFR Chapters 160 and 164. 45 CFR §164
LAW ENFORCMENT AND HIPPA 45 CFR Chapters 160 and CFR § (f) A law enforcement official is defined as "an officer or employee of any agency or authority of the United States, a State, a territory, a political subdivision of a State or territory, or an Indian tribe," who is: empowered by law to investigate or conduct an official inquiry into a potential violation of law; or, prosecute or otherwise conduct a criminal, civil, or administrative proceeding arising from an alleged violation of law.

20 Permitted Disclosures
As required by specific reporting laws In compliance with (and limited by relevancy requirements) of: Court order or court-ordered warrant Subpoena or summons issued by judicial officer A grand jury subpoena An administrative request

21 1. Relevant and material to a legitimate law enforcement inquiry
Specific and limited in scope to the extent reasonably practicable in light of the purpose for which info sought For a purpose for which de-identified information could not be used

22 IDENTIFICATION AND LOCATION PURPOSES
PHI may be disclosed for "identification and location" purposes, in response to a law enforcement officer's official request. Purposes would include identifying or locating a suspect, fugitive, material witness, or missing person.

23 COVERED ENTITY MAY ONLY DISCLOSE THE FOLLOWING FOR ID AND LOCATION:
name and address; date and place of birth; social security number; ABO blood type and rh factor; type of injury; date and time of treatment; date and time of death, if applicable; and, a description of distinguishing physical characteristics, including height, weight, gender, race, hair and eye color, presence or absence of facial hair (beard or mustache), scars, and tattoos. The regulations specifically exclude any PHI related to the individual’s DNA or DNA analysis, dental records, or typing, samples or analysis of body fluids or tissue (unless it is one of the items listed above).

24 Law Enforcement Official’s Request
Victim PHI Dead Individual PHI On Premises Criminal Activity Provider providing emergency health care in response to medical emergency off-premises

25

26 IMPACT ON NEW PERSONNEL AND THREAT ASSESSMENT TEAMS
Act requires Resource Officer who is a certified officer MOU with Sheriff or law enforcement Additional training of school personnel (who is a law enforcement officer?) Privacy Rules and training

27 Thank You

Download ppt "New School Violence Law; HIPAA Privacy Training"

Similar presentations

Responding to Subpoenas and Law Enforcement Demands for PHI: An Overview Janet A. Newberg Chair, Health Law Section Felhaber Larson Fenlon & Vogt, P.A.

Responding to Subpoenas and Law Enforcement Demands for PHI: An Overview Janet A. Newberg Chair, Health Law Section Felhaber Larson Fenlon & Vogt, P.A.
HIPAA Privacy Rule “Standards for Privacy of Individually Identifiable Health Information” 45 CFR 160 and 164* *http://www.hhs.gov/ocr/combinedregtext.pdf.

HIPAA Privacy Rule “Standards for Privacy of Individually Identifiable Health Information” 45 CFR 160 and 164* *
HIPAA and Public Health 2007 Epi Rapid Response Team Conference.

HIPAA and Public Health 2007 Epi Rapid Response Team Conference.
HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.

HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.
Anne Arundel County Fire Department

Anne Arundel County Fire Department
HIPAA Privacy Rule Training

HIPAA Privacy Rule Training
COBB/DOUGLAS COMMUNITY SERVICES BOARD Confidentiality and Privacy of Consumer Information.

COBB/DOUGLAS COMMUNITY SERVICES BOARD Confidentiality and Privacy of Consumer Information.
The Health Insurance Portability and Accountability Act Basic HIPAA Training For CMU workforce with access to PHI.

The Health Insurance Portability and Accountability Act Basic HIPAA Training For CMU workforce with access to PHI.
HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.

HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.
HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.

HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
HIPAA Health Insurance Portability and Accountability Act.

HIPAA Health Insurance Portability and Accountability Act.
1 Louisiana Department of Health and Hospitals Basic HIPAA Privacy Training: Policies and Procedures 01/09/2009 0.

1 Louisiana Department of Health and Hospitals Basic HIPAA Privacy Training: Policies and Procedures 01/09/
HEALTH INSURANCE PORTABILITY AND ACCOUNTIBILITY ACT PAUL D. FRIEDMAN, M.A., J.D. 300 W. Clarendon, Ste. 400 Phoenix, Arizona 85013 (602) 252-8888

HEALTH INSURANCE PORTABILITY AND ACCOUNTIBILITY ACT PAUL D. FRIEDMAN, M.A., J.D. 300 W. Clarendon, Ste. 400 Phoenix, Arizona (602)
Informed Consent.

Informed Consent.
Professional Nursing Services.  Privacy and Security Training explains:  The requirements of the federal HIPAA/HITEC regulations, state privacy laws.

Professional Nursing Services.  Privacy and Security Training explains:  The requirements of the federal HIPAA/HITEC regulations, state privacy laws.
HIPAA Training Presentation for New Employees How did we get here? HIPAA Police 1.

HIPAA Training Presentation for New Employees How did we get here? HIPAA Police 1.
Health Insurance Portability and Accountability Act (HIPAA)

Health Insurance Portability and Accountability Act (HIPAA)
Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.

Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.
August 10, 2001 NESNIP PRIVACY WORKGROUP HIPAA’s Minimum Necessary Standard Presented by: Mildred L. Johnson, J.D.

August 10, 2001 NESNIP PRIVACY WORKGROUP HIPAA’s Minimum Necessary Standard Presented by: Mildred L. Johnson, J.D.

Similar presentations

Ads by Google