Compliance and Privacy/Security Training Academic Year
|
|
- Anthony Tate
- 6 years ago
- Views:
Transcription
1 Compliance and Privacy/Security Training Academic Year Dear Student, Welcome to UConn Health. This training packet includes a general overview of compliance principles, UConn Health s Compliance Program and Privacy and Security. Please review the training and complete and sign the training attestation. Return the signed attestation to your instructor, host, and preceptor or the individual that is responsible for your student experience here at UConn Health. The Compliance/Privacy and IT Security Offices are available to answer any questions or to address any compliance- or privacy/security-related concerns during your work at UConn Health. Specific resource and contact information may be found in the training packet. Thank you in advance for your cooperation. Virginia Pack, Associate Compliance Officer
2 Certification of HIPAA Privacy/Security/HITECH Training Packet Completion I have read and understand the UConn Health HIPAA Privacy/Security/HITECH training materials. Further, I understand that the location of additional information about UCHC's policies and procedures related to patient privacy have been detailed in the training documents. Printed Name Signature Date
3 UConn Health Compliance Program/Privacy Office UConn Health IT Security Office
4 UConn Health is dedicated to helping people achieve and maintain healthy lives and restoring wellness/health to maximum attainable levels. In this quest, we will continuously enable students, professionals and agencies in promoting the health of Connecticut s citizens. We will consistently pursue excellence and innovation in the education of health professionals; the discovery, dissemination and utilization of new knowledge; the provision of patient care; and the promotion of wellness.
5 Introduction to Compliance and the Office of Audit, Compliance and Ethics
6 What is compliance?
7 The rules associated with an academic health center include: Federal, state and local laws and regulations. University, UConn Health and department-specific policies and procedures. Quality and accreditation standards in areas such as medical and dental education, hospital and research. As healthcare and healthcare law become increasingly complex, practitioners and institutions must understand applicable laws to avoid the consequences associated with noncompliance such as: Negative publicity Fines Loss of funding Exclusion from participation in federal health care programs.
8 Compliance is about doing things right according to laws, regulations, standards, policies, etc. Ethics is about doing the right thing by our patients, research participants, fellow students, colleagues and others regardless of what the law says. Both are key to institutional integrity. The UConn Health Compliance Program, part of the University s Office of Audit, Compliance and Ethics, promotes and facilitates individual and institutional compliance, ethics and integrity in carrying out UConn Health s mission.
9 Interpret complex laws and regulations. Answer compliance/ethics questions and provide consultation. No question is too small or too big! Monitor institutional processes and recommend improvements. Assist in resolving compliance concerns. Investigate reports of non-compliance or unethical practice. Provide individual, departmental or institutional education.
10 How do we work with you as a team? Your Role Follow applicable laws and regulations. Compliance Office Role Provide information and education. Ask questions. Use available resources. Report compliance/ethics concerns or suspected violations of law or policies. Answer your compliance and ethics questions. Provide resources and guidance. Investigate and resolve reported concerns.
11 To report a compliance or ethics concern contact: The Office of Audit, Compliance and Ethics Phone: compliance.officer@uchc.edu or REPORTLINE: (available 24 hours a day, seven days a week and completely anonymous): Employees and students not only have a right but an obligation to report known or suspected non-compliance or unethical practice. Retaliation against any individual who, in good faith, reports or who participates in the investigation of alleged violations is strictly forbidden.
12 All members of the UConn Health community are obligated to ensure the privacy and security of confidential information with which they may come in contact. As students, you may encounter situations in which you have access to patients health information and potentially to other types of confidential information. This training section will assist you to be aware of important privacy and security principles as well as UConn Health policies and procedures. Refer to the policy links throughout the training for more detailed information.
13 UConn Health has a responsibility to protect all types of confidential information related to: Patients Research participants Students Employees Social Security numbers, credit card numbers, and other financial data Systems IDs and passwords Institutional data and processes Unless you need to know specific confidential information to carry out your UConn Health responsibilities, do not access it, look at it, use it or share it. Please review the Confidentiality policy.
14 HIPAA stands for: Health Insurance Portability and Accountability Act The Privacy Rule: established national standards for the protection of all forms of health information created by covered entities, including health care providers. set limits on the uses and disclosures of such information. gave patients rights over their health records. The Security Rule: established national standards for the security of electronic health information (ephi) to protect individual ephi created, received, used or maintained by covered entities. outlined administrative, technical and physical procedures to ensure the confidentiality, integrity and availability of ephi.
15 HITECH stands for: Health Information Technology for Economic and Clinical Health Act HITECH resulted in significant changes to HIPAA Privacy and Security. Widened the scope of privacy and security protections under HIPAA. Includes health care information technology incentives. Electronic data transmission is a double edged sword. Advances in technology lead to increased vulnerability of personal information.
16 PHI is any type of health information maintained or transmitted in any medium (verbal, paper, photographed, electronic, etc.) that can be linked to a specific individual by a unique identifier. Electronic PHI (ephi) is patient information stored on computers, storage devices, or in any UConn Health electronic system.
17 More Obvious: Less Obvious: Name Addresses including /internet Zip Code Phone and fax numbers Social security number Medical record number License numbers Account numbers e.g. bank, retirement and credit card Fingerprints Full or partial photo that could identify an individual Vehicle identifiers e.g. license plates/serial numbers Dates including birth, death, admission and discharge URL and IP address Device identifiers and serial numbers Codes that are related to the individual or can be translated into identifiable information Any other unique number or characteristic
18 Information is considered de-identified when all identifiers are removed such that the information cannot be linked to any individual or be re-identified. De-identified information is not considered PHI and, therefore, is not protected under the HIPAA Privacy rule. Refer to policy: Creation, Use and Disclosure of De-identified PHI
19 Privacy should be seen as important as other aspects of patient care. Consider privacy implications with regard to physical layouts and department processes and address those that place patient privacy at risk. Respect for patient privacy goes hand in hand with respect for that individual s dignity and significantly contributes to overall patient satisfaction. Patient feedback underscores how important privacy is to the overall patient experience. Assure patients and demonstrate in your care that their privacy is important. Respond right away to any patients privacy questions and concerns. In other words, stop and think: Am I doing everything that I can to respect and protect this individual s privacy?
20 Patients or their personal representatives may request to view/obtain copies of that patient s PHI. UConn Health must act on a request for PHI as soon as possible but no later than 30 calendar days after receiving the request. If acting on the original request within 30 days is impossible, UConn Health must provide to the requestor within the initial 30-day timeframe, a written explanation and date by which the request will be fulfilled. These requirements extend to patient requests to send information to a third party as well as for PHI maintained by UConn Health business associates.
