HIPAA HAZARDS & SOCIAL MEDIA SNAFUS NARHC MARCH 20, 2018 MARGARET SCAVOTTO, JD, CHC MPA ST. LOUIS, MO
|
|
- Silas Martin
- 5 years ago
- Views:
Transcription
1 HIPAA HAZARDS & SOCIAL MEDIA SNAFUS NARHC MARCH 20, 2018 MARGARET SCAVOTTO, JD, CHC MPA ST. LOUIS, MO
2 EXPECT THE UNEXPECTED
3 SNOOPING EMPLOYEES WILL BE TEMPTED TO SNOOP MEDICAL RECORDS.
4 SNOOPING A nurse snooped the medical records of her nephew s girlfriend, and learned she had a baby and gave it up for adoption. This secret was announced at a family funeral. Hospital employee snooped patient records for 14 years. When Britney Spears was hospitalized in 2008 for psychiatric care, 13 employees and 6 physicians at UCLA medical center looked at her medical records without a reason.
5 SNOOPING Who are YOUR celebrities?
6 SNOOPING What can you do? Address snooping in your SRA and policies Limit access Terminate access Review info system activity Set up alerts Use access controls TRAIN
7 INSIDERS & BURGLARS WHAT COULD SOMEBODY TAKE FROM YOU?
8 INSIDERS An ex-employee stole patient information and patient photos from a Rodeo Drive plastic surgery clinic and put them on social media. A mental health tech stole census sheets from a behavioral health facility and sold them for $1,000 each.
9 INSIDERS What can you do? Background checks. Consider insiders in your HIPAA Security risk analysis and mitigation plan. Use the minimum necessary rule. Terminate access when employees leave.
10 BURGLARS What could a burglar steal from you? Burglars stole an unencrypted computer containing PHI for 24,000 patients from a dermatology practice. It was not encrypted. Burglars stole paper PHI from an eye doctors office leaving electronic PHI systems untouched. Burglars took 13 boxes of paper medical records from an off-site storage facility. The burglar was caught when he tried to sell the patient records.
11 BURGLARS What can you do? Remember there is no such thing as secure paper PHI. If you use off-site storage, ask about their HIPAA security program. Signing a BAA is required but doesn t guarantee your records are safe.
12 MAIL WHAT S IN YOUR ENVELOPE? HIPAA WANTS TO KNOW.
13 MAIL What could go wrong? Aetna used a contractor to complete a mailing. The contractor used windowed envelopes. Through the window, the following words could be seen: when filling prescriptions for HIV medications. The Ohio Dept of Mental Health and Addiction Services sent a satisfaction survey to its patients via postcard (rather than sealed envelopes).
14 MAIL issues A hospital executive assistant sent an electronic survey to patients by . The goal of the survey was to identify ways to improve patient discharge paperwork. Hundreds of patient addresses were visible in the To field of the .
15 MINIMUM NECESSARY RULE BREACHES WHEN STAFF NEED TO USE PHI, BUT THEY USE TOO MUCH.
16 MINIMUM NECESSARY RULE BREACHES A university student health center employee discussed the results of a student s pregnancy test with a female coworker. A nurse was fired from a Kentucky hospital after she told a physician and EKG technician to wear gloves for a procedure because the patient has Hepatitis C.
17 MINIMUM NECESSARY RULE BREACHES What can you do? TRAIN.
18 AUGMENTED REALITY PEOPLE USE THEIR PHONES AND CAMERAS FOR EVERYTHING.
19 POKÉMON GO Pokemon Go uses the smartphone s camera phone to superimpose Pokemon characters on real-time photographs. Pokemon Go lets the user take a screenshot of the app (e.g., the real-time photograph).
