Privacy and Security Compliance: The. Date Presenter Name of Member Organization
|
|
- Isabella Charles
- 6 years ago
- Views:
Transcription
1 Privacy and Security Compliance: The Basics Date Presenter Name of Member Organization
2 Privacy and Security Compliance: The Context for What We Do Privacy and Security compliance within (your office) is grounded in Mission, Core Values, and Standards of Conduct. Respect Justice Compassion Excellence Stewardship Supporting Right Relationships We support each other; we are all accountable; we are continuous learners It can take a life-time to gain a person s trust but only a moment to lose it. 2
3 Expected Behaviors Comply with policies regarding appropriate access of patient information, in keeping with federal and state regulations and Trinity Health policy. Know your accountability under the Confidentiality and Network Access Agreement. Know how to appropriately use and disclose patient and business sensitive information. Demonstrate awareness of privacy compliance regulations related to the discussion of patient care activity within/outside the clinical care setting. 3
4 Expected Behaviors Know the appropriate ways to send patient or business sensitive information, including: - securing s sent outside Trinity network - verifying fax numbers and retrieving mis-directed faxes - appropriately labeling in-house and outside mail Follow designated procedures for appropriate disposal of paper and plastic containing PHI 4
5 Expected Behaviors Follow appropriate security safeguard practices, regarding: Passwords and log-in Identity badges and access codes Mobile devices and documents containing patient or business sensitive information Demonstrate appropriate use of social networking (Face Book,Texting,Twitter, You Tube, etc.): Your patient care and/or business-sensitive information is NOT to be discussed on social network sites. Demonstrate respect for the dignity of patients and families at all times. 5
6 Accountability under Confidentiality and Network Access Agreement Confidentiality and Network Access Agreement - A confidentiality agreement requires that all Workforce Members who need routine access to PHI or business-sensitive information read, sign and abide by the terms and conditions set forth in the Agreement - Violation of any part of the Agreement is subject to corrective action, up to and including termination of employment, as well a civil sanctions and/or criminal penalties 6
7 What is Protected Health Information (PHI)? PHI is information that: Identifies an individual Relates to the individual s health, health care treatment, or health care payment Is maintained or disclosed Electronically On paper Orally 7
8 What is identifiable PHI? PHI is considered to be identifiable if it contains any of the following specific identifiers of the individual and his/her relatives, employers, or household members, including: - Names - Account # - Street Address - Certificate/License # - Dates (birth, DOS) - Vehicle ID - Telephone/Fax - Device ID - - URLs - SS # - IP Address - MR # - Full face/biometric ID - Health plan # - Any unique identifier - Diagnosis - Procedures - Medications - Physician name & specialty - Location of Service (e.g., FMC, CCC, ICU) - Service Type (e.g., radiology, in-patient) -Test Results - Amount charged and paid 8
9 Appropriate Use and Disclosure of PHI Use of PHI means the sharing, using, analysis, and/or examination of PHI internally (i.e., within your office s internal operation). Disclosure of PHI means the release, transfer, provision of, or access to PHI externally (i.e., outside your office s internal operation.) HIPAA protects PHI that is: Spoken or recorded in any form or medium Relates to the past, present, or future physical or mental health of an individual Relates to the provision of health care to an individual Relates to the past, present, or future payment for provision of health care to an individual 9
10 PHI and Incidental Disclosure Incidental disclosure is secondary use or disclosure that: is limited in nature can not reasonably be prevented occurs as a result of another use or disclosure that is permitted by the Privacy Rule For example, some patient information may be seen or overheard incidentally in a clinical setting (E.g., ED, registration area, lab areas, waiting rooms, nurses station). While this type of disclosure may be secondary or unavoidable, every effort must be made to limit and control the amount of patient information that is visible or able to be overheard in and around patient care areas. E.g., Close doors Draw privacy curtains Keep voice at appropriate level Avoid discussions in hallways, outside patient bays, outside patient rooms, and around the nurses station if at all possible Avoid using patient names, if possible Avoid answering pages/calls in public places if at all possible Use password protection for computers that contain PHI Use locked bins when disposing of paper that contains PHI 10
11 PHI and Inappropriate Disclosure Inappropriate disclosure of PHI or business sensitive information includes social networks sites such as Face Book, My Space, You Tube; twittering; texting; and blog sites. These sites are unencrypted. Work-related comments posted on these sites can put the patient, [your office) and the employee at great risk. Even if you have a business/clinical reason for disclosing patient information, you should not share patient information using methods that are not Trinity Health approved E.g., Using your personal or cell phone to send/text patient care or business related information Caution: Remember that, in rare cases, inappropriate disclosure of even one PHI item could be considered a privacy breach. E.g., you may have a patient with a very unusual diagnosis. Referring to the patient only in terms of the diagnosis, without using the patient s name or location in the facility, potentially could be enough to identify that patient and constitute a privacy breach. 11
