HIPAA & PRIVACY TRAINING FOR HEALTH PROFESSIONALS: Part 1 Denise M. Hill, JD, MPA
|
|
- Berniece Austin
- 6 years ago
- Views:
Transcription
1 HIPAA & PRIVACY TRAINING FOR HEALTH PROFESSIONALS: Part 1 Denise M. Hill, JD, MPA 2016 Denise M. Hill & CEI, Photos used Creative Commons. Disclosure & Disclaimer DISCLOSURE Denise Hill reports no actual or potential conflicts of interest associated with this presentation. DISCLAIMER Due to limitations and the nature of this program please understand that printed material and oral presentations or other data presented are not intended to be a definitive analysis of the subjects discussed. Users are cautioned that situations involving healthcare law questions are unique to each individual circumstance, and the facts of each situation will dictate a different set of considerations and varying results. Material contained on this site or listed as a reference is a general review of the issues, and must not be considered as a substitute for advice from your attorney on your own independent situations. 1
2 Always Be Prepared 1. Read assigned readings 2. Access and bring policies, procedures & other guidelines you are subject to 3. Remember that you must also be familiar with the privacy laws and licensing regulations in the state you practice. Photo by IPKat licensed By this CC BY 2.0 UK Training Objectives To meet privacy training requirements and ensure that you understand: 1. Your responsibilities to safeguard protected health information ( PHI ) in: oral written and electronic formats 2. The role and function of your organization s privacy policies and procedures 3. What you should do if PHI is disclosed without authorization 4. The ramifications for you and the organization for inappropriate disclosure 2
3 Learning Objectives Upon successful completion of this activity, participants should be able to: 1. List the major components of HIPAA 2. Define protected health information 3. Describe the HIPAA minimum necessary requirement 4. Determine when PHI can be disclosed 5. Apply lessons learned and institutional policies to case scenarios PART I HIPAA Training for Health Professionals Denise Hill, JD, MPA Health Law Program Director, Drake Law School Photo by The Art of Not Being Governed is licensed under CC BY-NC-SA 4.0 3
4 Why should you care about Privacy? Patient Impact Stigma & Discrimination Embarrassment Lose trust Lack of compliance Financial Disadvantage Ethics Your License is at stake Essential Job Skill Liability It s the Law HIPAA State Photo by Cato Institute is licensed under CC BY-NC 3.0. Privacy Duties in Healthcare Hippocrates Common law Contracts Ethics State Law Licensing Board Federal Law 4
5 Codes of Ethics Examples American Pharmaceutical Association Code of Ethics: With a caring attitude and a compassionate spirit, a pharmacist focuses on serving the patient in a private and confidential manner. (emphasis added) The American Medical Association Code of Ethics: WHAT DOES THE CODE OF ETHICS FOR YOUR PROFESSION SAY? A physician shall safeguard patient confidences and privacy within the constraints of the law. (emphasis added) State Licensing Boards Know the laws & Board regulations: for your profession AND in your state of practice! 5
6 Licensing Board Examples Iowa Board of Pharmacy Rules 657 I.A.C. 8.11(4) Nonconformance with law. A pharmacist, technician, support person, or pharmacist intern shall not knowingly serve in a pharmacy which is not operated in conformance with law, or which engages in any practice which if engaged in by a pharmacist would be unethical conduct. 8.11(8) Unprofessional conduct or behavior. A pharmacist shall not exhibit unprofessional behavior in connection with the practice of pharmacy or refuse to provide reasonable information or answer reasonable questions for the benefit of the patient. HIPAA Health Insurance Portability and Accountability Act of 2003 Several components privacy, security, transactions and code sets, uniform identifiers GOAL was to ensure that providers and plans NOT use or disclose an individual s health information except for Treatment, Payment, or Regular Health Care Operations 6
7 HIPAA/HITECH Omnibus Rule (January 25, 2013) New Terms Makes HIPAA provisions apply to BA Can now file complaint directs with HHS or State AG Marketing Fundraising Breach Shift in burden of proof PRIVACY PRE EMPTION: Who rules State or Federal Government? If state privacy laws are contrary to the HIPAA Privacy Rule; HIPAA preempts the state law IF your state law is STRICTER than HIPAA; follow STATE LAW! Photo by First Concepts Consultants is licensed under CC BY-ND 3.0 7
8 Health Insurance Portability and Accountability Act of 1996 Privacy PRIVACY BASICS Who? What? When? Where? Why? How? Covered entities, health care providers & Business Associates Protected health information (PHI) Always unless patient consents or exception applies In custody setting and storage considerations To honors patients expectation of privacy, promote trust, & avoid misuse of information/stigma Take steps to safeguard & protect PHI For Education Not Legal Advice Health Plans Who is covered? Health Care Clearinghouses Health Care Providers every healthcare provider, regardless of size, who electronically transmits health information in connection with certain transactions That s you! Business Associates BAs (HITECH) 8
9 Students in the Practice Setting Considered Health Care Providers Approved under TPO provisions Must adhere to HIPAA standards & privacy policies of the organization What is protected? Protected Health Information (PHI)-information that is electronic, spoken or written and can only be disclosed with a patient s written consent: Account numbers Address All parts of dates except year Any other unique code, number or characteristic that can be linked to the individual Biometric identifiers (fingerprints/voiceprints) Device identifiers address Fax number Genetic information Full face photos or images Health plan beneficiary number Health care record number IP address, URL address License number Patient name Social security number Telephone number Vehicle Identifier number 9
10 Not All PHI is Equal: Special Records Mental Health Substance Abuse HIV/AIDS Genetic Information Photo by Dr. Scott Morris is licensed under CC BY-NC 4.0 PHI Students Will Likely Encounter Clinical charts Rx records Billing records Patient profiles s/faxes Some phone calls from patients Verbal patient counseling Rounding lists Photo from Wikipedia Commons 10