21 With respect to their PHI, patients under our care are entitled to: information about their rights under HIPAA and how their PHI will be used or disclosed. protection of the privacy and security of their health information. access to their health information. request corrections of information in their records. restrict certain disclosures of their information. notification if the privacy or security of their information is compromised.
22 The Notice of Privacy Practices (NOPP) explaining patients rights under HIPAA is provided to all patients except Correctional Managed Health Care (CMHC) inmate/patients as part of the treatment consent process. The consent to treatment also serves the purpose of the patient s acknowledgment of receipt of the NOPP. As part of consent, a patient may give permission to communicate health information with others and request to restrict disclosure of PHI to health insurers or to be excluded from appointment reminders. If another individual signs the consent on behalf of the patient, that person s identity and his or her relationship to the patient (i.e. parent, guardian, authorized representative) must be verified. Refer to policy: Consent to Treatment
23 Original medical records are the property of UConn Health and may not be removed from the facility under any circumstances except by court order. Patients or their authorized representatives have the right to view their own records upon written request using approved forms. Requests to view are first reviewed with the patient s attending physician or appropriate UConn Health representative. A written response is provided to the patient for any request denial. Refer to policy: Patient Right to View His/Her Medical/Dental/Research and/or Billing Record
24 Most requests for patient records should be referred to the Health Information Management (HIM) Release of Information department. If information is needed immediately and the treating provider approves, clinical areas may provide to the patient copies of documents such as labs, diagnostic results and clinical notes related only to the care in that department. Information that may not be released: Psychotherapy notes (separate from the clinical record). Patient information from research labs that are exempt from Clinical Laboratory Improvement Amendment (CLIA) requirements. Information for use in pending litigation. Refer to policy: Patient Right to Request Copies of His/Her Medical/Dental/Research and/or Billing Record
25 Patients can request record amendments at any time during or after treatment. Whether granted or denied, all amendment requests must be acted upon promptly but no later than 60 days after the request is made. For guidance and assistance with amendment requests in: Medical/Dental records contact Health Information Management (HIM) Research records contact HIM or the study s Principal Investigator Billing records contact Patient Services Refer to policy: Patient Right to Amend His/Her Medical/Dental/Research and/or Billing Record
26 UConn Health must honor all patient requests: to receive communications of PHI from UConn Health by alternative means or at alternative locations. to restrict certain disclosures of PHI to health plans if specific criteria are met. Patients may also choose to be excluded from automated, verbal or written appointment reminders. Refer to policies: Patient Right to Request Confidential Communications Patient Right to Request Restrictions on Use And Disclosure of Protected Health Information
27 Disclosure Tracking Logs must be completed when PHI is released outside of UConn Health for reasons unrelated to treatment, payment or health care operations and of which the patient is otherwise unaware (e.g. to regulatory agencies, for judicial proceedings, to medical examiners, for research purposes or to report abuse, neglect and domestic violence). Unauthorized disclosures that result in a privacy incident must also be documented on the tracking log. Refer to policy: Accounting of Disclosures of Protected Health Information to Patients
28 Patient authorization to access, use or share their PHI is needed unless: the purpose is related to treatment, payment for treatment, or healthcare operations such as quality improvement, training, performance evaluations, audits or as required by law A valid authorization must include specific information to ensure the patient or representative understands what PHI is involved, who is requesting PHI, the purpose of the requested use or disclosure, and the right to revoke an authorization. Regardless of the need for patient authorization, PHI that is accessed, used or shared for any purpose other than treatment, should be limited to the minimum necessary information required to accomplish the task at hand. Refer to policies: Authorization for Release of Information Minimum Necessary Data
29 Patient complaints related to the privacy or security of their PHI should be directed to the UConn Health Patient Relations Department or to the Privacy or Security office. Patients may also elect to file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights. Refer to policy: Patient Complaint Regarding Use and Disclosure of PHI
30 Verbal Communications Involving PHI
31 The Privacy Rule is not intended to interfere with necessary patient care communications. Discuss PHI only with those that need to know for their assigned job or student functions. Be sensitive to your surroundings and who may be able to overhear you. Discuss PHI in a private area if possible. Lower your voice in open areas. Avoid discussions in public areas such as elevators and cafeterias, even if you think no one is nearby. HIPAA recognizes that incidental disclosures may be unavoidable at times as long as safeguards are in place to minimize such disclosures.
32 UConn Health institutional policy Use and Disclosure Involving Family and Friends refers to policies in each type of patient area to guide communications with a patient s family and friends: Inpatient Outpatient Outpatient Psychiatry Dental Permission to Communicate covers disclosures needed to assist with coordination of a patient s care but does not necessarily grant the right to disclose PHI that is unrelated to the current care of a patient. When others are present during a discussion with a patient, ask for the patient s permission at that time before sharing PHI. Do not assume it s OK to discuss patient information in front of family or other visitors just because they are there. If circumstances make it impossible to obtain patient permission, share only information you believe to be in the patient s best interest.
33 PHI may be shared with a patient s personal representative who has verified legal authority to act on behalf of that patient. It is not necessary for personal representatives to be designated on the Permission to Communicate form. HIPAA recognizes that a personal representative has the same rights as the patient and should be treated in the same manner with regard to PHI use and disclosure.
34 When calling a patient: Use the phone number designated by the patient remember, it may be an alternate phone number. Confirm that you are speaking with the patient or someone that has permission to communicate about the patient. Do not leave PHI on answering machines or with individuals not authorized by the patient. If leaving a message, provide only your name, that you are calling from UConn Health, who the message is intended for, and ask that the individual return your call. Refer to policy: Telephone/Voic /Answering Machine Disclosure of PHI
35 Unless a patient has specifically opted out, individuals may disclose: a patient s hospital room and telephone number to persons that inquire about that patient by name (except patients on the Psychiatric and Department of Correction units). a patient s religious affiliation to members of the clergy. All inquiries about John Dempsey Hospital patients must be forwarded to the UConn Health Information Desk or telephone operators. All media requests for patient information must be forwarded to Health Marketing and Multimedia. Refer to policies: Directory Information: Disclosure of a Patient s Information Media Relations
36 Ask open ended verification questions such as Can you please verify your address? rather than Is your address still.? Before sharing any PHI, verify: the identity of the individual requesting the information, including that of a patient who calls for information about himself/herself. that any individual other than the patient has the right to obtain information that is requested. If an individual s identity and/or legal authority cannot be verified, do not disclose any PHI and report the request to your supervisor. Refer to policy: Verification of Individuals or Entities Requesting Disclosure of Protected Health Information
37 Use particular caution when PHI is requested for law enforcement reasons. Do not assume that a subpoena or court order requires immediate release of PHI. Check before disclosing. Refer all law enforcement PHI requests (including those by UConn Health Police Department) to your supervisor.
