2. HIPAA What’s Said Here – Stays Here….

3. WHAT IS HIPAA  Health Insurance Portability and Accountability Act  Purpose is to protect clients (patients) from job discrimination, harassment and MOST OF ALL protect their PRIVACY  Protects an individual’s identifiable health information or PHI (Protected health Information)

4. WHY?  Federal Law  HUGE Federal fines Texas Violators are subject to even HARSHER fines and penalties  Loss of certifications, licenses, etc.  Because it is the right thing to do for our clients (#1)

5. ACRONYMS YOU NEED TO KNOW  Protected Health Information (PHI) Any information that may identify the individual  Minimum Necessary Standards (MNS) Sharing the least amount of information necessary  Electronic Health Records (EHR) Client records that can be transmitted or copied and shared digitally, faxed or via internet  Breach Use or disclosure that compromises the security or privacy and can pose a significant risk of financial, reputational or other harm to the individual

6. WHAT IS PHI?  Name  Zip code  Birth date  Telephone numbers  Fax numbers  Email addresses  Social Security Number  Medical Record Number  Health Plan Number  Account Numbers  Certificate/License Numbers  Vehicle Identifiers  Device IDs and Serial numbers  URLs  IP Addresses  Biometrics (finger and voice prints)  Full face photographs or comparable images  Any other unique, identifying number, characteristic or code

7. WHEN DOES HIPAA APPLY?  Whenever you have a conversation including PHI in any public area  When you type PHI into your computer or view it on your computer email, documents, therapy notes  When PHI is visible on your desk  When you email, fax or text PHI  When you are shredding documents with PHI  When you are on social sites (Facebook, blog, website)  All conversations, internet, digital and paper correspondence of PHI should be considered confidential and prohibited to office use only

8. AVOID HIPAA BREACHES  Refrain from using client names or other identifying information when talking with someone IN or OUT of the office  USE the shredder  USE passwords on the computer log out when you are finished; use screen saver to hide information  BE discrete about your posts online  When in doubt DO NOT share  Use Consent to Communicate forms to get permission to share information outside of Spectrum providers

9. BOTTOM LINE  Civil and Criminal Fines are serious Civil and Criminal Fines are serious Can start at $25,000 and go up to $1.5 Million  It all boils down to this…..Hipaa songHipaa song  But don’t take it too far… Dr. ZenDr. Zen

10. OH NO! I BREACHED!  Breaches include any disclosure of PHI that compromises security or privacy and poses financial, reputational or other harm to the affected individual. PHI was stolen or hacked into (your computer files must be encrypted) Files to remain locked at all times Employee being indiscrete with PHI Sending PHI to wrong person through mail, email, etc.  Notify Shanna IMMEDIATELY if you even THINK you breached Don’t delay – we will conduct an assessment of the risk  Reporting breaches usually protects you Those who fail to report breaches are more seriously reprimanded Avoid Fines

11. PRACTICE REQUIREMENTS  ALL clients will now sign Patient Acknowledgement of Hipaa Privacy Practices Form  Spectrum’s Notice of Privacy Practices On the website “forms” page In a binder in the waiting room Shanna will email to anyone who requests one

12. CLIENT RECORDS  Client must request records in writing with Shanna Form for sending to client From for sending to a third party  Must be provided to the client in the format of their request (or as closely as possible)  Must be provided within 15 days of the request

13. HI TECH PROTECTION  Adding new levels of passwords and email restrictions Use @spectrumsocial.net email for PHI – contact Shanna for assistance if you do not have a secure email and need to send PHI  Encrypted files on your laptops, travel drives, etc. – Anywhere you keep PHI of clients (therapy notes, etc.)  Client files are kept in the reception area – locked at ALL times  Only employees with direct access needs will have access to the office – individual codes will be provided for door locks

14. TRAINING SIGNATURES  Hipaa Employee Training & Confidentiality Agreement  Spectrum Confidentiality Form  HI-Tech Law Policy  Texas HB 300 Employee Worksheet

15. HIPAA TEST  Complete the Spectrum Hipaa Test

16. SUBMIT DOCUMENTS  Submit all signed documents and completed test to: Shanna@spectrumsocial.net by email Shanna@spectrumsocial.net Ande in the office

17. QUESTIONS /NEEDS  Shanna Kemp  shanna@spectrumsocial.net shanna@spectrumsocial.net  512-913-7471 (mobile)