12 Discussion of Patient Information NEVER ASSUME: Just because a patient has someone with them a family member, a friend, a neighbor, a ride health care providers, including physicians, may not assume that it s okay to discuss the patient s situation with that person, or speak with the patient in front of that person. Verify with the patient that it s okay to discuss his/her case/treatment with the relative or friend (assuming the patient is conscious and competent.) Indicate to family/visitors that you need to discuss care issues with the patient in private and politely ask them to step out. (This gives patients the opportunity to say it s okay for the people to stay without putting them in an awkward position of having to ask the person to leave if they want a private conversation.) RESTRICTIONS: Patients have a right to restrict persons with whom you can share their patient information. PUBLIC SPACES: Discussions about patients should not take place in major hallways, stairwells, elevators, cafeteria, lobbies, or any general public place. SOCIAL NETWORKS: Discussions about patients and/or your work-related activity should not be posted on your Face Book page or by way of other social networking. STATUS REPORTS: Physicians or other staff who report patient status to families - may need a friendly reminder that, if at all possible, they should avoid discussing the outcome of procedures with patients or patient representatives in public places (waiting rooms, hallways, doorways of patient rooms). If there is no private place available, politely remind them to try and find a corner away from other people and keep their voices at a moderate level. 12
13 Discussion of Patient Information (Scenario) [Consider inserting a reference to a key privacy practice or procedure at your office that works well, or present an example of a incident/investigation at your office that came out well or not ] 13
14 Minimum Necessary: The Information You Need to Do Your Job Minimum Necessary limits the amount of information that is accessed, used, disclosed or requested to: The amount of patient information you need to carry out your job responsibilities ( need to know ) The amount of information a requesting party needs to carry out their job responsibilities, E.g. Law enforcement asks you for information related to a patient in ICU who was involved in a shooting incident; A long term care facility asks for a copy of the chart of a patient in rehab who is being transferred to their facility; A physician office asks for a copy of the chart of a patient who has been referred to their office for a consult. Each of these requests is legitimate but the amount of information you may disclose in each instance may vary. Note that Minimum Necessary limitations do not apply to treatment. Follow (your office) procedures and/or check with [name of your privacy officer or office manager] if you have questions or concerns about Minimum Necessary and appropriate access of patient information. 14
15 Minimum Necessary and Inappropriate Access Accessing patient information if you do not have a legitimate treatment/business need to do so can be both a privacy and security violation. Such inappropriate access includes: Accessing PHI of family, friends, or your personal PHI; Accessing and/or sharing patient information about coworkers out of care, curiosity or concern; Accessing information on VIPs or high profile patients even if their information is discussed in the news media. Accessing patient information that you do not need to do your job is a violation of Minimum Necessary and considered to be inappropriate access. Violation of Minimum Necessary may involve disciplinary action up to and including termination of employment. 15
16 Disposal of Patient/Business Information Disposal of Paper/Plastic Containing PHI or Business Sensitive Information - All confidential paper and plastic should be put in the appropriate confidential trash bins. [Insert information on where your confidential trash bins are and any other pertinent information about disposing of confidential paper/plastic at your office.] 16
17 Security Safeguards Workforce Members must comply with Trinity Health Enterprise Wide Security polices related to use of passwords, log-on/off, screen savers, access to records, role-based access and related security procedures. Workforce Members must abide by the (Trinity) Confidentiality and Network Access Agreement that addresses access to and use of Trinity Health network/information system and patient and business sensitive information. 17
18 Security Safeguards Passwords All passwords must be kept confidential: - NEVER share your password - NEVER post your password in public view - NEVER use someone else s password to log-in Access Codes/Security Badges - Use access codes only for work purposes - Never share an access code/your badge - Make sure doors are secure - Do not let people into a unit/building with your access code/badge 18
19 Security Safeguards Faxes Mail All faxes of patient information must contain a cover sheet and be filed in the patient s chart. Mis-directed faxes should be retrieved as soon as possible Verify, verify, verify the fax number/receipt of fax Fax machines, printers, copy machines should be out of public view When sending mail containing PHI through interoffice mail, remember to place the document in a secure envelope and clearly label it as to the sender and the recipient 19
20 Security Safeguards Mobile devices When transporting laptops, reports with patient information, documents containing business sensitive information protect the item as you would your wallet. Laptops should be locked in your car trunk if you have to leave your car. When in your home, they should be kept in a secure place. Secure mobile devices, digital cameras, in a locked office or cabinet in your unit/department when not in use. 20
21 Reporting Incidents, Complaints or Concerns Associates are required to report concerns they may have about potential privacy and security violations to their manager/supervisor, Privacy or Information Security Officials. [Insert names and contact information of appropriate persons in your office. 21