11 Common Exceptions Refill reminders (constitute treatment activity ) Drug recommendations Therapeutic substitutions Product recommendations (e.g. smoking cessation) Coverage and formularies Counseling and DURs Disease State Management ongoing education and counseling Basic Tenants: HIPAA Privacy 1. Protect the privacy of PHI 2. Use & disclose PHI only when authorized only the minimum necessary 3. Establish patient rights to approve who has access & use of their medical information 11
12 1. Secure & Protect PHI Photo by Ignasi Alcalde is licensed under CC BY-NC-SA 4.0 How is PHI Stored & Accessed? Verbal Communication Hard Copy Electronic Data Your duties to protect PHI will depend on this! 12
13 What must health organizations do? Develop and implement written policies and procedures (Privacy Practice Notice) Designate an official responsible for implementation Document any non routine disclosures Train the workforce employees, volunteers, trainees YOU! Who has to comply & be trained? Providers and those in direct contact with patient s PHI/medical records Hybrids? Work in a hospital or pharmacy but do NOT have anything to do with patient PHI or privacy do NOT need HIPAA training. For example: Hospital gift shop staff, cleaning staff, photo cashier at a chain pharmacy 13
14 Tips for Students Do not discuss patients in a public area Don t speak re: PHI too loudly Remove PHI when presenting patients Charts and computers should not be left open Follow Institutional Policies & Procedures Protect portable devices/encrypt etc. CAUTION: Be careful what you discard! Protected Health Information Photo by Sea Turtle is licensed under CC BY-NC-ND
15 Electronic Security Tips Computers Mobile Devices Major Cyber Security Risks Unintended access, change, or deletion of electronic information Curious employees snooping Viruses/malware/worms or hacking ing PHI offsite Carelessness or lending of passwords Disabling/Jailbreak timeout security functions 15
16 CAUTION: Cell Phones Photo by Suranga is licensed under CC BY-NC-ND 3.0 Can You Access Your Records? It is not a HIPAA violation to view your own medical record But not a good idea.it may violate policies & procedures Contact Privacy Officer or other person to follow process in policy. 16
17 Social Media Photo by Gianfranco Chicco is is licensed under CC BY-NC-SA 3.0 HIPAA & Social Media Myths Myth #1: It is okay to discuss patients as long as their name is not used Myth #2: Pictures at work are okay as long as they are not of patients Myth #3: Public figures don t have the same protections 17
18 Well Intentioned Social Media Risks 1. Terminated employee posts notice to prior patient by name on Facebook about new job. 2. Employee assists patient/family to post or blog (e.g. Caring Bridge). 3. Communal laptop and flash drives are not wiped after use. 5. Employee friends a client/patient boundary issues. 6. Mailing home encrypted data or disabling security. 7. Patient photos and geo tags. 8. Inadvertent, social sharing of PHI. 4. Client/patient misses appointment, provider reaches out on Facebook to ask why. 2. Use & Disclosure of PHI 18
19 Use v. Disclosure of PHI USE "sharing, employment, application, utilization, examination, or analysis of PHI within an entity that maintains such information." DISCLOSURE "release, transfer, provision of access to, or divulging in any other manner PHI outside the entity holding the information." Permitted Uses of PHI Patient authorization Agreements Laws TPO treatment, payment and operations When in doubt Find out! Ask your supervisor or request patient authorization 19
20 Permitted Uses of PHI TPO treatment, payment & operations Patient authorization Agreements LawsWhen in doubt Find out! Payment Ask your supervisor or request patient authorization Treatment Operations Photo by LawyersandSettlements.com is licensed under CC BY-ND 3.0 Photo by Edublog is licensed under CC BY-NC-SA 3.0 CC BY 4.0 Photo by enfermeriauva.blogspot.com is licensed under CC BY-NC-SA 3.0 Disclosure: Rule of Thumb Authorized Limited to Necessary Information Protect from others When in Doubt Find Out!!! 20
21 Permitted Disclosures Legal Representative Family & friends involved in care (unless says no) Other providers Business associates Family or Friends: Yes or No? May a doctor give information about a patient s mobility limitations to a friend driving the patient home from the hospital? YES. HIPAA Privacy Rule permits to share information directly relevant to May a care hospital with the administrator spouse, family, discuss friends, a patient s or others payment when: options with her adult daughter? Identified by a patient as someone who PHI can be released to; Person May is involved a hospital in the pharmacist patient s care instruct or payment a patient s for care; roommate about proper medicine dosage when she comes to pick up her medication before The patient she is discharged? present and has the capacity to make health care decisions; If the patient agrees or does not object when given the opportunity; and May physician may discuss a patient s treatment with the patient in If it can the be reasonably presence of inferred, a friend based when on the professional patient asks judgment, if the that friend patient can does come not object. into the treatment room. 21
22 Patient Right to Deny Insurance Patients who pay for costs of treatment can direct that insurance not be informed of treatment Can deny insurance access to the records Business Associates (BA) Outside Entity/person with which sharing of PHI is necessary: Have BA agreements re: privacy practices They are responsible to comply with HIPAA Have safeguards and procedures to limit to minimum necessary for purpose 22
23 Other Permitted Disclosures (that do not require patient authorization) UNAUTHORIZED disclosures of PHI are allowed for the following defined law enforcement & public health purposes: Public health activities Victims of abuse, neglect, or domestic violence Law enforcement purposes Legal (subpoena/court order) To comply with workers compensation To avoid serious threat to health or safety To DEA or state pharmacy board inspectors To report adverse events to the DEA EMERGENCY! It IS acceptable to release PHI in emergency situations without authorization. Remember: use your best judgment and keep the patient s best interest in mind! 23