20 ONLINE REVIEWS THE COMMENTS CONUNDRUM
21 ONLINE REVIEWS I looked very closely at your radiographs and it was obvious that you have cavities and gum disease that your other dentist has overlooked You can live in a world of denial and simply believe what you want to hear from your other dentist or make an educated and informed decision. - [Your dentist]
22 SOCIAL MEDIA EVERYBODY S DOING IT
23 PROTECTED HEALTH INFORMATION HIPAA protects PHI: information that can identify a patient and relates to the patient s health condition, treatment, and payment for treatment. 23
24 PHOTOS AND VIDEOS SAY CHEESE!
25 PHOTOS & VIDEOS Two paramedics were arrested and face criminal charges after they engaged in a selfie war by text.
26 IT WAS JUST A PICTURE OF HER BUTT They just blew everything out of proportion It was just a picture of her butt. How many people take a picture of people s butts?... I worked in health care for five years. Everybody takes pictures of residents all the time. I m not the only one.
27 PHOTOS AND VIDEOS Doctor posted plastic surgery photos online. Hospital employees took photos of a patient with a genital injury.
28 PROUD PROMOTION Entry level clinical staff received a promotion to an administrative role. This promotion came with an office. The staff took a video of his desk and posted it to Facebook.
29 SOCIAL MEDIA: IS IT PHI?
30 IS IT PHI? Sad day at work today 30
31 IS IT PHI? Sad day at work treating someone so young today 31
32 IS IT PHI? Sad day at work treating an amputee today 32
33 IS IT PHI? SAD DAY AT WORK TREATING MY THIRD GRADE TEACHER TODAY 33
34 IS IT PHI? SAD DAY AT WORK TREATING MY THIRD GRADE TEACHER AT WALNUT ELEMENTARY TODAY 34
35 SOCIAL MEDIA What you can do: Social media policy Breach notification policy Train, train, train Audit
36 IGNORING BREACHES 89% OF HEALTHCARE PROVIDERS HAVE HAD A BREACH
37 IGNORING BREACHES Presence Health entered a $475,000 settlement with the OCR after it missed the 60 day breach notification deadline : Presence discovered breach (paper OR schedules were missing) : Presence notified OCR of the breach.
38 BREACH NOTIFICATION Unsecured PHI = not encrypted or destroyed Within 60 days of discovery Who: The patient OCR The media (maybe) 38
39 BREACH NOTIFICATION What can you do? Breach Notification policy Breach analysis decision tree HIPAA attorney on speed dial
40 BREACH NOTIFICATION Don t mess with Texas. No risk of harm required. Texas DHHS contractors that provide HHS services and create, receive, maintain, use or disclose Confidential Information on behalf of HHS programs or clients must notify HHS of breaches of federal data within 60 minutes
41 YOUR ACTION PLAN HOW TO EXPECT THE UNEXPECTED
42 SECURITY RISK ANALYSIS Conduct a HIPAA Security risk analysis Mitigate risks Update the risk analysis
43 POLICIES Privacy Security Breach Notification Omnibus updates effective September 2013
44 TRAIN, TRAIN New hires Annual training Quarterly or monthly reminders Board, employees, contractors, managers In-services, written reminders, , flyers, video, skits
45 AUDIT Walk throughs Security Audits Privacy audits Breach notification audits Social media audits
46 LOOK FOR GUIDANCE At HCCA s 2017 Compliance Institute, Iliana Peters advised that the OCR is developing guidance and FAQ addressing: Texting Social media Minimum necessary
47 Margaret Scavotto, JD, CHC President ext. 24 (c) 2018 Management Performance Associates This presentation does not constitute legal advice Questions?
HIPAA Training
2011-2012 HIPAA Training New Hire Orientation and General Training 1 This training is to ensure all Health Management workforce members (associates, contracted individuals, volunteers and students) understand
More informationThe Privacy & Security of Protected Health Information
The Privacy & Security of Protected Health Information By the end of this course, you should: Be familiar with the patient s rights to privacy under HIPAA Privacy Act Be able to identify Protected Health
More informationHIPAA and HITECH: Privacy and Security of Protected Health Information
HIPAA and HITECH: Privacy and Security of Protected Health Information What is HIPAA? Health Insurance Portability and Accountability Act of 1996 A federal law enacted to: Protect the privacy of a patient
More informationBreach Reporting and Safeguarding PHI Outpatient Services August, UAMS HIPAA Office Anita Westbrook
Breach Reporting and Safeguarding PHI Outpatient Services August, 2012 UAMS HIPAA Office Anita Westbrook Breaches and Breach Reporting Real Life Example An employee of a large hospital accidentally left
More informationMCCP Online Orientation
1 Objectives At the conclusion of this presentation, students will be able to: Discuss application of HIPAA to student s role. Describe the federal requirements of the HIPAA/HITECH regulations that protect
More informationUpdated FY15 Dignity Health General Compliance Education for Staff Module 2
Updated FY15 Dignity Health General Compliance Education for Staff Module 2 This course will provide you with important information about the laws and regulations that affect the healthcare industry, our
More informationHIPAA for CNAs. This course has been awarded one (1.0) contact hour. This course expires on May 31, 2020.