22 Civil and Criminal Penalties It s important to keep in mind that privacy and security violation may include civil and criminal penalties. There are frequently examples in the media Individuals (e.g., associates, physicians, Business Associate employees) who wrongfully disclose patient information can be prosecuted and potentially face jail time and monetary fines. Civil penalties can be applied to organizations and/or individuals and can range from $100-$50,000 per violation Criminal penalties can also be applied to individuals 22
23 Take Away If you remember nothing else from this presentation, remember these key points: The little things you do to protect patient information really do matter. Most privacy incidents are not the result of malicious intent. They result from associates with good intentions forgetting where the (sometimes gray) line between work and personal life begins and ends. When in doubt about accessing, using, or disclosing patient information ask you supervisor or privacy official for guidance. It s not OK to access patient information, your own or someone else's (whether you know them of not) out of care, curiosity or concern. You need a business or clinical reason to access patient information. Contact [insert name of your Privacy Official] or your supervisor when you have a concern about patient privacy or how information should be handled and protected in your department. 23
Privacy and Security For Teammates
Privacy and Security For Teammates This self-directed learning module contains information all CRHS Teammates are expected to know in order to protect our patients, our guests, and ourselves. Target Audience:
More informationMCCP Online Orientation
1 Objectives At the conclusion of this presentation, students will be able to: Discuss application of HIPAA to student s role. Describe the federal requirements of the HIPAA/HITECH regulations that protect
More informationHIPAA Training
2011-2012 HIPAA Training New Hire Orientation and General Training 1 This training is to ensure all Health Management workforce members (associates, contracted individuals, volunteers and students) understand
More informationHIPAA PRIVACY TRAINING
HIPAA PRIVACY TRAINING HIPAA Privacy Training Objective Present a general overview of HIPAA and define important terms Understand the purpose of HIPAA and the Privacy Rule Understand the term Protected
More informationStudent Orientation: HIPAA Health Insurance Portability & Accountability Act
_ Student Orientation: HIPAA Health Insurance Portability & Accountability Act HIPAA: National Privacy Law History of HIPAA What was once an ethical responsibility to protect a patient s privacy is now
More informationHIPAA Privacy Training for Non-Clinical Workforce
Office of Compliance Programs HIPAA Privacy Training for Non-Clinical Workforce Revised: January 24, 2017 HIPAA Privacy Workforce Training The Health Insurance Portability & Accountability Act (HIPAA)
More informationHIPAA Health Insurance Portability and Accountability Act of 1996
HIPAA Health Insurance Portability and Accountability Act of 1996 Protected Health Information (PHI) Covers patient information in any form written, verbal, or electronic PHI Includes Any information that
More informationWhat is HIPAA? Purpose. Health Insurance Portability and Accountability Act of 1996
Patient Privacy and HIPAA/HITECH What is HIPAA? Health Insurance Portability and Accountability Act of 1996 Implemented in 2003 Title II Administrative Simplification It s a federal law HIPAA is mandatory,
More informationSystem Office New Hire Orientation
System Office New Hire Orientation Integrity & Compliance Program Jennifer Munro, MA 2, CHC Manager, Integrity & Compliance Education, Communication & Hotline System Integrity & Audit Services munrojl@trinity-health.org
More informationHealth Insurance Portability and Accountability Act. Awareness Training for Volunteers
Health Insurance Portability and Accountability Act Awareness Training for Volunteers Southeastern Health Southeastern Health has a strong tradition of protecting the privacy of patient information. Confidentiality
More informationHIPAA and HITECH: Privacy and Security of Protected Health Information
HIPAA and HITECH: Privacy and Security of Protected Health Information What is HIPAA? Health Insurance Portability and Accountability Act of 1996 A federal law enacted to: Protect the privacy of a patient
More informationPresented by the UAMS HIPAA Office August 2013 Anita B. Westbrook
HIPAA and Social Media and other PHI Safeguards Presented by the UAMS HIPAA Office August 2013 Anita B. Westbrook Social Networking Let s Talk Facebook More than 750 million users Average user has 130
More informationAdvanced HIPAA Communications and University Relations
Advanced HIPAA Communications and University Relations accepts no liability of any use reliance placed on it, as it is warranty, express, or implied, or completeness of 1 the HIPAA Health Insurance Portability
More informationHIPAA. Health Insurance Portability and Accountability Act. Presented by the UMMC Office of Integrity and Compliance
HIPAA Health Insurance Portability and Accountability Act Presented by the UMMC Office of Integrity and Compliance Rules and Regulations to ensure Privacy Set Federally recognized standards to ensure both
More informationWHAT IS HIPAA? HIPAA is the ELECTRONIC transmission of Three programs have been enacted to date Privacy Rule April 2004
Rev. 1/22/2010 HIPAA TRAINING WHAT IS HIPAA? Health Insurance Portability and Accountability Act HIPAA is the ELECTRONIC transmission of Three programs have been enacted to date Privacy Rule April 2004
More informationSafeguarding PHI Nutrition Services. UAMS HIPAA Office May 2015
Safeguarding PHI Nutrition Services UAMS HIPAA Office May 2015 HIPAA (not HIPPA) What is HIPAA? The Health Insurance Portability and Accountability Act is a federal law that protects the privacy and security
More informationProtecting Patient Privacy It s Everyone s Responsibility
1 of 27 Protecting Patient Privacy It s Everyone s Responsibility This presentation is comprised of 27 screens. When you have finished reading a screen, click your mouse to continue to the next screen.
