HCP 203 HIPPA REVIEW
MONETARY FINES AND OR IMPRISONMENT EXISTS ===
1. FOR HEALTH CARE WORKERS WHO VIOLATE HIPAA GUIDELINES
WHO IS A BUSINESS ASSOCIATE
=A "Business Associate" is a person or entity that performs certain functions or activities that involve the use or disclosure of PHI on behalf of, or provides services to, a covered entity.
HIPPA ACCOUNTABILTY INCLUDES
ADMINSTRATIVE SIMPLIFICATION UNDER WHICH FALLS a) PRIVACY b) SECURITY c) ELECTRONIC DATA ¬ TRANSACTIONS ¬ CODE SETS IDENTIFIERS
WHAT FORM IS GIVEN TO PATIENT TO PATIENT INFORMING THEM OF THEIR PATIENT RIGHTS NOTICE OF PRIVACY PRACTICE (NOPP)
FORM GIVEN TO PATIENTS INFORMING THEM OF THEIR RIGHTS.SAME QUESTION: A PATIENTS PRIVACY RIGHTS ARE COMMUNICATED TO THE PATIENT IN WHAT FORM : RIGHTS NOTICE OF PRIVACY PRACTICE (NOPP) . PATIENT SIGNED THEIR ACKNOWLEDGEMENT OF FORM RECIEVED WITH SIGNATURE.
ACRONYM HIPAA STANDS FOR
H-HEALTH I-INSURANCE P-PORTABILITY AND A- ACCOUNTABILITY A -ACT
WHO MUST COMPLY WITH HIPAA PRIVACY RULE
LIMITS THE WAY IN WHICH MEMBERS OF THE WORKFORCE MAY USE AND DISCLOSE (RELEASE) PHI. WORKFORCE MEMBERS MUST HAVE A JOB-RELATED REASON TO USE AND OR DISCLOSE PHI. WORKERS, EMPLOYEES AND VOLUNTEERS ⎫ REQUIRES THAT ALL WORKFORCE MEMBERS USE ONLY THE MINIMUM AMOUNT OF PHI NECESSARY TO GET THE JOB DONE. THIS IS WHAT HIPAA DEFINES AS THE MINIMUM NECESSARY STANDARD.
THE PRIVACY RULE
THE PRIVACY RULE= PROTECTS INFORMATION KNOWN AS PROTECTED HEALTH INFORMATION (PHI) THAT EXISTS IN WRITTEN, ORAL AND ELECTRONIC FORMATS.
INCIDENTIAL USES AND DISCLOSURE
The Privacy Rule permits certain incidental uses and disclosures as long as the covered entity has adhered to the following: ¬ Applied reasonable safeguards ¬ Implemented the minimum necessary standard
May doctor's office or pharmacists leave messages for patients at their homes on the answering machine or with a family member?
Yes, the HIPAA Privacy Rule permits health care providers to communicate with patients regarding their health care; whether through the mail or by phone or in some other manner.
HITECH
is a Federal Law and part of the==American Reinvestment and Recovery Act (ARRA)==Effective September 23, 2009 Updated the HIPAA Privacy Rule to include protections against identity theft
PATIENT PRIVACY RIGHTS
ϖ PROVIDES PATIENTS WITH CERTAIN RIGHTS-THESE RIGHTS ARE COMMONLY REFERRED TO AS THE PATIENT PRIVCY RIGHTS. ϖ THESE RIGHTS ARE COMMUNICATED TO THE PATIENT IN THE NOTICE OF PRIVACY PRACTICES ϖ IF A PATIENT WISHES TO EXERCISE ANY OF THESE PRIVACY RIGHTS, THEY MUST DO SO IN WRITING
EXAMPLE OF BUSINESS ASSOCIATE ARE: Examples:
∇ Third party administrator that assists with claims ∇ A member of the covered entity's workforce is not a business associate
UNDER THE Uses & Disclosures AND TREATMENT PAYMENT : (SLIDE 46) ANSER IS TREATMENT
⎜ "Treatment" generally means the provision, coordination, or management of health care and related services ⎜ UNDER USES AND DISCLOSURE IN T9TREATMENT) AND P( PAYMENT) AND O( HEALTHCARE OPTIONS) THE PRIVACY RULE PROVIDER FOR BILLING AND COLLECTION ACTIVITIES ⎜ THE HIPAA SECURITY RULE REQUIRES ALL INSTITUATION DESIGNATE A PRIVACY OFFICER WHO IS RESPONSIBLE FOR ==== ⎫ DEVELOPMENT AND IMPLEMENTATION OF INFORMATION SECURITY POLICIES. ⎫ REGULAR REVIEWS OF RECORDS AND INFORMATION SYSTEM ACTIVITY. ⎫ DEVELOPMENT OF TRAINING PROGRAMS FOR ALL MEMBERS OF THE WORKFORCE.
MINIMUM NECESSARY STANDARD REQUIRES
⎫ THE STANDARD REQUIRES COVERED ENTITIES ( PROVIDER, INSURANCE ) TO EVALUATE THEIR PRACTICES AND ENCHANCES SAFEGUARDS TO PROTECT ACCESS AND DISCLOSURE OF PHI-PROTECTED HEALTH INFORMATION
What is required is that covered entities
⎫ must have in place suitable physical, technical, and administrative safeguards to protect the privacy of protected health information
OFFICE FOR CIVIL RIGHTS
♣ GOVERNMENT OFFICE FOR CIVIL RIGHTS AND THEY ENFORCE HIPAA STANDARDS.
WHAT IS THE PRIVACY OFFICERS RESPONSIBLE FOR?
♣ THE DEVELOPMENT AND IMPLEMENTATION OF PRIVACY POLICIES. ♣ PRIVACY RELATED TRAINING AND EDUCATION. ♣ INVESTIGATING PRIVACY RELATED COMPLAINTS. ♣ CONDUCTING ROUTINE AUDITS TO ENSURE COMPLAINCE
