HCP 203 HIPPA REVIEW

Ace your homework & exams now with Quizwiz!

MONETARY FINES AND OR IMPRISONMENT EXISTS ===

1. FOR HEALTH CARE WORKERS WHO VIOLATE HIPAA GUIDELINES

WHO IS A BUSINESS ASSOCIATE

=A "Business Associate" is a person or entity that performs certain functions or activities that involve the use or disclosure of PHI on behalf of, or provides services to, a covered entity.

HIPPA ACCOUNTABILTY INCLUDES

ADMINSTRATIVE SIMPLIFICATION UNDER WHICH FALLS a) PRIVACY b) SECURITY c) ELECTRONIC DATA ¬ TRANSACTIONS ¬ CODE SETS IDENTIFIERS

WHAT FORM IS GIVEN TO PATIENT TO PATIENT INFORMING THEM OF THEIR PATIENT RIGHTS NOTICE OF PRIVACY PRACTICE (NOPP)

FORM GIVEN TO PATIENTS INFORMING THEM OF THEIR RIGHTS.SAME QUESTION: A PATIENTS PRIVACY RIGHTS ARE COMMUNICATED TO THE PATIENT IN WHAT FORM : RIGHTS NOTICE OF PRIVACY PRACTICE (NOPP) . PATIENT SIGNED THEIR ACKNOWLEDGEMENT OF FORM RECIEVED WITH SIGNATURE.

ACRONYM HIPAA STANDS FOR

H-HEALTH I-INSURANCE P-PORTABILITY AND A- ACCOUNTABILITY A -ACT

WHO MUST COMPLY WITH HIPAA PRIVACY RULE

LIMITS THE WAY IN WHICH MEMBERS OF THE WORKFORCE MAY USE AND DISCLOSE (RELEASE) PHI. WORKFORCE MEMBERS MUST HAVE A JOB-RELATED REASON TO USE AND OR DISCLOSE PHI. WORKERS, EMPLOYEES AND VOLUNTEERS ⎫ REQUIRES THAT ALL WORKFORCE MEMBERS USE ONLY THE MINIMUM AMOUNT OF PHI NECESSARY TO GET THE JOB DONE. THIS IS WHAT HIPAA DEFINES AS THE MINIMUM NECESSARY STANDARD.

THE PRIVACY RULE

THE PRIVACY RULE= PROTECTS INFORMATION KNOWN AS PROTECTED HEALTH INFORMATION (PHI) THAT EXISTS IN WRITTEN, ORAL AND ELECTRONIC FORMATS.

INCIDENTIAL USES AND DISCLOSURE

The Privacy Rule permits certain incidental uses and disclosures as long as the covered entity has adhered to the following: ¬ Applied reasonable safeguards ¬ Implemented the minimum necessary standard

May doctor's office or pharmacists leave messages for patients at their homes on the answering machine or with a family member?

Yes, the HIPAA Privacy Rule permits health care providers to communicate with patients regarding their health care; whether through the mail or by phone or in some other manner.

HITECH

is a Federal Law and part of the==American Reinvestment and Recovery Act (ARRA)==Effective September 23, 2009 Updated the HIPAA Privacy Rule to include protections against identity theft

PATIENT PRIVACY RIGHTS

ϖ PROVIDES PATIENTS WITH CERTAIN RIGHTS-THESE RIGHTS ARE COMMONLY REFERRED TO AS THE PATIENT PRIVCY RIGHTS. ϖ THESE RIGHTS ARE COMMUNICATED TO THE PATIENT IN THE NOTICE OF PRIVACY PRACTICES ϖ IF A PATIENT WISHES TO EXERCISE ANY OF THESE PRIVACY RIGHTS, THEY MUST DO SO IN WRITING

EXAMPLE OF BUSINESS ASSOCIATE ARE: Examples:

∇ Third party administrator that assists with claims ∇ A member of the covered entity's workforce is not a business associate

UNDER THE Uses & Disclosures AND TREATMENT PAYMENT : (SLIDE 46) ANSER IS TREATMENT

⎜ "Treatment" generally means the provision, coordination, or management of health care and related services ⎜ UNDER USES AND DISCLOSURE IN T9TREATMENT) AND P( PAYMENT) AND O( HEALTHCARE OPTIONS) THE PRIVACY RULE PROVIDER FOR BILLING AND COLLECTION ACTIVITIES ⎜ THE HIPAA SECURITY RULE REQUIRES ALL INSTITUATION DESIGNATE A PRIVACY OFFICER WHO IS RESPONSIBLE FOR ==== ⎫ DEVELOPMENT AND IMPLEMENTATION OF INFORMATION SECURITY POLICIES. ⎫ REGULAR REVIEWS OF RECORDS AND INFORMATION SYSTEM ACTIVITY. ⎫ DEVELOPMENT OF TRAINING PROGRAMS FOR ALL MEMBERS OF THE WORKFORCE.

MINIMUM NECESSARY STANDARD REQUIRES

⎫ THE STANDARD REQUIRES COVERED ENTITIES ( PROVIDER, INSURANCE ) TO EVALUATE THEIR PRACTICES AND ENCHANCES SAFEGUARDS TO PROTECT ACCESS AND DISCLOSURE OF PHI-PROTECTED HEALTH INFORMATION

What is required is that covered entities

⎫ must have in place suitable physical, technical, and administrative safeguards to protect the privacy of protected health information

OFFICE FOR CIVIL RIGHTS

♣ GOVERNMENT OFFICE FOR CIVIL RIGHTS AND THEY ENFORCE HIPAA STANDARDS.

WHAT IS THE PRIVACY OFFICERS RESPONSIBLE FOR?

♣ THE DEVELOPMENT AND IMPLEMENTATION OF PRIVACY POLICIES. ♣ PRIVACY RELATED TRAINING AND EDUCATION. ♣ INVESTIGATING PRIVACY RELATED COMPLAINTS. ♣ CONDUCTING ROUTINE AUDITS TO ENSURE COMPLAINCE


Related study sets

Information Security Chapter 8 Review Questions

View Set

Historic Documents That Influenced Ideas About the U.S. Government

View Set

Architecture- Enterprise network design such as Tier 2, Tier 3, and Fabric Capacity planning

View Set

Write comparative sentences and questions using as ... as (+) and (not) as ... as (-) PART 2

View Set