More informationHealth Insurance Portability and Accountability Act (HIPAA)
HIPPA Review Health Insurance Portability and Accountability Act (HIPAA) What is HIPAA: Stands for Health Insurance Portability and Accountability Act Addresses three areas: 1. Insurance portability 2.
More informationBreach Reporting and Safeguarding PHI Outpatient Services August, UAMS HIPAA Office Anita Westbrook
Breach Reporting and Safeguarding PHI Outpatient Services August, 2012 UAMS HIPAA Office Anita Westbrook Breaches and Breach Reporting Real Life Example An employee of a large hospital accidentally left
More informationHIPAA Privacy Rule. Best PHI Privacy Practices
HIPAA Privacy Rule Best PHI Privacy Practices Learning Objectives Define the acronym HIPAA. Understand your role and responsibilities under the privacy regulations. Know what patient s rights are in terms
More informationHealth Information Privacy Policies and Procedures
University of the Pacific Arthur A. Dugoni School of Dentistry Health Information Privacy Policies and s These Health Information Privacy Policies & s implement our obligations to protect the privacy of
More informationHIPAA 201: Student Self-Learning Module & Test
HIPAA 201: Student Self-Learning Module & Test Information: This self-learning module meets the HIPAA 201 competency for Students. This requirement must be met once (it is not an annual requirement). Instructions:
More informationInformation Privacy and Security
Information Privacy and Security 2015 Purpose of HIPAA HIPAA stands for the Health Insurance Portability and Accountability Act. Its purpose is to establish nationwide protection of patient confidentiality,
More informationThe University of Toledo. Corporate Compliance and HIPAA Training. Presented by: The Compliance and Privacy Office
The University of Toledo Corporate Compliance and HIPAA Training Presented by: The Compliance and Privacy Office Topics Compliance HIPAA (Health Insurance Portability and Accountability Act) FERPA( Family
More informationThe Privacy & Security of Protected Health Information
The Privacy & Security of Protected Health Information By the end of this course, you should: Be familiar with the patient s rights to privacy under HIPAA Privacy Act Be able to identify Protected Health
More informationVHA Privacy Policy Training FY VHA Privacy Office
VHA Privacy Policy Training Applicable Confidentiality Statutes and Regulations The following legal provisions govern the collection, use, maintenance, and disclosure of information from VHA records. The
More informationHIPAA Education Program
HIPAA Education Program 2017-2018 Assurance and Compliance Services HIPAA Training Requirement This HIPAA Training Program is intended for and will satisfy the training requirement for the: Mount Sinai
More informationCompliance & Privacy For Teammates
Carolinas HealthCare System 2015 Annual Continuing Education Module Compliance & Privacy For Teammates This self-directed learning module contains information all Carolinas HealthCare System Teammates
More informationCompliance & Privacy For Teammates
Carolinas HealthCare System 2014 Annual Continuing Education Module Compliance & Privacy For Teammates This self-directed learning module contains information all Carolinas HealthCare System Teammates
More informationFailure to comply may result in WU being liable for civil and criminal penalties under the HIPAA regulations.
