Upload
secky65
View
38
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Basic HIPAA Information
Citation preview
HEALTH INSURANCE PORTABILITY AND
ACCOUNTABILITY ACT BASICS
Background
Covered Entities
Rules for Disclosure
Penalties for Disclosures
Who needs Training
Health Insurance Portability & Accountability Act Public Law, Enacted in 1996 Privacy Rule took effect in 2003
Purpose Enacted to protect patients’ private information Sets guidelines for protecting patient information Prohibits release private protected health information
without the patient’s consent
Health Plans
Health Care Providers
Health Care Clearing House
Business Associate & Business Associate Contract
http://www.hhs.gov/ocr/office/index.html
http://www.hhs.gov/ocr/hipaa/contractprov.html
Covered Entity MUST disclose protected information to individuals or representative when they request access to
an accounting of disclosures of their protected informationHealth and Human services during a compliance
investigation, review or enforcement
Covered Entity is PERMITTED but not Required to use or disclose without the individual’s authorization
To the individual (unless required for access or accounting of disclosure
Treatment, Payment, and Health Care operations Opportunity to Agree or Object Incident to an otherwise permitted use and disclosure Public Interest and Benefit Activities Limited data set for the purpose of research, public health or
health care operations
Civil Money Penalties Covered entity failure to comply: $100 per failure
May not exceed $25,000/yr for multiple violation of identical rule
Criminal Penalties Knowingly disclosing protected info: $50,00 and up to 1yr in
prison
Wrongful conduct: $100,000 and up to 5yrs in prison
Wrongful conduct with intent to sell, transfer, or use protected information for commercial advantage, personal gain or malicious harm: $250,000 and up to 10yrs in prison
http://www.hhs.gov/ocr/office/index.html
http://www.hhs.gov/ocr/hipaa
All Covered Entities WILL
Provide training to each member in their organization
Provide training to each new member joining the organization within a reasonable period
Provide training to each member in the organization whose functions are affected by a material change in the policies or procedures required by subparts of the HIPAA