24 More Permitted Uses & Disclosures Discussing treatment plan with a patient s other providers (except psychotherapy, HIV test results & substance abuse) Transferring medical records during new ownership of a business Minimum Necessary Rule 24
25 Minimum Necessary Limit PHI to the minimum required to accomplish purpose: For example: When submitting a claim for a patient, there is no need to provide the diagnosis unless the payer NEEDS that info Company policies should identify what information is needed by whom in order to perform their job duties It is NOT appropriate to access your own information you must follow the process/procedures in place AGAIN, use your PROFESSIONAL JUDGMENT and keep the patient s best interest in mind! Designated Record Set (HIPAA) Formal requests re: designated records set: This set includes any records containing "medical... case or medical management... billing... enrollment, payment, [or] claims adjudication" information, used "in whole or in part, by or for the covered entity to make decisions about individuals." 45 CFR
26 Disclosure Tips Check correct , phone number, fax Use confidential fax cover sheet Review chart and ensure minimum necessary Follow tracking procedure Incidental Disclosures Overheard by another person when counseling a patient or talking to another health care professional Piece of paper seen by person who is not authorized Family or friends picking up prescriptions Not HIPAA penalize if policies to protect information Violations do NOT occur when: Disclosure could not reasonably be prevented Is limited in nature Is a byproduct of permitted disclosures 26
27 Incidental Use: Examples Specifically states that no violations occur by calling patient s name in office or pharmacy Pharmacies not required to use extraordinary means to soundproof counseling areas De identified Information De identified information is NOT protected stringent requirements (45 CFR (b).) CAUTION do not include data that could reasonably lead to individual identification. Not protected DOES NOT mean info can be disclosed freely without care. USE YOUR PROFESSIONAL JUDGMENT! 27
28 There are SERIOUS Consequences! Audits Civil penalties (OCR) Minimum fine is $100 Maximum is $1.5 million Criminal penalties (DOJ) KNOWINGLY violated HIPAA laws Fines up to $250,000 Imprisoned up to 10 years Consequences for Employees Employees placed on immediate leave pending investigation Disciplinary action: Fired Suspension Reprimand & Document employee record Probation Peer review Further training on HIPAA Privacy Student consequences? 28
29 3. HIPAA Patient Rights Patient Right to: Notice of Privacy Practices Review & get copies of medical & financial records Request corrections Notice of Privacy Practices Content (in plain language): How the covered entity may use & disclose their PHI The individual s PHI rights & how to exercise rights The covered entity s legal duties re: PHI Contact information for more information privacy officer Must Include this language: THIS NOTICE DESCRIBES HOW MEDICAL INFO ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION PLEASE REVIEW IT CAREFULLY 29
30 Distribution & Acknowledgement Distribution No later than the first date of service In the case of emergency, as soon as reasonably practicable Anyone who asks for it Prominently posted in facility & on any website that contains information about its customer services/benefits Acknowledgement Good faith effort to obtain an acknowledgement of notice Must receive written acknowledgement Acknowledgements kept 6 years from date they were created Patient Access to Records Patients may request and are entitled to: Copy of their medical record See your the covered organization s entity has up to 30 days to Medical comply. May charge a reasonable fee for actual costs Records, Accounting HIPAA, of non routine and/or disclosures: Release of Health Care Information Description of what was disclosed Why it was disclosed policies The date & procedures! Name of individual receiving the information and their address if available 30
31 What could happen if patients are not given timely access to their records? Cignet denied 41 patients access to medical records requested 9/2008 to 10/2009 Did not cooperate with HHS investigation Government imposed $1.3 million penalty for violation of the HIPAA rule to provide patients with their medical records within 30 days Also fined $3 million for failing to cooperate with the investigation HITECH Act What if there is a breach? Photo by LawTechTV is licensed under CC BY-SA
32 Handling Breaches HITECH Act If the covered entity discovers a breach of unsecured PHI Must notify patients. If more then 500 also have to notify media and HHS. Three step procedure, to decide whether or not to disclose a HIPAA breach: 1) Was there an impermissible use or disclosure of PHI under the privacy rule? 2) Does the impermissible use or disclosure pose a significant risk of financial, reputational, or other harm to the individual? 3) Are the exceptions to the definition of breach or the notification requirement inapplicable to the impermissible use or disclosure? If the answer is no= likely do not have to report perceived problems. Burden to decide if reasonable not to report under circumstances. Compliance program must include detailed record keeping procedures to justify why you did or did not think reporting would be required. Must designate: Privacy Officer A "privacy official" responsible for the "development and implementation" of the policies/procedures for HIPAA compliance. A "contact person or office" responsible for providing information, receiving complaints and handling the administration of patients' records and rights. 45 CFR (a) 32
33 Reporting Privacy & Security Violations If YOU are aware or suspect a violation YOU are REQUIRED to report it to: Supervisor Privacy Office Information Security Office Compliance Hotline There are also Institutional requirements Employee training You are Part of the Culture of Compliance Employee acknowledgment of policy Enforce security policies No one is above the policy 33
34 Conclusion Advocate for your patient protect their privacy There are significant consequences for failing Review the policies/procedures & be prepared for areas where you are vulnerable. Know: Patient rights What PHI is how you can use & protect it How to disclose PHI & safeguards Use common sense & seek help! You can do it! 34
Faculty Profile. PART I Privacy Training for Health Professionals. Disclaimer. Always Be Prepared 7/11/2013. Why should you care about Privacy?