38 Managing Confidential Information on Paper
39 Keep documents with confidential information in locked areas or cabinets. Do not leave papers lying around or unattended in offices or any desks/counters, printers, or fax machines. If you must carry papers with PHI, keep track of all pages and shred them as soon as they are no longer needed. Avoid taking notes or documents with confidential information into bathrooms, cafeterias, lounges or other public places. Do not leave documents with any confidential information in your personal vehicle. Do not personally transport patient records or ask a patient to transport his or her own record from one UConn Health location to another. Refer to policy: Medical/Dental Patient Records: Transportation of Paper Records and Other MediaRecords
40 Locked entrances and restricted access areas reduce privacy risks only when proper procedures are followed. Wear your UConn Health ID badge at all times to safely enter and exit restricted areas. Do not hold a door open or allow anyone without proper identification to access a restricted area, especially if you do not recognize the person. If you see anyone in your department without proper ID, ask questions or notify your department manager or person in charge. Do not assume an individual has authorized access just because he or she is there. Notify UConn Health police if you have any immediate safety concerns.
41 Follow the steps in policy: Handling Paper Communications About Patients including PHI Be particularly careful to: Check and initial each page before mailing or handing documents with PHI. The greatest risk exists when pages are not checked. Use two forms of identification when preparing and when handing documents to a recipient. Use extra caution with shared printers and guard against inadvertently picking up papers that can be mistakenly included with other documents.
42 Take extra precautions when faxing: Verify that you are sending a document to the correct number before faxing. Use only UConn Health approved cover sheets for both external and internal faxes. Remember to dial 9 followed by the number when faxing outside of UConn Health. Collect papers when you leave a fax machine. If you send a fax to the wrong recipient or location or learn that a fax sent from UConn Health was misdirected, notify your supervisor or contact the Privacy Office immediately. If you receive a misdirected fax from another entity, notify the sender. Refer to policy: Faxing of PHI
43 Non-textual patient data includes patient photographs, radiology images, pathology slides, physiological tracings and audio/video recordings. Consent to treatment includes permission to capture non-textual patient data for clinical purposes. Patient authorization may be required to use or disclose identifiable non-textual data. Be especially aware of privacy implications when using video monitoring equipment in patient care. Refer to policy: Visual, Audio, or Other Recording of Patient Data Obtained Through Any Other Medium
44 Protection of Electronic PHI (ephi)
45 Electronic resources are university/state agency property and should be used only for UConn Health-related business purposes. Accesses to electronic patient information systems are monitored regularly. Confidential electronic data should be accessed only as needed for assigned UConn Health responsibilities. There should be no expectation of privacy. All data stored on UConn Health systems is discoverable under certain circumstances. Always log off when you step away from a computer on which you have been working. You will be held accountable for improper accesses by another individual using your login information. When you leave UConn Health, all information must be properly destroyed or returned to your supervisor. Refer to policies: Information Technology Computer/Electronic Resource Use Policy UCHC Information Security: Acceptable Use UCHC HIPAA Security Virus Protection Policy
46 To use UConn Health electronic systems, you must have and protect your unique login and password information. Create strong passwords that are easy to remember by replacing letters with numbers and special characters. Examples include: H1ker$GuiDe42, N0!Pr0mises?, IL<3EdSh33ran! Do not share passwords with any other person or allow anyone to access electronic systems using your login information. Do not request, store or use anyone else s credentials in any way. IT does not need your password to provide you or your team with support. Whatever you do, don t write your password down and leave the paper in an area accessible to others. Refer to policy: UCHC Information Security: Systems Access Control
47 UConn Health s new electronic medical record (EMR), referred to as HealthONE or Epic is expected to go live in April, Stay up-to-date on the latest developments, get questions answered and check plans for training on the UConn HealthONE website.
48 Securing mobile devices is a must! Any device used to access confidential UConn Health data and/or clinical network must have security controls as defined by Information Technology. Personal smartphones or tablets used for or any other UConn Health business must be registered and secured using Bring Your Own Device (BYOD). Report any lost or stolen mobile devices to the UConn Health Police Department immediately. Refer to policy: Mobile Computing Device (MCD) Security
49 Treat any containing PHI with the same degree of privacy as a patient s medical record. Communicate only with individuals that have a need to know and are properly authorized to receive the information. Double check all recipients to be sure you are including the correct individual(s). Use extra care when choosing names from the address book, persons with similar names or when recipient names auto-populate in the To or cc lines. s containing any confidential information or PHI that are sent outside of the UConn Health network must be encrypted. Refer to policies: Electronic Communication of Confidential Data and Communication with Patients/Research Participants
50 Click the secure icon in the upper left hand corner of the message screen or Type [secure] (brackets and the word) in the subject line or body. [secure]
51 Do not text confidential information unless a UConn Health approved secure text application has been installed and activated. Secure texting applications ensure that encrypted messages are transmitted from a secure server and prevent cell phone networks from keeping a message copy. Immediately report to your program director and the IT Security Office any text that is sent without using appropriate software. Information related to your UConn Health work should never be shared on social media sites. Patients may be identified even when minimal information is posted.
52 spam ( junk mail ) may pose extreme risk to the user and to UConn Health. Phishing scams are a form of cybercrime that involve conning users by acting as legitimate companies or organizations in order to obtain personal information such as passwords and login credentials. Do not click on unsolicited links or attachments in messages. Contact the IT Help Desk at helpdesk@uchc.edu if you have any doubts about received messages.
53 Be wary when: The request is urgent and asks for some type of credentials. There are penalties for not complying with the request. There are spelling errors. The and signature are generic, such as Thank you The Helpdesk and are missing logos, accurate phone numbers, names and titles. The URL web address doesn t make sense and is unrelated to the supposed requesting party.
54 Ransomware is malicious software designed to block access to a computer system until a sum of money (ransom) is paid. Healthcare has been specifically targeted by attackers and is especially vulnerable as ransomware can block access to electronic patient records. Patient care services may be disrupted putting patients at risk. The confidentiality of patient information is severely jeopardized. Ransomware is usually loaded by clicking on links or attachments in . Do not click on unsolicited links or attachments without verifying the authenticity of the sender or message.
