Embed Size (px)
Citation preview
Slide 1
HITECH/HIPAA (privacy) 2013 Omnibus Final Rule
Rita BowenSenior Vice President of HIM and Privacy OfficerHealthPort
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 2
Electronic Copy of PHI
• Form and Format requested, if readily producible – electronically (patients can receive their information in a more convenient and accessible format)
• If not readily producible and maintained in paper, then readable hard copy
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 3
ACTION/Discussion:
• Educate staff and train for appropriate response to the individuals request.
• In HITECH, Congress made it clear that when a patient’s information is stored electronically, patients have the right to obtain an electronic copy and to have that copy sent at their request to another person, entity, or personal health record or mobile health application.
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 4
Patient may make request for their health information in a specific form or format, but only if:• Provider or plan is capable of producing in requested
format, for example:– MS Word– Excel– Text– HTML– PDF
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 5
Questions/Discussion:
• The provider or plan and patient are expected to come to an agreement on an acceptable, machine-readable format?
• Can a patient demand a specific machine-readable format?
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 6
Copy of PHI to Third Parties
• Individual may designate third party to receive copy– Must be in writing– Clearly identify the designated person– Clearly identify where to send the copy
• Request VS Authorization: Who is making the request?
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 7
ACTION/Discussion:
• Note that a request letter is a separate document from an authorization
• Assure that the patient requests clearly indicate that the records are to be sent to someone else – Update or Introduce new patient request form– Be sure to obtain the mailing address of the third party for shipping
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 8
Question/Discussion:
• Providers or plans are required to take steps to verify the identity of the patient or implement safeguards to protect the information in transit?
• A patient does have the right to ask a provider or plan to send information to a them unencrypted?
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 9
If the patient opts out of secure transmission/e-mail
• The covered entity or plan must notify the patient that there is “some level of risk that the information in the e-mail could be read by a third party” – Suggest that you maintain notification with the patient’s indication to opt out– New form may need to be introduced and location for documentation to be
maintained
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 10
Fees for all
• Costs, or
• State law’s per page rate
– WHICH EVER IS LESS
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 11
Question/Discussion:
• How do you determine cost-based fee for copies of information, covering the cost of both the labor and supplies?
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 12
Question/discussion:
• Can a patient be charged for digital copies of their health data?
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 13
Response Time Expectations
• The final rule shortens the turnaround time for producing records (i) to a patient or (ii) by patient request to be sent to someone else to 60 days. Previously the law allowed a total of 90 days to produce records when a patient requested them – 30 days if the records were on-site at the facility, plus 60 days if the record was stored off-site. The new law still allows (no change) 30 days if the records are on-site, but shortens the time for producing records that are off-site to 30 additional days, for a total of 60 days.
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 14
ACTION/Discussion:
• As always with HIPAA, state law governs if it produces a better result for the patient, so be sure you know your state’s requirement for producing records. If the state law does not specify such a time period, the default becomes HIPAA rule 30 + 30 standard.
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 15
Question/Discussion:
• Facilities should prioritize all patient requests so that response is not forthcoming before the required 30 day response time?
• With the Meaningful Use Stage 2 requirements for patient access, does the Omnibus rule become non-relevant on the timeline topic?
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 16
Restriction for Out-of Pocket Payments
• Covered entity must agree to individual’s request to restrict disclosure to health plan– For payment or health care operations– Unless disclosure is required by law– If individual (or third party) pays for item or service out of pocket in full
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 17
ACTION/Discussion:
• How will you facility manage such information, both in its paper form and electronically?
• Perhaps this provides an opportune time to move to centralized/enterprise focused release of information services.
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 18
Health Information of Deceased Individuals
• Standard 164.502 (f)– A covered entity must comply with the requirements of the HIPAA privacy rule
with respect to the protected health information of a deceased individual for a period of 50 years following the death of the individual
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 19
No longer PHI 50 years after death - EXCEPTIONS
• The Rule does not override or interfere with State or other laws that provide greater protection of such information or the professional responsibilities of mental health or other providers.
• This is not a record retention requirement..covered entities may choose to destroy decedent information although other applicable law may prescribe or limit such destruction.
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 20
Exception
• Disclosures permitted under other provisions of the Privacy Rule– For example:
– Research.. 45 CFR 164.512 (i) (l) (iii)– Uses and disclosures for which an authorization or opportunity to
agree or object is not required, without regard to how long the individual has been deceased.
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 21
The challenges in interpretation
• Determining the date of death of an individual• One cannot merely assume based on age of the patient’s health record• Accounting of disclosures remain as long as the records are
maintained
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 22
Decedent Information to family member or other involved in care
• Covered entity may disclose PHI to persons involved in decedent’s care or payment unless prior expressed preference of the individual is known to the covered entity 164.501 (b) (5) and provided the information released is relevant to such person’s involvement
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 23
Questions/Discussion:
• A covered entity may disclose to a close personal friend who was identified by the individual, the protected health information relevant to said person’s involvement with the individual’s health care or payment related to the individual’s health care?
• A covered entity may not use or disclose protected health information to locate a family member regarding an individual’s location?
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 24
Questions/Discussion:
• A covered entity or health care provider could describe the circumstances that led to an individual’s passing with the decedent’s sister who is asking about her sibling’s death?
• A distant relative calls to inquire about billing information to determine if assistance should be offered to the family?
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 25
Questions/Discussion:
• A decedent’s brother is asking about medical history of his brother?