T-shirts & Taglines: PART I Privacy Training for Health Professionals Denise Hill, JD, MPA Des Moines University Des Moines, Iowa Faculty Profile Denise is an Assistant Professor at Des Moines University
More informationMCCP Online Orientation
1 Objectives At the conclusion of this presentation, students will be able to: Discuss application of HIPAA to student s role. Describe the federal requirements of the HIPAA/HITECH regulations that protect
More informationA general review of HIPAA standards and privacy practices 2016
A general review of HIPAA standards and privacy practices 2016 45 CFR, 164 Health Insurance Portability and Accountability Act Treatment, Payment and Healthcare Operations 42 CFR, Part 2, Confidentiality
More informationAdvanced HIPAA Communications and University Relations
Advanced HIPAA Communications and University Relations accepts no liability of any use reliance placed on it, as it is warranty, express, or implied, or completeness of 1 the HIPAA Health Insurance Portability
More informationPrivacy and Security Orientation for Visiting Observers. DUHS Compliance Office
Privacy and Security Orientation for Visiting Observers DUHS Compliance Office 919-668-2573 compliance@dm.duke.edu Introduction This orientation is to provide new Visiting Observers with the HIPAA Privacy
More informationHIPAA PRIVACY TRAINING
HIPAA PRIVACY TRAINING HIPAA Privacy Training Objective Present a general overview of HIPAA and define important terms Understand the purpose of HIPAA and the Privacy Rule Understand the term Protected
More informationUSES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION: HIPAA PRIVACY POLICY
Page Number 1 of 8 TITLE: PURPOSE: USES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION: HIPAA PRIVACY POLICY To assure that individually identifiable health information contained in any University Health
More informationCompliance Program, Code of Conduct, and HIPAA
Compliance Program, Code of Conduct, and HIPAA Agenda Introduction to Compliance The Compliance Program Code of Conduct Reporting Concerns HIPAA Why have a Compliance Program Procedures to follow applicable
More informationHIPAA THE PRIVACY RULE
HIPAA THE PRIVACY RULE Reviewed December 2012 HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of antidepressant medications in their mail. 2 HISTORY Many
More informationHIPAA Privacy Training for Non-Clinical Workforce
Office of Compliance Programs HIPAA Privacy Training for Non-Clinical Workforce Revised: January 24, 2017 HIPAA Privacy Workforce Training The Health Insurance Portability & Accountability Act (HIPAA)
More informationCAPITAL SURGEONS GROUP, PLLC
CAPITAL SURGEONS GROUP, PLLC NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW
More informationWhat is HIPAA? Purpose. Health Insurance Portability and Accountability Act of 1996
Patient Privacy and HIPAA/HITECH What is HIPAA? Health Insurance Portability and Accountability Act of 1996 Implemented in 2003 Title II Administrative Simplification It s a federal law HIPAA is mandatory,
More informationHealth Information Privacy Policies and Procedures
University of the Pacific Arthur A. Dugoni School of Dentistry Health Information Privacy Policies and s These Health Information Privacy Policies & s implement our obligations to protect the privacy of
More informationPrivacy and Security For Teammates
Privacy and Security For Teammates This self-directed learning module contains information all CRHS Teammates are expected to know in order to protect our patients, our guests, and ourselves. Target Audience:
More informationPatient Privacy Requirements Beyond HIPAA
Patient Privacy Requirements Beyond HIPAA Jane Hyatt Thorpe, J.D. School of Public Health and Health Services George Washington University Carrie Bill, J.D. Feldesman Tucker Leifer Fidell LLP The George
More informationFCSRMC 2017 HIPAA PRESENTATION
FCSRMC 2017 HIPAA PRESENTATION BDO USA, LLP, a Delaware limited liability partnership, is the U.S. member of BDO International Limited, a UK company limited by guarantee, and forms part of the international
More informationWRAPPING YOUR HEAD AROUND HIPAA PRIVACY REQUIREMENTS
WRAPPING YOUR HEAD AROUND HIPAA PRIVACY REQUIREMENTS Jeffrey Staton Attorney at Law Legal Aid Society of Louisville 416 W. Muhammad Ali Blvd., Ste. 300 Louisville, KY 40202 Phone: 502.614.3146 Jstaton@laslou.org
More informationHIPAA and HITECH: Privacy and Security of Protected Health Information
HIPAA and HITECH: Privacy and Security of Protected Health Information What is HIPAA? Health Insurance Portability and Accountability Act of 1996 A federal law enacted to: Protect the privacy of a patient
More informationSUMMARY OF NOTICE OF PRIVACY PRACTICES
LAKE REGIONAL MEDICAL GROUP 54 HOSPITAL DRIVE OSAGE BEACH, MO 65065 SUMMARY OF NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU
More informationThe Privacy & Security of Protected Health Information
The Privacy & Security of Protected Health Information By the end of this course, you should: Be familiar with the patient s rights to privacy under HIPAA Privacy Act Be able to identify Protected Health
More informationNotice of Privacy Practices
Notice of Privacy Practices This notice describes how medical information about you may be used and disclosed, and how you can get access to this information. Please review it carefully. Our commitment
More informationThe University of Toledo. Corporate Compliance and HIPAA Training. Presented by: The Compliance and Privacy Office
The University of Toledo Corporate Compliance and HIPAA Training Presented by: The Compliance and Privacy Office Topics Compliance HIPAA (Health Insurance Portability and Accountability Act) FERPA( Family
More informationStudent Orientation: HIPAA Health Insurance Portability & Accountability Act
_ Student Orientation: HIPAA Health Insurance Portability & Accountability Act HIPAA: National Privacy Law History of HIPAA What was once an ethical responsibility to protect a patient s privacy is now
More informationHIPAA Training
2011-2012 HIPAA Training New Hire Orientation and General Training 1 This training is to ensure all Health Management workforce members (associates, contracted individuals, volunteers and students) understand
More informationHIPAA Policies and Procedures Manual
UNIVERSITY of NORTH CAROLINA at CHAPEL HILL SCHOOL of NURSING HIPAA Policies and Procedures Manual November 2015 1 Table of Contents I. INTRODUCTION... 3 A. GENERAL POLICY... 3 B. SCOPE... 3 II. DEFINITIONS...