55 Remember the red flags that signal possible ID theft such as: suspicious documents that appear to be forged or altered. inconsistent personal identifying information such as address and phone number. an individual s inability to provide any other identity authentication such as answers to challenge questions. Synthetic identity theft often includes a combination of real and fake credentials that are used to create new, "synthetic identities. Since only parts of an individual s actual information is used in combination with other individuals or fictitious information, the risk may be overlooked as an innocent information error. Trust your gut. If something doesn t seem right, seek guidance. Contact the Compliance Office with questions or concerns regarding known or suspected identity theft.
56 Dispose of paper with PHI or other confidential information including faxes, printed s or notes only in locked shredder bins to render the information undecipherable. Never discard PHI in wastebaskets, recycling bins, or in any publicly accessible area. Contact the Office of Logistics Management (OLM) to scrub all UConn Health information from electronic devices, especially PHI, before removing any electronic storage media/devices. Store computers/laptops or other devices in a locked, secure area when planning disposal. Do not leave them in hallways or other unlocked areas. Refer to policy: Disposal of Documents/Materials Containing PHI and Receipt, Tracking and Disposal of Equipment and Electronic Media Containing Electronic Protected Health Information.
57 Other Privacy and Security Considerations
58 PHI in any form may be used or disclosed for research purposes provided there is a valid participant authorization. Ensure that appropriate consents and authorizations are complete and signed. Obtain research HIPAA authorizations separately from consent unless an exception is granted by the UConn Health Institutional Review Board (IRB). Authorizations must clearly articulate how participants PHI will be used and with whom it will be shared. Alterations to or waivers of authorizations must be approved by the IRB. When conducting collaborative research with UConn Storrs or other entities, clearly define project roles, particularly those that include access to or use of PHI. Refer to applicable IRB protocols and to policy: Use and Disclosure of Protected Health Information for Research Purposes
59 In some instances, a Limited Data Set from which all direct identifiers associated with PHI have been removed may be used for research or other purposes. Follow specific steps when creating, using or disclosing a Limited Data Set. Ensure an appropriate data use agreement is in place. Use of PHI in preparation for research must be clearly defined and should include the minimum necessary to complete a preparatory review. PHI accessed, used or disclosed without proper authorization or outside of the IRB protocol parameters must be evaluated as potential breaches. Report privacy incidents immediately to the Privacy Office and to the IRB. Refer to policy: Limited Date Set-Creation, Use and Disclosure
60 Business Associates (BAs) are entities outside of the UConn Health workforce that may create, receive, maintain, or transmit PHI on behalf of UConn Health. A Business Associate must have processes in place to appropriately safeguard the PHI it creates or receives from UConn Health. Business Associate Agreements (BAAs) outline the respective responsibilities of UConn Health and the BA as well as document the BA s assurances to safeguard PHI. Refer to policy: Business Associate Contracts
61 UConn Health fundraising is coordinated through the UConn Foundation. Patients may opt out of fundraising communications and treatment cannot be conditioned on an individual s choice to opt out. Marketing is communication that encourages individuals to use a particular product or service. Specific HIPAA Privacy rules apply. Refer to policies: HIPAA Fundraising Compliance HIPAA Marketing Compliance
62 Managing Privacy and Security Incidents
63 Access, use or disclosure of PHI in violation of the HIPAA Privacy or Security Rules must be reported as a privacy or security incident. Notify the Privacy Office immediately of any incident that involves improper access, use or disclosure of PHI. Notify your program director and IT Security immediately if you know of or suspect a security incident such as: Hacking of any UConn Health electronic system. Compromise of an electronic device or system that may affect the privacy and security of stored confidential information. Notify the UConn Health Police Department about any lost or stolen electronic device that may contain PHI or other confidential information.
64 All Privacy and Security incidents must be evaluated but not all result in reportable breaches. A breach occurs when PHI is compromised resulting in significant risk of financial, reputational, or other harm to the individual. Every individual affected by a privacy or security breach must be notified of the incident. Breaches must also be reported to the Office for Civil Rights. Refer to policy: Breaches of Privacy and Security of PHI and Confidential Information
65 Privacy Office IT Security Office Privacy policies Security policies Iris Mauriello, Privacy Officer Bruce Metz, Chief Information Officer Peg DeMeo, Associate Compliance Officer Carrie Gray, Director, IT Security Ginny Pack, Associate Compliance Officer Privacy Office REPORTLINE:
66 and a team effort is key!
67 Thank you for completing Compliance and Privacy/Security training. Training Questions? Contact Ginny Pack at or
68 Compliance and Privacy/Security Training Academic Year Dear Student, Welcome to UConn Health. This training packet includes a general overview of compliance principles, UConn Health s Compliance Program and Privacy and Security. Please review the training and complete and sign the training attestation. Return the signed attestation to your instructor, host, and preceptor or the individual that is responsible for your student experience here at UConn Health. The Compliance/Privacy and IT Security Offices are available to answer any questions or to address any compliance- or privacy/security-related concerns during your work at UConn Health. Specific resource and contact information may be found in the training packet. Thank you in advance for your cooperation. Virginia Pack, Associate Compliance Officer
69 Certification of HIPAA Privacy/Security/HITECH Training Packet Completion I have read and understand the UConn Health HIPAA Privacy/Security/HITECH training materials. Further, I understand that the location of additional information about UCHC's policies and procedures related to patient privacy have been detailed in the training documents. Printed Name Signature Date
70 UConn Health Office of Audit, Compliance and Ethics Nonpaid Student Experience Academic Year I have completed the following trainings: o Compliance and Ethics Overview o Privacy and Security I have read, understood and will abide by the University of Connecticut Code of Conduct. I agree to abide by all policies referenced in these trainings. I have been informed about how to ask questions of, or to report concerns to, the UConn Health Compliance/Privacy and IT Security Offices. I understand that University policy prohibits retaliation toward any individual asking questions of, or reporting concerns to, the appropriate authority. I understand that violations of the University of Connecticut Code of Conduct and/or University/UConn Health policies may result in disciplinary measures as appropriate. Signature Printed Name Date
CLINICIAN S GUIDE TO HIPAA PRIVACY
CLINICIAN S GUIDE TO HIPAA PRIVACY Introduction... 2 What is HIPAA?... 2 Health Information Privacy... 2 Protected Health Information... 3 Identifiers... 3 HIPAA s Impact on Clinical Practice, Treatment,
More informationMCCP Online Orientation
1 Objectives At the conclusion of this presentation, students will be able to: Discuss application of HIPAA to student s role. Describe the federal requirements of the HIPAA/HITECH regulations that protect
More informationUpdated FY15 Dignity Health General Compliance Education for Staff Module 2
Updated FY15 Dignity Health General Compliance Education for Staff Module 2 This course will provide you with important information about the laws and regulations that affect the healthcare industry, our
More informationHIPAA Education Program
HIPAA Education Program 2017-2018 Assurance and Compliance Services HIPAA Training Requirement This HIPAA Training Program is intended for and will satisfy the training requirement for the: Mount Sinai
More informationHIPAA PRIVACY TRAINING
HIPAA PRIVACY TRAINING HIPAA Privacy Training Objective Present a general overview of HIPAA and define important terms Understand the purpose of HIPAA and the Privacy Rule Understand the term Protected
More informationHealth Information Privacy Policies and Procedures
University of the Pacific Arthur A. Dugoni School of Dentistry Health Information Privacy Policies and s These Health Information Privacy Policies & s implement our obligations to protect the privacy of
More informationInformation Privacy and Security
Information Privacy and Security 2015 Purpose of HIPAA HIPAA stands for the Health Insurance Portability and Accountability Act. Its purpose is to establish nationwide protection of patient confidentiality,
More informationHIPAA Training
2011-2012 HIPAA Training New Hire Orientation and General Training 1 This training is to ensure all Health Management workforce members (associates, contracted individuals, volunteers and students) understand
More informationStudy Management PP STANDARD OPERATING PROCEDURE FOR Safeguarding Protected Health Information
PP-501.00 SOP For Safeguarding Protected Health Information Effective date of version: 01 April 2012 Study Management PP 501.00 STANDARD OPERATING PROCEDURE FOR Safeguarding Protected Health Information
More informationPrivacy and Security For Teammates
Privacy and Security For Teammates This self-directed learning module contains information all CRHS Teammates are expected to know in order to protect our patients, our guests, and ourselves. Target Audience:
More informationParental Consent For Minors to Receive Services
Parental Consent For Minors to Receive Services Welcome to the University of San Diego s Wellness Area! We appreciate your coming our way, and look forward to working with you. The following provides important
More informationHIPAA PRIVACY DIRECTIONS. HIPAA Privacy/Security Personal Privacy. What is HIPAA?