HIPAA for CNAs This course has been awarded one (1.0) contact hour. This course expires on May 31, 2020. Copyright 2015 by RN.com. All Rights Reserved. Reproduction and distribution of these materials
More informationPrivacy and Security For Teammates
Privacy and Security For Teammates This self-directed learning module contains information all CRHS Teammates are expected to know in order to protect our patients, our guests, and ourselves. Target Audience:
More informationWRAPPING YOUR HEAD AROUND HIPAA PRIVACY REQUIREMENTS
WRAPPING YOUR HEAD AROUND HIPAA PRIVACY REQUIREMENTS Jeffrey Staton Attorney at Law Legal Aid Society of Louisville 416 W. Muhammad Ali Blvd., Ste. 300 Louisville, KY 40202 Phone: 502.614.3146 Jstaton@laslou.org
More informationHIPAA Compliance and Health IT
HIPAA Compliance and Health IT Joel Benware Anne Cramer, Esq. Jim Sheldon-Dean 1 Joel Benware Compliance Officer at Northwestern Medical Center (NMC) in St. Albans, Vt. o o Reports directly to the NMC
More informationNOTICE OF PRIVACY PRACTICES
VII-07B Notice of Privacy Practices (p) The MetroHealth System 2500 MetroHealth Drive Cleveland, OH 44109-1998 NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW WE MAY USE AND DISCLOSE YOUR PROTECTED
More informationHealth Information Privacy Policies and Procedures
University of the Pacific Arthur A. Dugoni School of Dentistry Health Information Privacy Policies and s These Health Information Privacy Policies & s implement our obligations to protect the privacy of
More informationDO ASK BUT DON T TELL HIPAA PRIVACY RULE
DO ASK BUT DON T TELL HIPAA PRIVACY RULE HITECH/OMNIBUS FINAL RULE HIPAA enacted in 1996; compliance required April 14, 2003 for the Privacy Rule and April 21, 2005 for the Security Rule surrounding electronic
More informationSUMMARY OF NOTICE OF PRIVACY PRACTICES
LAKE REGIONAL MEDICAL GROUP 54 HOSPITAL DRIVE OSAGE BEACH, MO 65065 SUMMARY OF NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU
More informationCAPITAL SURGEONS GROUP, PLLC
CAPITAL SURGEONS GROUP, PLLC NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW
More informationOSHA & HIPAA Seminar. Northern Texas Facial & Oral Surgery
OSHA & HIPAA Seminar Sponsored By Northern Texas Facial & Oral Surgery April 11, 2014 Power Point Slides For The Course Power Point handout slides are provided for your use during the lecture. Bring these
More informationReporting a Privacy Breach to the Commissioner
SEPTEMBER 2017 Reporting a Privacy Breach to the Commissioner GUIDELINES FOR THE HEALTH SECTOR To strengthen the privacy protection of personal health information, the Ontario government has amended the
More informationUSES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION: HIPAA PRIVACY POLICY
Page Number 1 of 8 TITLE: PURPOSE: USES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION: HIPAA PRIVACY POLICY To assure that individually identifiable health information contained in any University Health
More informationPETER BOWER, M.D Rolkin Court, Suite 301. Charlottesville VA (434) F(434) Today's date. Name:
PETER BOWER, M.D. A N D A S S O C I A T E S 1415 Rolkin Court, Suite 301 Charlottesville VA 22911 (434)964-0159 F(434)978-1667 Today's date Name: Date of Birth: Male Female Social Security # Mailing Address:
More informationHIPAA Health Insurance Portability and Accountability Act of 1996
HIPAA Health Insurance Portability and Accountability Act of 1996 Protected Health Information (PHI) Covers patient information in any form written, verbal, or electronic PHI Includes Any information that
More informationHIPAA THE PRIVACY RULE
HIPAA THE PRIVACY RULE Reviewed December 2012 HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of antidepressant medications in their mail. 2 HISTORY Many
More informationDavid Behinfar, JD, LLM, CHC, CIPP University of Florida College of Medicine Jacksonville UF Privacy Manager (904)