More informationHIPAA Notice of Privacy Practices
HIPAA Notice of Privacy Practices Georgia Mountains Hospice understands that your health information is highly personal and we are committed to safeguarding your privacy. Please read this Notice of Privacy
More informationHIPAA Privacy Rule and Sharing Information Related to Mental Health
HIPAA Privacy Rule and Sharing Information Related to Mental Health Background The Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule provides consumers with important privacy rights
More informationNOTICE OF PRIVACY PRACTICES
NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY. WHY ARE YOU GETTING
More informationIf you have any questions about this notice, please contact the SSHS Privacy Officer at:
Notice of Privacy Practices 0 Effective Date: April 14, 2003 Revision Date: July 15, 2016 South Shore Health System ( SSHS ) is an integrated health care delivery system. For a list of entities which comprise
More informationNOTICE OF PRIVACY PRACTICES
NOTICE OF PRIVACY PRACTICES Effective Date: 2013 Wisconsin Dental Association (800) 243-4675 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS
More informationPEDIATRIC HEALTH ASSOCIATES HIPAA NOTICE OF PRIVACY PRACTICES
Policy effective date: 4-14-2003 Revised January 2014 PEDIATRIC HEALTH ASSOCIATES HIPAA NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND
More informationWilliamson County EMS (WCEMS) HIPAA Training for Third Out Riders
Williamson County EMS (WCEMS) HIPAA Training for Third Out Riders Training Statement: This training program is designed to educate you on WCEMS legal requirements to protect our patients rights and confidentiality,
More informationIt defines basic terms and lists basic principles that all LSUHSC-NO faculty, staff, residents and students must understand and follow.
Office of Compliance Programs Revised: July 18, 2017 HIPAA Privacy HIPAA Privacy Workforce Training The Health Insurance Portability & Accountability Act (HIPAA) requires that the University train all
More informationNOTICE OF PRIVACY PRACTICES
NOTICE OF PRIVACY PRACTICES Effective Date: April 14, 2003 Revised: September 23, 2013 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS
More informationIf you have any questions about this notice, please contact our privacy officer Dr. Jev Sikes at
Notice of Privacy Practices For Deep Eddy Psychotherapy THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT
More informationWAKE FOREST BAPTIST HEALTH NOTICE OF PRIVACY PRACTICES
WAKE FOREST BAPTIST HEALTH NOTICE OF PRIVACY PRACTICES Effective April 14, 2003 Revised February 17, 2010 Revised September 23, 2013 Revised July 1, 2016 This Notice of Privacy Practices applies to the
More informationHIPAA. Health Insurance Portability and Accountability Act. Presented by the UMMC Office of Integrity and Compliance
HIPAA Health Insurance Portability and Accountability Act Presented by the UMMC Office of Integrity and Compliance Rules and Regulations to ensure Privacy Set Federally recognized standards to ensure both
More informationphysicians, nurses, and technicians and other Facility personnel for review and learning purposes. We may also combine the medical information we
WESTMINSTER CANTERBURY - RICHMOND NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW
More informationNotice of HIPAA Privacy Practices Updates
Notice of HIPAA Privacy Practices Updates The following is a summary of the updates to the privacy notice for Meridian Hospitals Corporation, Meridian Home Care Services, Inc., Meridian Nursing & Rehabilitation,
More informationSlide 1 WHO IS THE CLIENT? WHO CONTROLS THE RECORD? ETHICS AND HIPAA. Slide 2. Slide 3. The Four As of Ethical Practice
Slide 1 WHO CONTROLS THE RECORD? ETHICS AND HIPAA 22 nd Oklahoma Child Abuse & Neglect Conference Norman, Oklahoma, on September 4, 2014 Dr. Arlene B. Schaefer, Ph.D. Forensic and Clinical Psychology Oklahoma
More informationOpp Health and Rehabilitation, LLC 115 Paulk Avenue P.O. Box 730 Opp, AL Phone Number: (334)
Opp Health and Rehabilitation, LLC 115 Paulk Avenue P.O. Box 730 Opp, AL 36467-1695 Phone Number: (334) 493-4558 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW
More informationCHI Mercy Health. Definitions
CHI Mercy Health Definitions If you have any questions about this notice, please contact the CHI Mercy Health s Privacy Office at (701) 845-6540 or 570 Chautauqua Blvd, Valley City ND 58072. Notice of
More informationAssociated Pediatric Dentistry Belleville, Edwardsville, O Fallon, IL
Associated Pediatric Dentistry Belleville, Edwardsville, O Fallon, IL Patient Name: DOB: ACKNOWLEDGEMENT OF RECEIPT OF NOTICE OF PRIVACY PRACTICES AND CONSENT **You May Refuse to Sign This Consent Acknowledgement**
More informationHH Health System-Shoals, LLC dba Helen Keller Hospital Notice of Privacy Practices
HH Health System-Shoals, LLC dba Helen Keller Hospital Notice of Privacy Practices THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.