DIRECTIONS HIPAA Privacy/Security Personal Privacy 1. Read through entire online training presentation 2. Close the presentation and click on Online Trainings on the Intranet home page 3. Click on the
More informationA general review of HIPAA standards and privacy practices 2016
A general review of HIPAA standards and privacy practices 2016 45 CFR, 164 Health Insurance Portability and Accountability Act Treatment, Payment and Healthcare Operations 42 CFR, Part 2, Confidentiality
More informationPrivacy and Security Compliance: The. Date Presenter Name of Member Organization
Privacy and Security Compliance: The Basics Date Presenter Name of Member Organization Privacy and Security Compliance: The Context for What We Do Privacy and Security compliance within (your office) is
More informationChapter 9 Legal Aspects of Health Information Management
Chapter 9 Legal Aspects of Health Information Management EXERCISE 9-1 Legal and Regulatory Terms 1. T 2. F 3. F 4. F 5. F EXERCISE 9-2 Maintaining the Patient Record in the Normal Course of Business 1.
More informationWhat is HIPAA? Purpose. Health Insurance Portability and Accountability Act of 1996
Patient Privacy and HIPAA/HITECH What is HIPAA? Health Insurance Portability and Accountability Act of 1996 Implemented in 2003 Title II Administrative Simplification It s a federal law HIPAA is mandatory,
More information2018 Employee HIPAA Orientation (EHO) Handbook
2018 Employee HIPAA Orientation (EHO) Handbook Using EHO The material in this booklet is designed to provide newly hired employees with an understanding of HIPAA s regulations and their impact on the employee
More informationHIPAA Health Insurance Portability and Accountability Act of 1996
HIPAA Health Insurance Portability and Accountability Act of 1996 Protected Health Information (PHI) Covers patient information in any form written, verbal, or electronic PHI Includes Any information that
More informationHIPAA and HITECH: Privacy and Security of Protected Health Information
HIPAA and HITECH: Privacy and Security of Protected Health Information What is HIPAA? Health Insurance Portability and Accountability Act of 1996 A federal law enacted to: Protect the privacy of a patient
More informationCHI Mercy Health. Definitions
CHI Mercy Health Definitions If you have any questions about this notice, please contact the CHI Mercy Health s Privacy Office at (701) 845-6540 or 570 Chautauqua Blvd, Valley City ND 58072. Notice of
More informationREVISED NOTICE OF PRIVACY PRACTICES ORIGINAL DATE: JANUARY 1, 2003 REVISED: JANUARY 16, 2014 REVISED: NOVEMBER 27, 2017 PLEASE REVIEW IT CAREFULLY
REVISED NOTICE OF PRIVACY PRACTICES ORIGINAL DATE: JANUARY 1, 2003 REVISED: JANUARY 16, 2014 REVISED: NOVEMBER 27, 2017 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED
More informationPOLICY NUMBER B JULY 8, 2014
POLICY NUMBER 2003-17-B JULY 8, 2014 POLICY: PATIENT RIGHT TO REQUEST COPIES OF HIS/HER MEDICAL/ DENTAL/RESEARCH AND/OR BILLING RECORD (Privacy & Security of Protected Health Information (PHI)) PURPOSE:
More informationHIPAA. Health Insurance Portability and Accountability Act. Presented by the UMMC Office of Integrity and Compliance
HIPAA Health Insurance Portability and Accountability Act Presented by the UMMC Office of Integrity and Compliance Rules and Regulations to ensure Privacy Set Federally recognized standards to ensure both
More informationPRIVACY POLICIES AND PROCEDURES
Vinay M. Reddy, M.D., Ethelynda Jaojoco, M.D. Karen D. Cain, PA-C Julie J. Stackhouse, PA-C Jacie Touart, PA-C Brian Vaccarezza, PA-C Physical Medicine & Rehabilitation Electrodiagnostic Medicine Disorders
More informationEast Carolina University 2010 Annual HIPAA Privacy Training
East Carolina University 2010 Annual HIPAA Privacy Training What are the HIPAA Privacy and Security Rules? Federal laws that govern the use and disclosure of health information of our patients and research
More informationYale University. HIPAA PRIVACY FAQs
HIPAA PRIVACY FAQs Table of Contents I. PRIVACY FUNDAMENTALS I- 4 WHAT IS HIPAA? WHAT IS HITECH? WHO NEEDS TO ABIDE BY HIPAA? ARE THERE PENALTIES FOR NOT COMPLYING? WHAT IS PHI? WHAT IDENTIFIES AN INDIVIDUAL?
More informationHIPAA Policies and Procedures Manual
UNIVERSITY of NORTH CAROLINA at CHAPEL HILL SCHOOL of NURSING HIPAA Policies and Procedures Manual November 2015 1 Table of Contents I. INTRODUCTION... 3 A. GENERAL POLICY... 3 B. SCOPE... 3 II. DEFINITIONS...
