SCT102 - HIPAA

¡Supera tus tareas y exámenes ahora con Quizwiz!

ePHI Security Measures

1. don't face monitors towards patient view 2. log out when leaving work station 3. encrypt emails with PHI 4. never share passwords 5. take extra precautions with portable PHI devices (cell phones, tablet, laptop, etc.)

What rights do patients have with HIPAA?

1. right to access their PHI 2. right to request an amendment of their PHI 3. right to request a restriction on who can see their PHI 4. right to have a confidential communication 5. right to accounting of disclosures (who looked at their info) 6. right to file a complaint 7. right to receive notice on how PHI is used

How do you report a suspected HIPAA violation?

1.Inform your supervisor 2 Call the Compliance Office at the facility if you are not comfortable talking to your supervisor 3.Call the Compliance Hotline - anonymous call

Who does the HIPAA Privacy Rule apply to?

Covered entities - 1. Healthcare providers (hospitals, nursing homes, etc.) 2. Health plans (ins co) 3. Healthcare clearing houses (billing)

HIPAA - definition

Federal Law that is designed to protect the privacy and security of patient health information

What does HIPAA stand for?

H - Health I - Insurance P - Portability A - Accountability A - Act

Minimum Necessary

HIPAA principle that states that any person using or disclosing PHI must only use or disclose the minimum amount of information necessary to perform the particular task at hand, applies to all disclosures For disclosures - only release the information needed to process the request. Only share PHI with others who need to know and are legally allowed to know

Safeguards - Mailing, Fax

Mailing - use secure carriers such as UPS, certified mail Fax - attach coversheet, double-check fax #

Safeguards - Disclosure to third parties

Never assume that you may freely discuss a patient's condition when friends or family members of the patient are present. Always get the approval of the patient or their guardian first before discussing their health information in front of these individuals.

TPO - O

Operations - all of the day-to-day functions a health care provider must perform in order to provide health care services

TPO - P

Payment - the activities undertaken to obtain or provide reimbursement for the provision of health careT

PHI

Protected Health Information; any individually identifiable health information a covered entity has regarding a patient. Patient identifier + health info = PHI

TPO - T

Treatment - the provision, coordination, or management of health care and related services by one or more health care providers

TPO

Treatment, Payment & Operations

ePHI

electronic protected health information

HIPAA Privacy Rule

exists to ensure the confidentiality of patient health information

Non-retaliation Policy

policy that states any employees making good faith reports of suspected violations will not be retaliated against.

HIPAA Security Rule

requires that all PHI stored in any electronic form is confidential, available, and accurate

Safeguards - Storage, Transport, Disposal

storage - keep physical files in locked medical cabinets away from public access and return all files to here once done using them transport - used a locked briefcase during transit disposal - never use regular garbage cans, shred or put in designated host container

Under the Privacy Rule, providers must get _________ _________ from a patient before using or disclosing their PHI to any third party

written authorization


Conjuntos de estudio relacionados

Chapter 5 HR Planning & Recruitment

View Set

Chapter 1: What is Business Strategy?

View Set

Comm 1100 Public Speaking McGloin Exam

View Set

An Introduction to MIS - Chapter 3: Hardware, Software, and Networks

View Set