More informationUnderstanding the Privacy and Security Regulations
Omnibus Rule Update HIPAA Handbook for Long-Term Care Staff Understanding the Privacy and Security Regulations Kate Borten, CISSP, CISM Handbook for Long-Term Care Staff Understanding the Privacy and Security
More informationSouthwest Acupuncture College /PWFNCFS
Southwest Acupuncture College /PWFNCFS This replaces policies in the catalogue and any other documents to date. Boulder Santa Fe TABLE OF CONTENTS STATEMENT OF PURPOSE... 1 I. RIGHT TO A NOTICE OF PRIVACY
More informationUpdated FY15 Dignity Health General Compliance Education for Staff Module 2
Updated FY15 Dignity Health General Compliance Education for Staff Module 2 This course will provide you with important information about the laws and regulations that affect the healthcare industry, our
More informationHIPAA Education Program
HIPAA Education Program 2017-2018 Assurance and Compliance Services HIPAA Training Requirement This HIPAA Training Program is intended for and will satisfy the training requirement for the: Mount Sinai
More information2018 Employee HIPAA Orientation (EHO) Handbook
2018 Employee HIPAA Orientation (EHO) Handbook Using EHO The material in this booklet is designed to provide newly hired employees with an understanding of HIPAA s regulations and their impact on the employee
More informationHIPAA for CNAs. This course has been awarded one (1.0) contact hour. This course expires on May 31, 2020.
HIPAA for CNAs This course has been awarded one (1.0) contact hour. This course expires on May 31, 2020. Copyright 2015 by RN.com. All Rights Reserved. Reproduction and distribution of these materials
More informationNotice of. Privacy Practices. Dartmouth-Hitchcock Affiliated Covered Entity
Notice of Privacy Practices Dartmouth-Hitchcock Affiliated Covered Entity This Notice describes how medical information about you may be used and disclosed and how you can get access to this information.
More informationERIE COUNTY MEDICAL CENTER CORPORATION NOTICE OF PRIVACY PRACTICES. Effective Date : April 14, 2003 Revised: August 22, 2016
ERIE COUNTY MEDICAL CENTER CORPORATION NOTICE OF PRIVACY PRACTICES Effective Date : April 14, 2003 Revised: August 22, 2016 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED
More informationWHAT IS HIPAA? HIPAA is the ELECTRONIC transmission of Three programs have been enacted to date Privacy Rule April 2004
Rev. 1/22/2010 HIPAA TRAINING WHAT IS HIPAA? Health Insurance Portability and Accountability Act HIPAA is the ELECTRONIC transmission of Three programs have been enacted to date Privacy Rule April 2004
More informationPRIVACY POLICY USES AND DISCLOSURES FOR TREATMENT, PAYMENT, AND HEALTH CARE OPERATIONS
PRIVACY POLICY As of April 14, 2003, the Federal regulation on patient information privacy, known as the Health Insurance Portability and Accountability Act (HIPAA), requires that we provide (in writing)
More informationNotice of Privacy Practices
River Valley Chiropractic LLC Notice of Privacy Practices Effective 9/2014; Revised 9/2014 If you have any questions about this notice, please contact the River Valley Chiropractic Privacy Officer at 308-534-5840.
More informationTHE CHILDREN S INSTITUTE OF PITTSBURGH NOTICE OF PRIVACY PRACTICES
THE CHILDREN S INSTITUTE OF PITTSBURGH NOTICE OF PRIVACY PRACTICES Effective Date: October 30, 2006 Revised: July 24, 2013 Revised: January 18, 2016 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT
More informationNOTICE OF PRIVACY PRACTICES Full Length Version Effective Date: 4/19/2016
Conrad l Pearson Clinic, P.C. NOTICE OF PRIVACY PRACTICES Full Length Version Effective Date: 4/19/2016 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN
More informationNOTICE OF PRIVACY PRACTICES
NOTICE OF PRIVACY PRACTICES 1 Effective Date: April 14, 2003 Revision Date: September 23, 2013 Revision Date: January 17, 2018 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED
More informationInformation Privacy and Security
Information Privacy and Security 2015 Purpose of HIPAA HIPAA stands for the Health Insurance Portability and Accountability Act. Its purpose is to establish nationwide protection of patient confidentiality,
More informationHIPAA Health Insurance Portability and Accountability Act of 1996
HIPAA Health Insurance Portability and Accountability Act of 1996 Protected Health Information (PHI) Covers patient information in any form written, verbal, or electronic PHI Includes Any information that
More informationLily M. Gutmann, Ph.D., CYT Licensed Psychologist 4405 East West Highway #512 Bethesda, MD (301)
Lily M. Gutmann, Ph.D., CYT Licensed Psychologist 4405 East West Highway #512 Bethesda, MD 20814 (301) 996-0165 www.littlefallscounseling.com PRACTICE POLICIES AND CONSENT TO TREATMENT WELCOME Welcome
More informationNOTICE OF PRIVACY PRACTICES
BUTTE COUNTY DEPARTMENT OF BEHAVIORAL HEALTH NOTICE OF PRIVACY PRACTICES Effective Date: 4/14/2003 THIS NOTICE DESCRIBES NOW HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS
More informationAccommodate reasonable requests you may have to communicate health information by alternative means or at alternative locations.
