Upload
samuel-mckenna
View
216
Download
2
Tags:
Embed Size (px)
Citation preview
Component 1:Introduction to Health Careand Public Health in the U.S.
Unit 6: Regulating Health Care
Lecture 4
This material was developed by Oregon Health & Science University, funded by the Department of Health and Human Services, Office of the National Coordinator for Health Information Technology under Award Number IU24OC000015.
Objectives of This Lecture
• Review the privacy and security requirements of HIPAA (the Health Insurance Portability and Accountability Act)
• Discuss the issue of patient safety in U.S. medicine– Explain patient safety initiatives of the Joint
Commission– Describe the Agency for Healthcare
Research and Quality
Component 1/Unit 6-4Health IT Workforce Curriculum
Version 2.0/Spring 20112
Health Insurance Portability and Accountability Act
• Improves “portability” of health insurance– New employer plan may not limit coverage due to pre-existing
condition– If health insurance is lost, improves access to group health plan– Protects from discrimination based on health status
• Combats fraud, abuse, and waste in health care• Promotes use of health savings accounts• Improves access to long-term care• Simplifies the administration of medical insurance
Component 1/Unit 6-4Health IT Workforce Curriculum
Version 2.0/Spring 20113
HIPAA Privacy & Security
• Privacy requirements
– What health information must be protected– http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/
index.html• Security requirements
– How to protect the information– http://www.hhs.gov/ocr/privacy/hipaa/understanding/srsummary.html
Component 1/Unit 6-4Health IT Workforce Curriculum
Version 2.0/Spring 20114
HIPAA Covered Entities
Adapted from http://www.cms.gov/HIPAAGenInfo/Downloads/CoveredEntitycharts.pdf
Component 1/Unit 6-4Health IT Workforce Curriculum
Version 2.0/Spring 20115
HIPAA CoveredEntities (cont’d)
• Health plans– Insurance companies– Health maintenance organizations (HMOs)– Company insurance plans– Government agencies that pay for health care
• Health care clearinghouses– Billing services– Repricing companies– Community health management information systems– Value-added networks that perform clearinghouse functions
Component 1/Unit 6-4Health IT Workforce Curriculum
Version 2.0/Spring 20116
HIPAA Privacy Rule
• Applies to protected health information• All individually identifiable health information is
protected– Held or transmitted by a covered entity or its
business associates– In any form or media, whether electronic,
paper, or oral
Component 1/Unit 6-4Health IT Workforce Curriculum
Version 2.0/Spring 20117
Individually Identifiable Information
• Physical or mental health condition• Provision of health care• Payment
and • Identifies the individual, or there is a
reasonable basis to believe the information can be used to identify the individual
Component 1/Unit 6-4Health IT Workforce Curriculum
Version 2.0/Spring 20118
Privacy Rule Requirements
• Notify patients of privacy rights• Allow patients to see their medical records• Implement privacy procedures• Train employees • Designate an individual to be responsible for
seeing that privacy procedures are adopted and followed
• Keep patient records secure
Component 1/Unit 6-4Health IT Workforce Curriculum
Version 2.0/Spring 20119
HIPAA Security Rule
• Requires covered entities to use security measures to protect health information
• Does not require use of any specific technology• Establishes minimum standards
– If state laws require more rigorous safeguards, the state law must be followed
Component 1/Unit 6-4Health IT Workforce Curriculum
Version 2.0/Spring 201110
HIPAA Security Rule:General Guidelines
• Ensure the confidentiality, integrity, and availability of health information
• Anticipate threats to the security and integrity of the information, and protect against them
• Protect against reasonably anticipated, impermissible uses or disclosures of health information
• Ensure compliance by the workforce
Component 1/Unit 6-4Health IT Workforce Curriculum
Version 2.0/Spring 201111
HIPAA Enforcementand Penalties
• Enforced by Office of Civil Rights of the U.S. Department of Health and Human Services Violations can result in civil fines and criminal penalties
• $4.3 million civil penalty in 2010– $1.3 million for failure to give patients access to
medical records– $3 million for failure to cooperate with investigation
Component 1/Unit 6-4Health IT Workforce Curriculum
Version 2.0/Spring 201112
Patient Safety• To Err is Human—published in 1999 by the
Institute of Medicine• Reported that:
– 44,000 to 98,000 people die in hospitals each year as a result of preventable medical mistakes
– Mistakes cost hospitals $17 billion to $29 billion yearly
– Individual errors are not the main problem– Faulty systems, processes, and other conditions
lead to preventable errors
Component 1/Unit 6-4Health IT Workforce Curriculum
Version 2.0/Spring 201113
Medical Mistakes Today
• Affected 1 in 3 hospital patients in one study• In 2008, harms to patients from medical errors
cost $17.1 billion• Errors can result in medical malpractice lawsuits
– 42% of doctors are sued at some point– Hospital malpractice suits alone could top
$8.6 billion in 2011• Suffering from medical errors: not measurable
Component 1/Unit 6-4Health IT Workforce Curriculum
Version 2.0/Spring 201114
The Joint CommissionSafety Initiatives
• Sentinel Event Policy– Unexpected death, unexpected serious
physical or psychological injury, or the risk of such an event
• Patient Safety Advisory Group– Panel of experts who recommend National
Patient Safety Goals– Also address newly developing safety issues
Component 1/Unit 6-4Health IT Workforce Curriculum
Version 2.0/Spring 201115
The Joint CommissionSafety Initiatives (cont’d)
• Universal Protocol for Preventing Wrong Site, Wrong Procedure and Wrong Person Surgery– Pre-surgery verification– Site marking– “Time out” before an incision is made
• The Speak Up Initiative– Encourages patients to participate in their care– Free patient education materials
Component 1/Unit 6-4Health IT Workforce Curriculum
Version 2.0/Spring 201116
Agency for HealthcareResearch and Quality (AHRQ)
Component 1/Unit 6-4Health IT Workforce Curriculum
Version 2.0/Spring 201117
National Healthcare Quality Report
• Effectiveness • Timeliness• Efficiency• Patient safety • Access to care• Patient centeredness
Component 1/Unit 6-4Health IT Workforce Curriculum
Version 2.0/Spring 201118
AHRQ: Health IT
http://healthit.ahrq.gov/portal/server.pt?open=514&objID=5664&parentname=CommunityPage&parentid=50&mode=2
Component 1/Unit 6-4Health IT Workforce Curriculum
Version 2.0/Spring 201119
Summary
• Patient privacy and safety are high priorities for all people employed in the health care industry
• HIPAA has rules for the privacy and security of patient health information
• The Joint Commission supports initiatives for reducing medical errors
• The Agency for Healthcare Research and Quality is an important source of information about how to keep patients safe and maintain the privacy of their health information
Component 1/Unit 6-4Health IT Workforce Curriculum
Version 2.0/Spring 201120