• May a facility elect not to provide information to a family member even if they present legitimate need for relevant information?
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 26
Student
• Covered entity may release student immunization records to school without authorization – If state law requires school to have immunization record (state where school is
located)– Written or oral agreement (must be documented)
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 27
Questions/Discussion:
• Does the regulation require that verbal consent be documented within the medical record of the child?
• If a parent emails the practice to release immunization information to the school, will this serve as sufficient documentation?
• May a parent call the practice to request immunization information be released to a school?
• Any provision to the above types of requests?
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 28
Questions/Discussion:
• May you release information directly to the school, if the school contacts the covered entity requesting immunization records of a child?
• May a covered entity continue to disclose protected health information to State immunization registries?
• If the immunization information is contained on the same form with medical history, may this be released as well?
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 29
Disclosure and Sale of PHI
• New restriction on disclosures that describe item or service when covered entity receives financial remuneration from third party whose item or service is described.
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 30
Sale of PHI
• Covered entities may not receive remuneration in exchange for PHI (45 CFR 164.502 (1)(): (ii) – 78 Fed. Reg. 5696-5697)– EXCEPTIONS
– Treatment– Payment– Public Health– Sale of Covered Entity and related due diligence– Required by Law
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 31
Questions/Discussion:
• Would research purposes be considered an exception?• Would PHI to or by a business associate for activities that the
business associate undertakes on behalf of a covered entity, or on behalf of a business associate in case of a subcontractor be consider remuneration?
• What about providing an accounting of disclosures to an individual?
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 32
Questions/Discussion:
• Communication about a product or service and encourage use or purchase?
• Payment for refill reminders about drug that is currently prescribed with remuneration reasonably related to cost of communication?
• A covered entity is offered computers for data collection purposes/research, but they are allowed to keep the computers after the research is completed. Is this acceptable?
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 33
Types of Cost:
• May include both direct and indirect costs including:– Labor and supplies to ensure the PHI is disclosed in a permissible manner– Related capital and overhead costs
• Excluded are:– Fees charged to incur a profit from the disclosure of PHI (profit margin is not
allowed via HITECT Act section 13405)
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 34
Genetic Information Nondiscrimination Act (GINA)
• Signed into law in 2008
– Employers and Health Insurers can no longer discriminate against individuals based upon their genetic information.
– Encouraged patients to seek out medical care that is specifically tailored to his or her genetic makeup
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 35
GINA
• Sets a minimum standard of protection that must be met across the country. It does not weaken the protections by any state law that may be more stringent.
• The law did not cover life insurance, disability insurance or long-term care insurance.
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 36
Genetic Information
• Clarification that genetic information “is” health information
• Health plan (other than long-term care plan) may not sue or disclose genetic information for underwriting purposes
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 37
Omnibus rule impact to GINA
• Prohibits use and disclosures of genetic information for underwriting purposes– 78 Federal Register 6596 - 45 CFR 164.502 (a) (5)
– A health plan, excluding an issuer of a long-term care policy falling within paragraph (1) (viii) of the definition of health plan, shall not use or disclose protected health information that is genetic information for underwriting purposes.
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 38
Omnibus/Gina exceptions
• As provided in paragraph (a) (5) (i) (B) of section 164.502– Rules for , or determination of, eligibility for, or determination of, benefits under
the plan, coverage, or policy….(including deductibles, other cost sharing, risk assessments or participating in a wellness program);
– The computation of premium or contribution amounts under the plan, coverage, or policy
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 39
This prohibition does not limit
• Ability of a health plan to adjust premiums or contribution amounts• Ability of establishing rules for eligibility of an individual to enroll in
coverage• Ability to adjust premium or contribution amounts for an individual
based on the manifestation of a disease or disorder
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 40
Example/Question:
• If a health insurance issuer, with respect to an employer-sponsored group health plan, uses an individual’s family medical history or the results of genetic tests maintained in the group health plan’s claims experience information to adjust the plan’s blended, aggregate premium rate for the upcoming year…Is this a violation?
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 41
Answer/response
• YES
– The issuer would be using protected health information that is genetic information for underwriting purposes in violation of 45 CFR 164.502(1)(5)(i)
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 42
Example/Question:
• A group health plan uses family medical history provided by an individual incidental to the collection of other information on a health risk assessment to grant a premium reduction to the individual.. Is this a violation?
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 43
Answer/Response
• Yes– The group health plan would be using genetic information for underwriting
purposes in violation of 164.502 (1)(5) (i)
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 44
Example/Question:
• A health care provider uses or discloses genetic information as it sees fit for treatment of an individual… is this a violation?
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 45
Answer/Response:
• NO– The prohibition is limited to health plans. A health care provider may use or
disclose genetic information.
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 46
Example/Question
• An Health Maintenance Organization (HMO), acts as both a health plan and health care provider… is it a violation if they use genetic information?
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 47
Answer/Response:
• NO and YES– NO
– If used for purposes of treatment, to determine the medical appropriateness of a benefit, and as otherwise permitted by the Privacy Rule
– YES– If using the genetic information for underwriting purposes
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 48
Operationally
• Covered Entities (HMOs) that may serve also has a health plan.. And other organizations of this nature should ensure that appropriate staff members are trained on the permissible and impermissible uses of genetic information
– Refer to: 78 Federal Register 5666-5667
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
Slide 49
Questions
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
__________
