View
638
Download
1
Category
Preview:
Citation preview
* HIPAA is the federal Health Insurance Portability and Accountability Act of 1996. The primary goal of the law is to make it easier for people to keep health insurance, protect the confidentiality and security of healthcare information and help the healthcare industry control administrative costs * Acronym for Health Insurance Portability and
Accountability Act of 1996.
* 1. Explain why there is a federal privacy law. * 2. Describe examples of protected health information (PHI). * 3. Explain the privacy rights patients have. * 4. Describe safe privacy practices. * 5. Understand how to report violations * 6. Understand HIPAA’s penalties. * 7. Understand the importance of responsible social
networking.
* Enacted to: * Protect the privacy of a patient’s personal and health
information. * Provide for electronic, and physical security of
personal and health information. * Reduce health care fraud and abuse.
* In 1996 a public health worker sent two newspapers a computer disk containing the names of 4,000 people who tested positive for HIV. * In 2008, thirteen employees were fired and six others
suspended at UCLA for inappropriately viewing medical records of Britney Spears. * In 2013, six employees (3 physicians) were fired at
Cedars-Sinai Medical Center for trying to access Kim Kardashian’s medical records when she gave birth
* All healthcare organizations and providers including: hospitals, physician offices, health plans, employers, public health authorities, life insurers, clearing houses, billing agencies, information system vendors, service organizations and universities. These are known as covered entities for HIPAA’s privacy and security regulations and they must comply with its regulations.
* Covered entities must implement standards to protect and guard against the misuse of individually identifiable health information. Failure to comply may cause the imposition of civil or criminal penalties.
* Gives patients more control over their health information. * Sets boundaries on the use and release of health
records. * Establishes safeguards that persons with access to
health records must uphold to protect the privacy of health information. * Holds violators accountable with penalties under
certain circumstances.
* PHI is the medical record including the demographic (face) sheet, photographs, footprint sheet, finger or voice prints, any identifiable health information. * This also includes census reports.
* Only healthcare providers who are directly involved in providing treatment, payment, or involved with healthcare operations are authorized to have access to patient information. * TPO (see next slide)
* Treatment – the coordination by one or more health care providers (EXAMPLE: consult)
* Payment – reimbursement, health plans * Healthcare Operations – legal, administration,
quality improvement, credentialing
* Students need to be very careful in sharing PHI. * Patients must be present, with the chance to object
when sharing PHI with family and friends. If the patient does not object then you may share information that is directly relevant to that persons’ involvement. * ROI is always done by trained employees.
* Treat all communication with privacy. * Be MINDFUL of technology!!! * Locations- be mindful of privacy when discussing
patient information. (BEWARE OF ELEVATORS, CAFETERIA, GIFT SHOP) * Students as well as employees, volunteers and
contract personnel need to adhere to privacy practice rules and regulations.
* To ensure privacy of patients the provider must: * Provide information to patients about their privacy
rights including how their information will be used. * Enforce privacy procedures. * Train employees regarding privacy procedures. * Designate a Privacy Officer who will be responsible
for ensuring that privacy procedures are adhered to.
* Secure patient records so they are not readily available to those who do not need them. * Comply with the minimum necessary information
requirements. * Allow patients access to their records. * Notify patients of anyone who has seen their
records. * Provide a formal complaint process for patients.
* Documentation of training is required from the various entities. * Barry University will ensure that all nursing
students receive HIPAA training. You will be given a quiz that you must pass. You will also be asked to sign a confidentiality agreement which will be kept on your file.
* Civil * $100 for each violation up to $25,000/person/year for
multiple violations. * Will not impose fines under certain circumstances, if
violation did not involve willful neglect and the violator corrects violation within 30 days of when violation was known.
* Criminal Penalties * A person who knowingly obtains or discloses individually
identifiable information in violation of HIPAA will face a fine of $50,000 and up to one-year imprisonment.
* Criminal penalties increase to $100,000 and up to five years imprisonment if the wrongful conduct includes false pretenses.
* $250,000 and up to ten years in prison if involves intent to sell, transfer or use identifiable health information for commercial advantage, personal gain or malicious harm.
* All providers must establish methods for reporting violations through the Privacy Officer. * Students should report violations to their faculty
member who will follow through with the appropriate procedure. * The Privacy Rule is enforced by the HHS (Health
and Human Services), Office of Civil Rights (OCR)
* #1 * You are assigned to a patient on the postpartum
unit. She delivered a healthy baby boy the previous day. As you enter the room with the nurse, you notice other family members in the room. The nurse proceeds to assess the patient in the presence of the relatives. * What could have been done differently?
* #2 * Your co-worker has been admitted to the hospital
and is refusing visitors. You are very concerned about her. Another co-worker tells you he can access her medical records easily and find out her admitting diagnosis and lab results. * What do you do?
* #3 * You are doing clinicals at X Medical Center. You
notice a physician walk away from an open chart, which he left visible to visitors passing by. He entered a patients room. You look over and see that he is not finished writing orders. * What do you do?
* #4 * Mr. Y calls the nurses station, frantic. His girlfriend
has been admitted to the emergency room and he wants to know her disposition. He is able to tell you her full name and address and offers to tell you her social security number. * How much information can you give him regarding
her condition?
Recommended