Upload
farrah-head
View
28
Download
4
Tags:
Embed Size (px)
DESCRIPTION
Welcome to UF. We’re from the Privacy Office and we’re here to help you… HIPAA Orientation College of Nursing– Fall 2014 Cheryl Webber, MS, RHIA University of Florida Privacy Manager Jacksonville Campus. Learning Objectives. What do Patients Value?. - PowerPoint PPT Presentation
Citation preview
Welcome to UF
We’re from the Privacy Office and we’re here to help you…
HIPAA Orientation College of Nursing– Fall 2014
Cheryl Webber, MS, RHIAUniversity of Florida Privacy Manager
Jacksonville Campus
Learning Objectives
HIPAA Training Requirements
Practical Tips for Compliance
Breach Notification
What do Patients Value?
Trust
• Patients must trust their care givers enough to share personal and often sensitive information needed for care.
If trust is broken, the health of the patient suffers first, and the reputation of the institution may follow.
HIPAA Training
Orientation and Annual Training are different!
You must complete the appropriate online module
Electronically sign the Confidentiality Agreement
Additional training modules for Shands and VA may be required!
HIPAA TrainingComplete:• General Awareness Training – if you will not be involved in any research
OR
• HIPAA for Researchers – if you will be involved in human subject research.
• NOTE: If you completed the official training between December 1 and today, you’re good to go – until next January.
Training and Re-training….
Failure to complete the training on time is a Level II HIPAA violation and will result in disciplinary action.
Be sure you are included in your college or department’s email list – ◦If so, you will also be on the All-HSC email list.
Privacy SanctionsSanctions for HIPAA violations are serious:• Fines• Jail-time
UF Sanctions• Loss of student privileges, computer access• Verbal counseling up to termination• Suspension or expulsion• Reporting to professional licensing or
credentialing boards
New Penalties
So, a breach involving PHI for 10 individuals could cost anywhere from $100 to $50,000 per disclosure
Tiers DescriptionMinimum
per Violation
Max per Year (for identical violations)
Tier A Did not know $100 - $50,000 $1,500,000
Tier B Reasonable cause – not willful neglect
$1,000 - $50,000 $1,500,000
Tier CWillful neglect –
corrected w/in 30 days
$10,000 - 50,000 $1,500,000
Tier D Willful neglect – uncorrected $50,000 $1,500,000
Common HIPAA Violations Unauthorized disclosures:• Be aware of your surroundings when discussing patients• Use extra caution with privileged information
Improper use of portable devices: laptops, PDAs, camera phones, etc. • Recording (and sharing) unauthorized pix and videos• Failure to use encryption• Losing or misplacing equipment
Removal of PHI or health records from UF premises.
Practical Tips for ComplianceShare PHI only with those who have a
professional need to know.Use strong passwords consistent with UF
policies.Properly destroy PHI.Do not disable virus protection
applications.
Practical Tips for ComplianceYou are responsible for activity originating from
your account.
Do not access your own record or that of a family member’s
Email PHI when necessary-within the UF domain
Encrypt external emails containing PHI-avoid AOL, Yahoo, Gmail.
Breach Notification
HITECH Act and Florida law requires covered entities to report breaches to the patient when:
– Unencrypted PHI is disclosed
– An individual’s SSN is inappropriately disclosed
Examples of a BreachA breach is any unauthorized disclosure:
• Stolen laptop/tablet
• Accidental disclosure- sharing PHI with someone over the phone or in person you thought was the patient
• Emailing/faxing patient information to an unauthorized third party
Reporting a BreachTo your supervisorUF Privacy Hotline: (866) 876-4472Online at [email protected]
If you know about a Privacy or Security incident, it is your responsibility to report it!
Primary Take-Aways
Only access the PHI you need.
Complete HIPAA training
Report a breach
Questions?UF Privacy Office
◦(352) 273-1212
• Cheryl Webber, MS, RHIA
◦(904) 244-6229