Collom & Carney Clinic Association NOTICE OF PRIVACY PRACTICES Effective Date: April 14, 2003 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED, AND HOW YOU CAN GET ACCESS
More informationNOTICE OF PRIVACY PRACTICES MOUNT CARMEL HEALTH SYSTEM
NOTICE OF PRIVACY PRACTICES MOUNT CARMEL HEALTH SYSTEM Effective Date: 9/23/ 2013 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.
More informationNOTICE OF PRIVACY PRACTICES
NOTICE OF PRIVACY PRACTICES Effective Date: July 12, 2017 THIS NOTICE OF PRIVACY PRACTICES ( NOTICE ) DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED, AND HOW YOU CAN GET ACCESS TO
More informationNotice of Privacy Practices
Notice of Privacy Practices Effective September 23, 2013 TCHC.org An equal opportunity employer and provider. CLINICS Baxter Bertha Henning Ottertail Sebeka Verndale Wadena HOSPITAL Wadena 415 Jefferson
More informationSenior Care Pharmacy Wichita
Senior Care Pharmacy Wichita 1402 S.RIDGE ROAD WICHITA, KS, 67209 Phone: 316-945-7455 Fax: 316-945-7457 Contact:- Carol Parsons Dear patient/responsible party, Effective immediately, each patient/responsible
More informationNotice of Privacy Practices
2269 CHERRY VALLEY ROAD, NEWARK, OH 43055 (740) 788-1400 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW
More informationMURRAY MEDICAL CENTER HIPAA NOTICE OF PRIVACY PRACTICES
CW CR 618 Exhibit A MURRAY MEDICAL CENTER HIPAA NOTICE OF PRIVACY PRACTICES Effective Date: THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS
More informationOREGON HIPAA NOTICE FORM
MARCIA JOHNSTON WOOD, Ph.D. Clinical Psychologist 5441 SW Macadam, #104, Portland, OR 97239 Phone (503) 248-4511/ Fax (503) 248-6385 - Effective Sept.23, 2013 - (This copy for you to keep) OREGON HIPAA
More informationJoseph Bikowski, M.D., Associates
Joseph Bikowski, M.D., Associates BIKOWSKI SKIN CARE CENTER 500 Chadwick Street Sewickley, PA 15143 Effective Date: September 20, 2013 (revised) THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU
More informationPATIENT BILL OF RIGHTS & NOTICE OF PRIVACY PRACTICES
Helping People Perform Their Best PRIVACY, RIGHTS AND RESPONSIBILITIES NOTICE PATIENT BILL OF RIGHTS & NOTICE OF PRIVACY PRACTICES Request Additional Information or to Report a Problem If you have questions
More informationNOTICE OF PRIVACY PRACTICES
THIS NOTICE OF PRIVACY PRACTICES ( NOTICE ) DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED, AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY. Respect for
More informationPATIENT INFORMATION Please Print
PATIENT INFORMATION Please Print DATE Patient s Last Name First Name Middle Name Suffix Gender: q Male q Female Social Security Number of Birth Race Ethnic Group: q Hispanic q Non-Hispanic q Unknown Preferred
More informationPARAGOULD DOCTORS CLINIC PRIVACY NOTICE
PARAGOULD DOCTORS CLINIC PRIVACY NOTICE Protected Health Information THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE
More informationPATIENT NOTICE OF PRIVACY PRACTICES Effective Date: June 1, 2012 Updated: May 9, 2017
PREMIER PSYCHIATRY Psychiatric and Behavioral Health Services PATIENT NOTICE OF PRIVACY PRACTICES Effective Date: June 1, 2012 Updated: May 9, 2017 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU
More informationINFORMED CONSENT FOR TREATMENT
INFORMED CONSENT FOR TREATMENT I (name of patient), agree and consent to participate in behavioral health care services offered and provided at/by Children s Respite Care Center, a behavioral health care
More informationNOTICE OF PRIVACY PRACTICES
NOTICE OF PRIVACY PRACTICES 1 Effective Date: April 14, 2003 Revised: September 23, 2013 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO
More informationPrivacy and Security Compliance: The. Date Presenter Name of Member Organization
Privacy and Security Compliance: The Basics Date Presenter Name of Member Organization Privacy and Security Compliance: The Context for What We Do Privacy and Security compliance within (your office) is
More informationThis notice describes Florida Hospital DeLand s practices and that of: All departments and units of Florida Hospital DeLand.