More informationWELCOME. Payment will be expected at the time of service. Please remember our 24 hour cancellation notice.
WELCOME Those of us at Crossroads Counseling want to thank you for choosing to work with us and we want to make your time with us as productive as possible. In order to expedite the intake process, please
More informationFCSRMC 2017 HIPAA PRESENTATION
FCSRMC 2017 HIPAA PRESENTATION BDO USA, LLP, a Delaware limited liability partnership, is the U.S. member of BDO International Limited, a UK company limited by guarantee, and forms part of the international
More informationStudent Orientation: HIPAA Health Insurance Portability & Accountability Act
_ Student Orientation: HIPAA Health Insurance Portability & Accountability Act HIPAA: National Privacy Law History of HIPAA What was once an ethical responsibility to protect a patient s privacy is now
More informationAUDIT DEPARTMENT UNIVERSITY MEDICAL CENTER HIPAA COMPLIANCE. For the period October 2008 through May JEREMIAH P. CARROLL II, CPA Audit Director
UNIVERSITY MEDICAL CENTER HIPAA COMPLIANCE For the period October 2008 through May 2009 JEREMIAH P. CARROLL II, CPA Audit Director Audit Department 500 S Grand Central Pkwy Ste 5006 PO Box 551120 Las Vegas
More informationAdvanced HIPAA Communications and University Relations
Advanced HIPAA Communications and University Relations accepts no liability of any use reliance placed on it, as it is warranty, express, or implied, or completeness of 1 the HIPAA Health Insurance Portability
More informationHIPAA Privacy Training for Non-Clinical Workforce
Office of Compliance Programs HIPAA Privacy Training for Non-Clinical Workforce Revised: January 24, 2017 HIPAA Privacy Workforce Training The Health Insurance Portability & Accountability Act (HIPAA)
More informationThe Privacy & Security of Protected Health Information
The Privacy & Security of Protected Health Information By the end of this course, you should: Be familiar with the patient s rights to privacy under HIPAA Privacy Act Be able to identify Protected Health
More informationVHA Privacy Policy Training FY VHA Privacy Office
VHA Privacy Policy Training Applicable Confidentiality Statutes and Regulations The following legal provisions govern the collection, use, maintenance, and disclosure of information from VHA records. The
More informationEmergency Medical Services Division Policies Procedures Protocols
Emergency Medical Services Division Policies Procedures Protocols Patient Medical Record Security and Privacy Policies and Procedures (1003.00) I. GENERAL PROVISIONS: A. The intent of these policies and
More informationValley Regional Medical Center HIPAA AND HITECH EDUCATION
Valley Regional Medical Center HIPAA AND HITECH EDUCATION Privacy and Security of Protected Health Information 1 HIPAA and Its Purpose What is HIPAA? Health Insurance Portability and Accountability Act
More informationCAPITAL SURGEONS GROUP, PLLC
CAPITAL SURGEONS GROUP, PLLC NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW
More informationHIPAA Privacy Policies & Procedures Table of Contents
HIPAA POCKET GUIDE HIPAA Privacy Policies & Procedures Table of Contents I. Clinical Policies A. Accounting of Disclosures..Pg 6 B. De-Identification of Information..Pg 7 C. Facility Directory...Pg 7
More informationWHAT IS HIPAA? HIPAA is the ELECTRONIC transmission of Three programs have been enacted to date Privacy Rule April 2004
Rev. 1/22/2010 HIPAA TRAINING WHAT IS HIPAA? Health Insurance Portability and Accountability Act HIPAA is the ELECTRONIC transmission of Three programs have been enacted to date Privacy Rule April 2004
More informationNotice of Privacy Practices
River Valley Chiropractic LLC Notice of Privacy Practices Effective 9/2014; Revised 9/2014 If you have any questions about this notice, please contact the River Valley Chiropractic Privacy Officer at 308-534-5840.
More informationHIPAA Privacy Rule. Best PHI Privacy Practices
HIPAA Privacy Rule Best PHI Privacy Practices Learning Objectives Define the acronym HIPAA. Understand your role and responsibilities under the privacy regulations. Know what patient s rights are in terms
More informationHIPAA Notice of Privacy Practices
HIPAA Notice of Privacy Practices Georgia Mountains Hospice understands that your health information is highly personal and we are committed to safeguarding your privacy. Please read this Notice of Privacy
More informationThe University of Toledo. Corporate Compliance and HIPAA Training. Presented by: The Compliance and Privacy Office
The University of Toledo Corporate Compliance and HIPAA Training Presented by: The Compliance and Privacy Office Topics Compliance HIPAA (Health Insurance Portability and Accountability Act) FERPA( Family
More informationYALE UNIVERSITY THE RESEARCHERS GUIDE TO HIPAA. Health Insurance Portability and Accountability Act of 1996
YALE UNIVERSITY THE RESEARCHERS GUIDE TO HIPAA Health Insurance Portability and Accountability Act of 1996 Handbook Table of Contents I. Introduction What is HIPAA? What is PHI? What is a Covered Entity
More informationNotice of Privacy Practices
Notice of Privacy Practices Effective September 23, 2013 TCHC.org An equal opportunity employer and provider. CLINICS Baxter Bertha Henning Ottertail Sebeka Verndale Wadena HOSPITAL Wadena 415 Jefferson
More informationThe Queen s Medical Center HIPAA Training Packet for Researchers
The Queen s Medical Center HIPAA Training Packet for Researchers 1 The Queen s Medical Center HIPAA Training Packet for Researchers Table of Contents Overview of HIPAA and Research 3 Penalties for violations
More informationPrivacy and Security Orientation for Visiting Observers. DUHS Compliance Office
Privacy and Security Orientation for Visiting Observers DUHS Compliance Office 919-668-2573 compliance@dm.duke.edu Introduction This orientation is to provide new Visiting Observers with the HIPAA Privacy
More informationPATIENT BILL OF RIGHTS & NOTICE OF PRIVACY PRACTICES
Helping People Perform Their Best PRIVACY, RIGHTS AND RESPONSIBILITIES NOTICE PATIENT BILL OF RIGHTS & NOTICE OF PRIVACY PRACTICES Request Additional Information or to Report a Problem If you have questions
More informationHealth Insurance Portability and Accountability Act. Awareness Training for Volunteers
Health Insurance Portability and Accountability Act Awareness Training for Volunteers Southeastern Health Southeastern Health has a strong tradition of protecting the privacy of patient information. Confidentiality
More informationCompliance Program, Code of Conduct, and HIPAA
Compliance Program, Code of Conduct, and HIPAA Agenda Introduction to Compliance The Compliance Program Code of Conduct Reporting Concerns HIPAA Why have a Compliance Program Procedures to follow applicable
More informationNavigating HIPAA Regulations. Michelle C. Stickler, DEd Director, Research Subjects Protections
Navigating HIPAA Regulations Michelle C. Stickler, DEd Director, Research Subjects Protections mcstickler@vcu.edu 828-0131 Key Definitions Covered Entity: Organization that handles identifiable health
More informationNotice of Privacy Practices
2269 CHERRY VALLEY ROAD, NEWARK, OH 43055 (740) 788-1400 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW
More informationNOTICE OF PRIVACY PRACTICES MOUNT CARMEL HEALTH SYSTEM
NOTICE OF PRIVACY PRACTICES MOUNT CARMEL HEALTH SYSTEM Effective Date: 9/23/ 2013 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.