HIPAA Privacy Procedure #1 Effective Date: April 14. 2003 Reviewed Date: February, 2011 Accountabilities for Compliance to HIPAA Privacy Revised Date: February, 2011 Rules Scope: Radiation Oncology ************************************************************************************************
More informationCompliance Program, Code of Conduct, and HIPAA
Compliance Program, Code of Conduct, and HIPAA Agenda Introduction to Compliance The Compliance Program Code of Conduct Reporting Concerns HIPAA Why have a Compliance Program Procedures to follow applicable
More informationUSES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION: HIPAA PRIVACY POLICY
Page Number 1 of 8 TITLE: PURPOSE: USES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION: HIPAA PRIVACY POLICY To assure that individually identifiable health information contained in any University Health
More informationStudy Management PP STANDARD OPERATING PROCEDURE FOR Safeguarding Protected Health Information
PP-501.00 SOP For Safeguarding Protected Health Information Effective date of version: 01 April 2012 Study Management PP 501.00 STANDARD OPERATING PROCEDURE FOR Safeguarding Protected Health Information
More informationQUESTIONS. Print Student s/faculty Name: Date of Test Completion: Site of Experience: School/University: Semester:
2017 - QUESTIONS Print Student s/faculty Name: Date of Test Completion: Site of Experience: School/University: Semester: Instructions: Read each question, write an answer on space provided, and return
More informationA general review of HIPAA standards and privacy practices 2016
A general review of HIPAA standards and privacy practices 2016 45 CFR, 164 Health Insurance Portability and Accountability Act Treatment, Payment and Healthcare Operations 42 CFR, Part 2, Confidentiality
More informationUpdated FY15 Dignity Health General Compliance Education for Staff Module 2
Updated FY15 Dignity Health General Compliance Education for Staff Module 2 This course will provide you with important information about the laws and regulations that affect the healthcare industry, our
More informationPrivacy and Security Orientation for Visiting Observers. DUHS Compliance Office
Privacy and Security Orientation for Visiting Observers DUHS Compliance Office 919-668-2573 compliance@dm.duke.edu Introduction This orientation is to provide new Visiting Observers with the HIPAA Privacy
More informationCLINICIAN S GUIDE TO HIPAA PRIVACY
CLINICIAN S GUIDE TO HIPAA PRIVACY Introduction... 2 What is HIPAA?... 2 Health Information Privacy... 2 Protected Health Information... 3 Identifiers... 3 HIPAA s Impact on Clinical Practice, Treatment,
More informationHIPAA Privacy & Security Training
HIPAA Privacy & Security Training for Nonclinicians Introduction As a Duke Medicine workforce member you may have access to patients and patient information and you have a legal and ethical obligation
More informationENTERPRISE INCOME VERIFICATION (EIV) SECURITY POLICY
ENTERPRISE INCOME VERIFICATION (EIV) SECURITY POLICY Rev. October 2011 EIV Security Policy Acknowledgment Form By signing this form I acknowledge my receipt of the EIV System Security Policy approved by
More informationTitle: HIPAA PRIVACY ADMINISTRATIVE
Administrative-HIPAA Privacy Title: HIPAA PRIVACY ADMINISTRATIVE Scope: All MultiCare Health System (MHS) workforce members, which includes but not limited to, employees, residents, students, volunteers
More informationIt defines basic terms and lists basic principles that all LSUHSC-NO faculty, staff, residents and students must understand and follow.
Office of Compliance Programs Revised: July 18, 2017 HIPAA Privacy HIPAA Privacy Workforce Training The Health Insurance Portability & Accountability Act (HIPAA) requires that the University train all
More informationValley Regional Medical Center HIPAA AND HITECH EDUCATION
Valley Regional Medical Center HIPAA AND HITECH EDUCATION Privacy and Security of Protected Health Information 1 HIPAA and Its Purpose What is HIPAA? Health Insurance Portability and Accountability Act
More informationCompliance & Privacy Post Test
Compliance & Privacy Post Test 1. One of your family members recently had a procedure at the CHS facility where you work. You want to find out the results. What should you do? a. Use your access rights
More informationHIPAA Privacy & Security Training
HIPAA Privacy & Security Training for Clinicians Introduction As a clinician at Duke Medicine, you have direct access to patients and patient information and a legal and ethical obligation to protect patient
More informationEast Carolina University 2010 Annual HIPAA Privacy Training
East Carolina University 2010 Annual HIPAA Privacy Training What are the HIPAA Privacy and Security Rules? Federal laws that govern the use and disclosure of health information of our patients and research
More informationHIPAA PRIVACY DIRECTIONS. HIPAA Privacy/Security Personal Privacy. What is HIPAA?
DIRECTIONS HIPAA Privacy/Security Personal Privacy 1. Read through entire online training presentation 2. Close the presentation and click on Online Trainings on the Intranet home page 3. Click on the
More informationNew Employee Orientation HIPAA Privacy. Marcia Matthias, MJ, RHIA, CHPC Corporate Director, Health Information/Privacy Officer
New Employee Orientation HIPAA Privacy Marcia Matthias, MJ, RHIA, CHPC Corporate Director, Health Information/Privacy Officer Definitions HIPAA Health Insurance Portability and Accountability Act PHI Protected
More informationHIPAA is the Health Insurance Portability and Accountability Act
HIPAA is the Health Insurance Portability and Accountability Act It is a federal law that Protects the privacy of a patient s personal and health information Provides for electronic and physical security
More informationYour Role in Protecting Patient Privacy 2018
Your Role in Protecting Patient Privacy 2018 1 Training Focus This training will focus on what responsibilities you have in order to ensure that both you and our organization are in compliance with state
More informationWilliamson County EMS (WCEMS) HIPAA Training for Third Out Riders
Williamson County EMS (WCEMS) HIPAA Training for Third Out Riders Training Statement: This training program is designed to educate you on WCEMS legal requirements to protect our patients rights and confidentiality,
More informationHIPAA THE PRIVACY RULE
HIPAA THE PRIVACY RULE Reviewed December 2012 HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of antidepressant medications in their mail. 2 HISTORY Many
More informationSTUDENT VOLUNTEER APPLICATION *Minimum Age for volunteers is 16*
STUDENT VOLUNTEER APPLICATION *Minimum Age for volunteers is 16* CONTACT INFORMATION Name: Date: Address: Home Phone: Cell Phone: Email: Over 16? Over 18? EMERGENCY CONTACT INFORMATION Emergency Contact:
More informationChapter 9 Legal Aspects of Health Information Management
Chapter 9 Legal Aspects of Health Information Management EXERCISE 9-1 Legal and Regulatory Terms 1. T 2. F 3. F 4. F 5. F EXERCISE 9-2 Maintaining the Patient Record in the Normal Course of Business 1.