MRN: FIN: FLORIDA HOSPITAL DELAND HIPAA NOTICE OF PRIVACY PRACTICES Effective Date: September 23, 2013 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN
More informationHIPAA Privacy Rights and Operations Guide HIPAA Security Summary For the Practice of: Vail Aspen Breckenridge Dermatology
HIPAA Privacy Rights and Operations Guide HIPAA Security Summary For the Practice of: Vail Aspen Breckenridge Dermatology Publish Date: 1/2/2018 This guide has been created to serve Vail Aspen Breckenridge
More informationNOTICE OF PRIVACY PRACTICE UNIVERSITY OF CALIFORNIA SAN FRANCISCO DENTAL CENTER
Effective Date: February 1, 2018 NOTICE OF PRIVACY PRACTICE UNIVERSITY OF CALIFORNIA SAN FRANCISCO DENTAL CENTER THIS NOTICE DESCRIBES HOW HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW
More informationPediatric Dental Specialists
Pediatric Dental Specialists Notice of Privacy Practices This Notice describes how your health information may be used and disclosed and how you can get access to this information. Please review it carefully.
More informationJOINT NOTICE OF PRIVACY PRACTICES
JOINT NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. Who Will Follow This Notice PLEASE REVIEW
More informationSUMMARY OF THE CIRCUMSTANCES AND PURPOSES FOR WHICH YOUR HEALTH INFORMATION MAY BE USED AND DISCLOSED
374 Hudlow Road, Post Office Box 336 Forest City, NC 28043 Phone: (828) 245-0095 FAX: (828) 248-1035 Toll Free: 1-800-218-CARE (2273) HOSPICE OF RUTHERFORD COUNTY PRIVACY PRACTICES THIS NOTICE DESCRIBES
More informationPOTENTIAL LIABILITY: PATIENT HEALTH INFORMATION PORTALS
POTENTIAL LIABILITY: PATIENT HEALTH INFORMATION PORTALS Jeanne M. Born, RN, JD 22 JANUARY 2015 Jborn@nexsenpruet.com Medical Record Information: Ownership and Patient Rights The physician owns the physician
More informationNOTICE OF PRIVACY PRACTICES
NOTICE OF PRIVACY PRACTICES Effective Date: May 31, 2013 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW
More informationNOTICE OF PRIVACY PRACTICES
535 East 70th Street New York, NY 10021 (212) 606-1000 Specialists in Mobility NOTICE OF PRIVACY PRACTICES Effective Date: April 14, 2003 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE
More information- Cardiac Catherization - Cardiac Angioplasty - Cardiac Bypass - MUGA - CT Scan
Thank you for making an appointment with our office. We look forward to meeting you. Please help us to prepare for your appointment by gathering the information we will need to make the most of your time
More informationTHIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED, AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED, AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY. I. WHO WE ARE This Notice describes the privacy
More informationHIPAA Privacy & Security Training
HIPAA Privacy & Security Training for Nonclinicians Introduction As a Duke Medicine workforce member you may have access to patients and patient information and you have a legal and ethical obligation
More informationNotice of Health Information Privacy Practices Acknowledgement
I understand that as part of my healthcare, Sonoma Valley Hospital and its medical staff creates, receives and maintains health records describing my health history, symptoms, examination and test results,
More informationFAMILY PHARMACEUTICAL SERVICES NOTICE OF PRIVACY PRACTICES effective 9/23/2013
FAMILY PHARMACEUTICAL SERVICES NOTICE OF PRIVACY PRACTICES effective 9/23/2013 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.
More informationOrthopedic Specialty Clinic, Ltd. Updated 05/2014
Orthopedic Specialty Clinic, Ltd. Updated 05/2014 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
More informationRegulatory Issues Facing Student Health Centers Presented by: Richard T. Yarmel and Edward H. Townsend
Higher Education Institute: Avoiding Compliance Pitfalls Across Your Campus From Admissions to the Title IX Office to the Board Room Regulatory Issues Facing Student Health Centers Presented by: Richard
More informationHealthcare Privacy Officer on Evaluating Breach Incidents A look at tools and processes for monitoring compliance and preserving your reputation
Healthcare Privacy Officer on Evaluating Breach Incidents A look at tools and processes for monitoring compliance and preserving your reputation June 20, 2012 ID Experts Webinar www.idexpertscorp.com Mahmood
More informationSUNY DOWNSTATE MEDICAL CENTER UNIVERSITY HOSPITAL OF BROOKLYN POLICY AND PROCEDURE
SUNY DOWNSTATE MEDICAL CENTER UNIVERSITY HOSPITAL OF BROOKLYN POLICY AND PROCEDURE No. HIPAA-16 Subject: NOTICE OF PRIVACY PRACTICES Page 1 of 13 Prepared by: Shoshana Milstein Original Issue Date 12/02
More informationNotice of Privacy Practices
Notice of Privacy Practices, pg. 1 of 5 Notice of Privacy Practices CATHOLIC CHARITIES OF THE ROMAN CATHOLIC DIOCESE OF SYRACUSE, NY This notice describes the privacy practices of Catholic Charities of
More informationDO ASK BUT DON T TELL HIPAA PRIVACY RULE
DO ASK BUT DON T TELL HIPAA PRIVACY RULE HITECH/OMNIBUS FINAL RULE HIPAA enacted in 1996; compliance required April 14, 2003 for the Privacy Rule and April 21, 2005 for the Security Rule surrounding electronic
More informationNotice of privacy practices
Notice of privacy practices This Notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully. Our staff are committed
More information