More informationHIPAA THE PRIVACY RULE
HIPAA THE PRIVACY RULE Reviewed December 2012 HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of antidepressant medications in their mail. 2 HISTORY Many
More informationWilliamson County EMS (WCEMS) HIPAA Training for Third Out Riders
Williamson County EMS (WCEMS) HIPAA Training for Third Out Riders Training Statement: This training program is designed to educate you on WCEMS legal requirements to protect our patients rights and confidentiality,
More informationCommonwealth Health Corporation Notice of Privacy Practices CHC COMMONWEALTH HEALTH CORPORATION
CHC COMMONWEALTH HEALTH CORPORATION NOTICE OF PRIVACY PRACTICES Effective Date: April 14, 2003 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS
More informationNotice of. Privacy Practices. Dartmouth-Hitchcock Affiliated Covered Entity
Notice of Privacy Practices Dartmouth-Hitchcock Affiliated Covered Entity This Notice describes how medical information about you may be used and disclosed and how you can get access to this information.
More informationBreach Reporting and Safeguarding PHI Outpatient Services August, UAMS HIPAA Office Anita Westbrook
Breach Reporting and Safeguarding PHI Outpatient Services August, 2012 UAMS HIPAA Office Anita Westbrook Breaches and Breach Reporting Real Life Example An employee of a large hospital accidentally left
More informationNotice of Privacy Practices for Protected Health Information (PHI)
Notice of Privacy Practices for Protected Health Information (PHI) 301 Sicomac Avenue, Wyckoff, New Jersey 07481 (201) 848-5200 l www.chccnj.org CHRISTIAN HEALTH CARE CENTER LONG-TERM CARE DIVISION HERITAGE
More informationalways legally required to follow the privacy practices described in this Notice.
The ANXIETY & STRESS MANAGEMENT INSTITUTE 1640 Powers Ferry Rd, Building 9, Suite 10 0, Marietta, Georgia 30067, 770-953-0080 Health Insurance Portability and Accountability Act (HIPAA) NOTICE OF PRIVACY
More informationPRIVACY POLICY USES AND DISCLOSURES FOR TREATMENT, PAYMENT, AND HEALTH CARE OPERATIONS
PRIVACY POLICY As of April 14, 2003, the Federal regulation on patient information privacy, known as the Health Insurance Portability and Accountability Act (HIPAA), requires that we provide (in writing)
More informationBasic Information. Date: Patient s Name: Address:
1 Basic Information : Patient s Name: Address: Home Phone: Work Phone: Cell Phone: Email: Age: Birth : Marital Status: Occupation: Educational History: Name, Address and Phone of Child s School Counselor
More informationNotice of Privacy Practices
Notice of Privacy Practices This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully. If you have any
More informationThis notice describes Florida Hospital DeLand s practices and that of: All departments and units of Florida Hospital DeLand.
MRN: FIN: FLORIDA HOSPITAL DELAND HIPAA NOTICE OF PRIVACY PRACTICES Effective Date: September 23, 2013 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN
More informationHIPAA Privacy Regulations Governing Research
HIPAA Privacy Regulations Governing Research HIPAA Health Insurance Portability and Accountability Act In a Nutshell The Privacy Regulations govern a provider s use and disclosure of health information
More informationNew York Notice Form Notice of Psychologists Policies and Practices to Protect the Privacy of Your Health Information
New York Notice Form Notice of Psychologists Policies and Practices to Protect the Privacy of Your Health Information THIS NOTICE DESCRIBES HOW PSYCHOLOGICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED
More informationHH Health System-Shoals, LLC dba Helen Keller Hospital Notice of Privacy Practices
HH Health System-Shoals, LLC dba Helen Keller Hospital Notice of Privacy Practices THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.
More informationMobile Mammo Registration Instructions
Mobile Mammo Registration Instructions 1. Call to schedule your appointment @ 239-936-4068 2. Fill out the following forms Note: All forms must be completed even if you were a previous patient on RRC Mobile
More informationUSES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION: HIPAA PRIVACY POLICY
Page Number 1 of 8 TITLE: PURPOSE: USES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION: HIPAA PRIVACY POLICY To assure that individually identifiable health information contained in any University Health
More informationNew HIPAA Privacy Regulations Governing Research. Karen Blackwell, MS Director, HIPAA Compliance
New HIPAA Privacy Regulations Governing Research Karen Blackwell, MS Director, HIPAA Compliance kblackwe@kumc.edu 913-588 588-0942 HIPAA Health Insurance Portability and Accountability Act In a Nutshell
More informationPARAGOULD DOCTORS CLINIC PRIVACY NOTICE
PARAGOULD DOCTORS CLINIC PRIVACY NOTICE Protected Health Information THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE
More informationPatient Privacy Requirements Beyond HIPAA
Patient Privacy Requirements Beyond HIPAA Jane Hyatt Thorpe, J.D. School of Public Health and Health Services George Washington University Carrie Bill, J.D. Feldesman Tucker Leifer Fidell LLP The George
More informationOklahoma Surgicare NOTICE OF PRIVACY PRACTICES. Effective Date: 02/17/2010
Oklahoma Surgicare NOTICE OF PRIVACY PRACTICES Effective Date: 02/17/2010 THIS NOTICE DESCRIBES HOW HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.