More informationProtecting PHI for Clinical Staff and Students
Office of Compliance Programs Protecting PHI for Clinical Staff and Students Revised: July 24, 2017 Introduction HIPAA requires that LSUHSC-NO "have in place appropriate administrative, technical, and
More informationAUDIT DEPARTMENT UNIVERSITY MEDICAL CENTER HIPAA COMPLIANCE. For the period October 2008 through May JEREMIAH P. CARROLL II, CPA Audit Director
UNIVERSITY MEDICAL CENTER HIPAA COMPLIANCE For the period October 2008 through May 2009 JEREMIAH P. CARROLL II, CPA Audit Director Audit Department 500 S Grand Central Pkwy Ste 5006 PO Box 551120 Las Vegas
More informationHOW TO MAINTAIN A LAB NOTEBOOK- RECORD KEEPING AND HIPAA. Fern Tsien, PhD Department of Genetics LSUHSC
HOW TO MAINTAIN A LAB NOTEBOOK- RECORD KEEPING AND HIPAA Fern Tsien, PhD Department of Genetics LSUHSC Type and Format Check with your mentor if he/she requires a specific format depending on the type
More informationWhat is Social Networking?
Social Networking 9/25/2012 1 What is Social Networking? Blogging type of website maintained by an individual with regular entries of commentary, description of events or other material such as graphics
More informationWhat is Social Networking?
Social Networking 9/25/2012 1 What is Social Networking? Blogging type of website maintained by an individual with regular entries of commentary, description of events or other material such as graphics
More informationOSHA & HIPAA Seminar. Northern Texas Facial & Oral Surgery
OSHA & HIPAA Seminar Sponsored By Northern Texas Facial & Oral Surgery April 11, 2014 Power Point Slides For The Course Power Point handout slides are provided for your use during the lecture. Bring these
More informationWhat is your start date? (Date in which you plan to begin seeing patients in the hospital). Specialty SECTION I. IDENTIFICATION DATA
This Application is for Non-employed Clinical Assistants (RN, dental assistant, orthotist, etc) who wish to assist a supervising physician at one or more of our facilities. Advanced Practice Nurses (CRNA,
More information2018 Employee HIPAA Orientation (EHO) Handbook
2018 Employee HIPAA Orientation (EHO) Handbook Using EHO The material in this booklet is designed to provide newly hired employees with an understanding of HIPAA s regulations and their impact on the employee
More informationReturning Volunteer Application
Returning Volunteer Application Office Use Only Application Received Brenda LeBlanc, Volunteer Coordinator 978-683-4000 x2645 Brenda.leblanc@lawrencegeneral.org Welcome! Returning Volunteers, Before returning,
More informationHIPAA Privacy Test Overview
HIPAA Privacy Test Overview We have developed a short test as an adjunct to your HIPAA training. The test has 22 questions and should take approximately 10-20 minutes to complete. It may be used in many
More informationInternship Application x2645
Internship Application 978-683-4000 x2645 Office Use Only Application Received Interview Orientation CORI TB1 TB2 Pin # Entered in Volgistics FLU PERSONAL INFORMATION First Name Last Name Street Address
More informationINFORMATION ABOUT CHILDREN S MERCY HOSPITALS AND CLINICS
INFORMATION ABOUT CHILDREN S MERCY HOSPITALS AND CLINICS The purpose of this brochure is to provide you with a brief orientation to Children s Mercy Hospitals and Clinics. It provides important information
More informationREFERENCES: (If applying to assist with religious activities, please include a member of the clergy as a reference.)