David Behinfar, JD, LLM, CHC, CIPP University of Florida College of Medicine Jacksonville UF Privacy Manager (904) 244 6229 david.behinfar@jax.ufl.edu 1 Presentation Summary High level Summary of the federal
More information2018 HCCA Compliance Institute HIPAA Update: Policy & Enforcement. Policy Update: Marissa Gordon-Nguyen HHS OCR Senior Advisor
2018 HCCA Compliance Institute HIPAA Update: Policy & Enforcement Policy Update: Marissa Gordon-Nguyen HHS OCR Senior Advisor 2 1 OCR Responds to Nation s Opioid Crisis Opioid abuse crisis and national
More informationAdvanced HIPAA Communications and University Relations
Advanced HIPAA Communications and University Relations accepts no liability of any use reliance placed on it, as it is warranty, express, or implied, or completeness of 1 the HIPAA Health Insurance Portability
More informationINVESTIGATION REPORT
Prince Albert Co-operative Health Centre Community Clinic March 27, 2018 Summary: A patient and her spouse attended the Prince Albert Co-operative Health Centre Community Clinic (the Clinic) for lab services
More informationNOTICE OF PRIVACY PRACTICES
NOTICE OF PRIVACY PRACTICES Effective Date: May 31, 2013 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW
More informationAGENDA. 10:45 a.m. CT Attendees Sign On 11:00 a.m. CT Webinar 11:50 a.m. CT Questions and Answers
AGENDA 10:45 a.m. CT Attendees Sign On 11:00 a.m. CT Webinar 11:50 a.m. CT Questions and Answers Asking Questions Throughout the webinar, type your questions using the "send note" button at the top of
More informationInformation Privacy and Security
Information Privacy and Security 2015 Purpose of HIPAA HIPAA stands for the Health Insurance Portability and Accountability Act. Its purpose is to establish nationwide protection of patient confidentiality,
More informationYour Role in Protecting Patient Privacy 2018
Your Role in Protecting Patient Privacy 2018 1 Training Focus This training will focus on what responsibilities you have in order to ensure that both you and our organization are in compliance with state
More informationSection: Medical Staff Office Page: 1 of 2
Section: Medical Staff Office Page: 1 of 2 Subject: Job Shadowers and Observers Not Covered Under Clinical Affiliation Agreement Executive Owner: Chief Medical Officer Original Policy: 6/4/13 Current Effective
More informationPATIENT INFORMATION Please Print
PATIENT INFORMATION Please Print DATE Patient s Last Name First Name Middle Name Suffix Gender: q Male q Female Social Security Number of Birth Race Ethnic Group: q Hispanic q Non-Hispanic q Unknown Preferred
More informationNotice of HIPAA Privacy Practices Updates
Notice of HIPAA Privacy Practices Updates The following is a summary of the updates to the privacy notice for Meridian Hospitals Corporation, Meridian Home Care Services, Inc., Meridian Nursing & Rehabilitation,
More informationWhat is HIPAA? Purpose. Health Insurance Portability and Accountability Act of 1996
Patient Privacy and HIPAA/HITECH What is HIPAA? Health Insurance Portability and Accountability Act of 1996 Implemented in 2003 Title II Administrative Simplification It s a federal law HIPAA is mandatory,
More informationA general review of HIPAA standards and privacy practices 2016
A general review of HIPAA standards and privacy practices 2016 45 CFR, 164 Health Insurance Portability and Accountability Act Treatment, Payment and Healthcare Operations 42 CFR, Part 2, Confidentiality
More informationPreparing for the upcoming 2016 HIPAA audits: Lessons and examples from past breaches and fines
Preparing for the upcoming 2016 HIPAA audits: Lessons and examples from past breaches and fines 1 Your Presenters Robert Grant Co-Founder and Chief Strategy Officer of Compliancy Group Over 15 years of
More informationChapter 9 Legal Aspects of Health Information Management
Chapter 9 Legal Aspects of Health Information Management EXERCISE 9-1 Legal and Regulatory Terms 1. T 2. F 3. F 4. F 5. F EXERCISE 9-2 Maintaining the Patient Record in the Normal Course of Business 1.