More informationCompliance & Privacy For Teammates
Carolinas HealthCare System 2014 Annual Continuing Education Module Compliance & Privacy For Teammates This self-directed learning module contains information all Carolinas HealthCare System Teammates
More informationINFORMATION ABOUT CHILDREN S MERCY HOSPITALS AND CLINICS
INFORMATION ABOUT CHILDREN S MERCY HOSPITALS AND CLINICS The purpose of this brochure is to provide you with a brief orientation to Children s Mercy Hospitals and Clinics. It provides important information
More informationNOTICE OF PRIVACY PRACTICES
VII-07B Notice of Privacy Practices (p) The MetroHealth System 2500 MetroHealth Drive Cleveland, OH 44109-1998 NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW WE MAY USE AND DISCLOSE YOUR PROTECTED
More informationSUMMARY OF NOTICE OF PRIVACY PRACTICES
LAKE REGIONAL MEDICAL GROUP 54 HOSPITAL DRIVE OSAGE BEACH, MO 65065 SUMMARY OF NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU
More informationA Better You Counseling Services, LLC 1225 Johnson Ferry Road, Ste 170 Marietta GA
A Better You Counseling Services, LLC 1225 Johnson Ferry Road, Ste 170 Marietta GA 30068 404-216-1135 Health Insurance Portability and Accountability Act (HIPAA) NOTICE OF PRIVACY PRACTICES I. COMMITMENT
More informationAssociated Pediatric Dentistry Belleville, Edwardsville, O Fallon, IL
Associated Pediatric Dentistry Belleville, Edwardsville, O Fallon, IL Patient Name: DOB: ACKNOWLEDGEMENT OF RECEIPT OF NOTICE OF PRIVACY PRACTICES AND CONSENT **You May Refuse to Sign This Consent Acknowledgement**
More informationNOTICE OF PRIVACY PRACTICES
535 East 70th Street New York, NY 10021 (212) 606-1000 Specialists in Mobility NOTICE OF PRIVACY PRACTICES Effective Date: April 14, 2003 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE
More informationEMPLOYEE HANDBOOK EMPLOYEE HANDBOOK. Code of Conduct
EMPLOYEE HANDBOOK EMPLOYEE HANDBOOK L E A D I N G T E A C H I N G C A R I N G CODE OF CON DUCT Who We Are and What We Stand For In 2016, UNC Health Care adopted a system-wide. The purpose of this is to
More informationPROTECTING PATIENT PRIVACY IS NOT ONLY
HIPAA POCKET GUIDE HIPAA Privacy Policies & Procedures Table of Contents I. Clinical Policies A. Accounting of Disclosures...Pg 6 B. De-Identification of Information...Pg 7 C. Facility Directory...Pg
More informationADMINISTRATIVE MANUAL
ADMINISTRATIVE MANUAL Policy Number: P-46 Approved by: Executive Leadership Team Issue Date: 11/2004 Applies to: Downtown & Community Values: Respect People Page(s): 1 of 5 Patient Consent for Photography
More informationPrivacy and Security Training for Connecting Ontario. PACE Cardiology April, 2017
Privacy and Security Training for Connecting Ontario PACE Cardiology April, 2017 Session Goals By the end of this session you will: Review key elements of privacy protection Know your privacy obligations
More informationNOTICE OF PRIVACY PRACTICES
NOTICE OF PRIVACY PRACTICES Effective Date: 2013 Wisconsin Dental Association (800) 243-4675 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS
More informationNOTICE OF PRIVACY PRACTICES
THIS NOTICE OF PRIVACY PRACTICES ( NOTICE ) DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED, AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY. Respect for
More informationHIPAA PRIVACY NOTICE
HIPAA PRIVACY NOTICE PLEASE REVIEW THIS NOTICE CAREFULLY. IT DESCRIBES HOW YOUR MEDICAL INFORMATION MAY BE USED AND DISCLOSED AND HOW YOU MAY GAIN ACCESS TO THAT INFORMATION. POLICY STATEMENT This Practice
More informationNOTICE OF PRIVACY PRACTICES
Effective 10-9-2013 This notice of privacy practices describes how Family Chiropractic Health Care manages and protects your personal information. THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU
More informationHealth Insurance Portability and Accountability Act (HIPAA)
HIPPA Review Health Insurance Portability and Accountability Act (HIPAA) What is HIPAA: Stands for Health Insurance Portability and Accountability Act Addresses three areas: 1. Insurance portability 2.
More informationAssociates in ear, nose, throat/ Head & Neck surgery, pllc
Associates in ear, nose, throat/ Head & Neck surgery, pllc Notice of Privacy Practices for Protected Health Information Associates in Ear, Nose & Throat (ENT) is providing this Notice to comply with the
More informationNew Patient Information
New Patient Information PATIENT INFORMATION M / F Last Name First Name Middle Name Suffix- Jr, Sr, etc. Mr, Mrs, Ms, Dr Sex Date of Birth Social Security Number Alias- Nickname (Last, First, Middle) Permanent
More informationNotice of HIPAA Privacy Practices Updates
Notice of HIPAA Privacy Practices Updates The following is a summary of the updates to the privacy notice for Meridian Hospitals Corporation, Meridian Home Care Services, Inc., Meridian Nursing & Rehabilitation,
More informationHIPAA Privacy & Security Training
HIPAA Privacy & Security Training for Clinicians Introduction As a clinician at Duke Medicine, you have direct access to patients and patient information and a legal and ethical obligation to protect patient
More informationINFORMED CONSENT FOR TREATMENT
INFORMED CONSENT FOR TREATMENT I (name of patient), agree and consent to participate in behavioral health care services offered and provided at/by Children s Respite Care Center, a behavioral health care
More informationSlide 1 WHO IS THE CLIENT? WHO CONTROLS THE RECORD? ETHICS AND HIPAA. Slide 2. Slide 3. The Four As of Ethical Practice
Slide 1 WHO CONTROLS THE RECORD? ETHICS AND HIPAA 22 nd Oklahoma Child Abuse & Neglect Conference Norman, Oklahoma, on September 4, 2014 Dr. Arlene B. Schaefer, Ph.D. Forensic and Clinical Psychology Oklahoma
More informationNOTICE OF PRIVACY PRACTICES
NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY. WHY ARE YOU GETTING
More informationTHE CHILDREN S INSTITUTE OF PITTSBURGH NOTICE OF PRIVACY PRACTICES
THE CHILDREN S INSTITUTE OF PITTSBURGH NOTICE OF PRIVACY PRACTICES Effective Date: October 30, 2006 Revised: July 24, 2013 Revised: January 18, 2016 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT
More informationCompliance with Personal Health Information Protection Act
Compliance with Personal Health Information Protection Act Ontario s Personal Health Information & Protection Act (PHIPA) governs the collection, use and disclosure of personal health information by midwives
More informationJohns Hopkins Notice of Privacy Practices for Health Care Providers
Johns Hopkins Notice of Privacy Practices for Health Care Providers This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please
More information