BRRJA APPLICATION FOR VOLUNTEER SERVICES SITE: AA NA Academic Religious Other DATE: FULL NAME: Last First Middle HOME ADDRESS: Street City State Zip PHONE: Home Cell Work EMAIL ADDRESS: EDUCATION: HS Degree
More informationPROTECTING PATIENT PRIVACY IS NOT ONLY
HIPAA POCKET GUIDE HIPAA Privacy Policies & Procedures Table of Contents I. Clinical Policies A. Accounting of Disclosures...Pg 6 B. De-Identification of Information...Pg 7 C. Facility Directory...Pg
More informationYale University. HIPAA PRIVACY FAQs
HIPAA PRIVACY FAQs Table of Contents I. PRIVACY FUNDAMENTALS I- 4 WHAT IS HIPAA? WHAT IS HITECH? WHO NEEDS TO ABIDE BY HIPAA? ARE THERE PENALTIES FOR NOT COMPLYING? WHAT IS PHI? WHAT IDENTIFIES AN INDIVIDUAL?
More informationVCU Health System PatientKeeper Connect. Request Instructions
VCU Health System PatientKeeper Connect Request Instructions Remote Clinical User 1. Complete pages 2, 4, and 5. All items are required. 2. Have your Site Supervisor complete and sign page 3. 3. Send forms
More informationHIPAA Privacy Rights and Operations Guide HIPAA Security Summary For the Practice of: Vail Aspen Breckenridge Dermatology
HIPAA Privacy Rights and Operations Guide HIPAA Security Summary For the Practice of: Vail Aspen Breckenridge Dermatology Publish Date: 1/2/2018 This guide has been created to serve Vail Aspen Breckenridge
More informationInformation Sharing and HIPAA Compliance
Information Sharing and HIPAA Compliance The Health Insurance Portability and Accountability Act (HIPAA) became a federal law in 1996 and it is administered by the Department of Health and Human Services
More informationAPPLICATION FOR RESEARCH REQUESTING AN IRB WAIVER OF CONSENT AND HIPAA AUTHORIZATION
FORM W/H-01 APPLICATION FOR RESEARCH REQUESTING AN IRB WAIVER OF CONSENT AND HIPAA AUTHORIZATION Research for which this form is appropriate generally involves only existing patient records or specimens.
More informationSCHOOL OF PUBLIC HEALTH. HIPAA Privacy Training
SCHOOL OF PUBLIC HEALTH HIPAA Privacy Training Public Health and HIPAA This presentation will address the HIPAA Privacy regulations as they effect the activities of the School of Public Health. It is imperative
More informationLifeBridge Health HIPAA Policy 4. Uses of Protected Health Information for Research
LifeBridge Health HIPAA Policy 4 Uses of Protected Health Information for Research This Policy contains the following Sections: I. Policy II. III. IV. Definitions Applicability Procedures A. Individual
More informationFCSRMC 2017 HIPAA PRESENTATION
FCSRMC 2017 HIPAA PRESENTATION BDO USA, LLP, a Delaware limited liability partnership, is the U.S. member of BDO International Limited, a UK company limited by guarantee, and forms part of the international
More informationHIPAA Privacy Policies & Procedures Table of Contents
HIPAA POCKET GUIDE HIPAA Privacy Policies & Procedures Table of Contents I. Clinical Policies A. Accounting of Disclosures..Pg 6 B. De-Identification of Information..Pg 7 C. Facility Directory...Pg 7
More informationAccessing HEALTHeLINK
Accessing HEALTHeLINK HEALTHeLINK can be accessed through the at www.wnyhealthecommunity.com or www.wnylink.com or you will be redirected from your saved link. Enter your and to open
More informationINFORMATION ABOUT Children s Mercy Hospitals and Clinics for our Affiliates
INFORMATION ABOUT Children s Mercy Hospitals and Clinics for our Affiliates The purpose of this brochure is to provide you with a brief orientation to Children s Mercy Hospitals and Clinics. It provides
More informationSUMMARY OF NOTICE OF PRIVACY PRACTICES
LAKE REGIONAL MEDICAL GROUP 54 HOSPITAL DRIVE OSAGE BEACH, MO 65065 SUMMARY OF NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU
More informationWELCOME. Payment will be expected at the time of service. Please remember our 24 hour cancellation notice.