More informationProtecting Health Information: Health Data Security Training
Protecting Health Information: Health Data Security Training How to secure patient information and manage your obligations under HIPAA, the HITECH Act and other federal and state data privacy and security
More informationPrivacy and Security Orientation for Visiting Observers. DUHS Compliance Office
Privacy and Security Orientation for Visiting Observers DUHS Compliance Office 919-668-2573 compliance@dm.duke.edu Introduction This orientation is to provide new Visiting Observers with the HIPAA Privacy
More informationWAKE FOREST BAPTIST HEALTH NOTICE OF PRIVACY PRACTICES
WAKE FOREST BAPTIST HEALTH NOTICE OF PRIVACY PRACTICES Effective April 14, 2003 Revised February 17, 2010 Revised September 23, 2013 Revised July 1, 2016 This Notice of Privacy Practices applies to the
More informationNOTICE OF PRIVACY PRACTICES
THIS NOTICE OF PRIVACY PRACTICES ( NOTICE ) DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED, AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY. Respect for
More informationHIPAA Privacy Training for Non-Clinical Workforce
Office of Compliance Programs HIPAA Privacy Training for Non-Clinical Workforce Revised: January 24, 2017 HIPAA Privacy Workforce Training The Health Insurance Portability & Accountability Act (HIPAA)
More informationIf you have any questions about this notice, please contact the SSHS Privacy Officer at:
Notice of Privacy Practices 0 Effective Date: April 14, 2003 Revision Date: July 15, 2016 South Shore Health System ( SSHS ) is an integrated health care delivery system. For a list of entities which comprise
More informationOffice of the Chief Privacy Officer. Privacy & Security in an App Enabled World HIMSS, Tuesday March 1, 2016, Las Vegas, NV
Office of the Chief Privacy Officer Privacy & Security in an App Enabled World HIMSS, Tuesday March 1, 2016, Las Vegas, NV Table of Contents Introduction Why Apps? What ONC is doing to advance use of Apps
More informationNotice of Privacy Practices
Notice of Privacy Practices Fuquay Eye Care 505 N. Judd Pkwy., N.E., Suite 109, Fuquay Varina, NC 27526 919-557-0308 www.fuquayeye.com Dr. Patrick O Dowd, Privacy Official 2-22-2017 We respect our legal
More informationIf you have any questions about this notice, please contact our privacy officer Dr. Jev Sikes at
Notice of Privacy Practices For Deep Eddy Psychotherapy THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT
More informationPARAGOULD DOCTORS CLINIC PRIVACY NOTICE
PARAGOULD DOCTORS CLINIC PRIVACY NOTICE Protected Health Information THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE
More informationRECEIPT OF NOTICE OF PRIVACY PRACTICES WRITTEN ACKNOWLEDGEMENT FORM. I,, have received a copy of Dr. Andy Hand s Notice of Privacy Practice.
Central Texas Institute Of Plastic Surgery, PA Dr. Andy Hand, M.D. Plastic and Reconstructive Surgery Cosmetic Plastic Surgery RECEIPT OF NOTICE OF PRIVACY PRACTICES WRITTEN ACKNOWLEDGEMENT FORM I,, have
More informationAccommodate reasonable requests you may have to communicate health information by alternative means or at alternative locations.