WELCOME Those of us at Crossroads Counseling want to thank you for choosing to work with us and we want to make your time with us as productive as possible. In order to expedite the intake process, please
More informationEmergency Medical Treatment and Active Labor Act (EMTALA) AUDIT GUIDE
Emergency Medical Treatment and Active Labor Act (EMTALA) AUDIT GUIDE Audit Criteria Audit Date: June 2010 Review: Review policy and procedures for emergency room services. Review of the transfer documentation,
More informationNational Health Information Privacy and Security Week. Understanding the HIPAA Privacy and Security Rule
National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule HIPAA Privacy and Security HIPAA Privacy Rule Final implementation April 14, 2003 Today: Monitor
More informationSlide 1 WHO IS THE CLIENT? WHO CONTROLS THE RECORD? ETHICS AND HIPAA. Slide 2. Slide 3. The Four As of Ethical Practice
Slide 1 WHO CONTROLS THE RECORD? ETHICS AND HIPAA 22 nd Oklahoma Child Abuse & Neglect Conference Norman, Oklahoma, on September 4, 2014 Dr. Arlene B. Schaefer, Ph.D. Forensic and Clinical Psychology Oklahoma
More informationCompliance and Privacy/Security Training Academic Year
Compliance and Privacy/Security Training Academic Year 2017-18 Dear Student, Welcome to UConn Health. This training packet includes a general overview of compliance principles, UConn Health s Compliance
More informationHEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT INSTRUCTIONS Read through this presentation. Submit completed post test to the Portage County MRC Coordinator. Estimated completion time: 1 hour Learning
More informationFEDERAL AND STATE BREACH NOTIFICATION LAWS FOR CALIFORNIA
FEDERAL AND STATE BREACH NOTIFICATION LAWS FOR CALIFORNIA LEGAL CITATION California Civil Code Section 1798.82 California Health and Safety (H&S) Code Section 1280.15 42 U.S.C. Section 17932; 45 C.F.R.
More informationHIPAA Privacy Regulations Governing Research
HIPAA Privacy Regulations Governing Research HIPAA Health Insurance Portability and Accountability Act In a Nutshell The Privacy Regulations govern a provider s use and disclosure of health information
More informationHIPAA Privacy & Security
POWERCHART ACCESS REQUEST FORM Instructions: Complete this form for users who are not employed by St. Dominic-Jackson Memorial Hospital that will access St. Dominic Hospital s electronic health record.
More informationYALE UNIVERSITY THE RESEARCHERS GUIDE TO HIPAA. Health Insurance Portability and Accountability Act of 1996
YALE UNIVERSITY THE RESEARCHERS GUIDE TO HIPAA Health Insurance Portability and Accountability Act of 1996 Handbook Table of Contents I. Introduction What is HIPAA? What is PHI? What is a Covered Entity
More informationDESK OPERATIONS COORDINATOR HIRING DOCUMENT
DESK OPERATIONS COORDINATOR HIRING DOCUMENT 2016-17 HOUSING & RESIDENTIAL EDUCATION MISSION AND VALUES Housing & Residential Education (HRE) creates an environment where students become responsible members
More informationSouthwest Acupuncture College /PWFNCFS
Southwest Acupuncture College /PWFNCFS This replaces policies in the catalogue and any other documents to date. Boulder Santa Fe TABLE OF CONTENTS STATEMENT OF PURPOSE... 1 I. RIGHT TO A NOTICE OF PRIVACY
More informationINVESTIGATION REPORT
Prince Albert Co-operative Health Centre Community Clinic March 27, 2018 Summary: A patient and her spouse attended the Prince Albert Co-operative Health Centre Community Clinic (the Clinic) for lab services
More informationBON SECOURS DEPAUL MEDICAL CENTER
BON SECOURS DEPAUL MEDICAL CENTER 150 Kingsley Lane, Norfolk Virginia 23505 Main Number: 757-889-5000 Volunteer Office: 757-889-5340 VOLUNTEER SERVICES Orientation Agenda I. Welcome II. Objective TO BE
More informationNavigating HIPAA Regulations. Michelle C. Stickler, DEd Director, Research Subjects Protections
Navigating HIPAA Regulations Michelle C. Stickler, DEd Director, Research Subjects Protections mcstickler@vcu.edu 828-0131 Key Definitions Covered Entity: Organization that handles identifiable health
More informationPatient Privacy Requirements Beyond HIPAA
Patient Privacy Requirements Beyond HIPAA Jane Hyatt Thorpe, J.D. School of Public Health and Health Services George Washington University Carrie Bill, J.D. Feldesman Tucker Leifer Fidell LLP The George
More informationNOTICE OF PRIVACY PRACTICES
NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY. WHY ARE YOU GETTING
More informationSocial Media IUSM-GME-PO-0031
Social Media IUSM-GME-PO-0031 FULL POLICY CONTENTS Scope Reason for Policy Policy Statement Procedures Definitions ADDITIONAL DETAILS Implementation Oversight Additional Contacts Forms Related Information
More informationTHE JOURNEY FROM PHI TO RHI: USING CLINICAL DATA IN RESEARCH
THE JOURNEY FROM PHI TO RHI: USING CLINICAL DATA IN RESEARCH Helenemarie Blake, Esq. Chief Privacy Officer, Interim Office of HIPAA & Privacy Security August 2016 SCENARIO You are putting a study together
More information(PLEASE PRINT) Sex M F Age Birthdate Single Married Widowed Separated Divorced. Business Address Business Phone Cell Phone
(PLEASE PRINT) Emma Warner, MSW, LCSW, ACSW Tulsa, OK 74105 (918) 749-6935 Personal Information Name Address Last Name First Name Initial Home Phone Soc. Sec. # City State Zip Sex M F Age Birthdate Single
More information