Collom & Carney Clinic Association NOTICE OF PRIVACY PRACTICES Effective Date: April 14, 2003 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED, AND HOW YOU CAN GET ACCESS
More informationHealth Insurance Portability and Accountability Act. Awareness Training for Volunteers
Health Insurance Portability and Accountability Act Awareness Training for Volunteers Southeastern Health Southeastern Health has a strong tradition of protecting the privacy of patient information. Confidentiality
More informationNOTICE OF PRIVACY PRACTICES
NOTICE OF PRIVACY PRACTICES Effective Date: July 12, 2017 THIS NOTICE OF PRIVACY PRACTICES ( NOTICE ) DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED, AND HOW YOU CAN GET ACCESS TO
More informationNew Employee Orientation HIPAA Privacy. Marcia Matthias, MJ, RHIA, CHPC Corporate Director, Health Information/Privacy Officer
New Employee Orientation HIPAA Privacy Marcia Matthias, MJ, RHIA, CHPC Corporate Director, Health Information/Privacy Officer Definitions HIPAA Health Insurance Portability and Accountability Act PHI Protected
More informationClarifying HIPAA Privacy Rules for Mental Health and Addiction Crises. National Council for Behavioral Health March 19, 2018
Clarifying HIPAA Privacy Rules for Mental Health and Addiction Crises National Council for Behavioral Health March 19, 2018 Webinar Logistics We recommend calling in on your telephone Phone: +1 (562) 247-8422
More informationStudent Orientation: HIPAA Health Insurance Portability & Accountability Act
_ Student Orientation: HIPAA Health Insurance Portability & Accountability Act HIPAA: National Privacy Law History of HIPAA What was once an ethical responsibility to protect a patient s privacy is now
More informationPatient Appointment Agreement
Patient Appointment Agreement Welcome and thank you for choosing the East Carolina University School of Dental Medicine for your oral health care needs. We are committed to providing you with the best
More informationNotice of Privacy Practices for Protected Health Information (PHI)
Notice of Privacy Practices for Protected Health Information (PHI) Dermatology Associates of Colorado, PC THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN
More informationNotice of. Privacy Practices. Dartmouth-Hitchcock Affiliated Covered Entity
Notice of Privacy Practices Dartmouth-Hitchcock Affiliated Covered Entity This Notice describes how medical information about you may be used and disclosed and how you can get access to this information.
More informationNOTICE OF PRIVACY PRACTICES
Our Responsibilities Notice of Privacy Practices - Page 1 NOTICE OF PRIVACY PRACTICES Our Responsibilities. Your Information. Your Rights. This Notice of Privacy Practices ( Notice ) explains how University
More informationNotice of Privacy Practices
Notice of Privacy Practices, pg. 1 of 5 Notice of Privacy Practices CATHOLIC CHARITIES OF THE ROMAN CATHOLIC DIOCESE OF SYRACUSE, NY This notice describes the privacy practices of Catholic Charities of
More informationFCSRMC 2017 HIPAA PRESENTATION
FCSRMC 2017 HIPAA PRESENTATION BDO USA, LLP, a Delaware limited liability partnership, is the U.S. member of BDO International Limited, a UK company limited by guarantee, and forms part of the international
More informationNOTICE OF PRIVACY PRACTICES
NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY. WHY ARE YOU GETTING
More informationPatient Privacy Requirements Beyond HIPAA
Patient Privacy Requirements Beyond HIPAA Jane Hyatt Thorpe, J.D. School of Public Health and Health Services George Washington University Carrie Bill, J.D. Feldesman Tucker Leifer Fidell LLP The George
More informationNOTICE OF PRIVACY PRACTICES
Amended September 2013 NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
More informationHH Health System-Shoals, LLC dba Helen Keller Hospital Notice of Privacy Practices
HH Health System-Shoals, LLC dba Helen Keller Hospital Notice of Privacy Practices THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.
More informationMURRAY MEDICAL CENTER HIPAA NOTICE OF PRIVACY PRACTICES
CW CR 618 Exhibit A MURRAY MEDICAL CENTER HIPAA NOTICE OF PRIVACY PRACTICES Effective Date: THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS
More informationHIPAA Privacy Rights and Operations Guide HIPAA Security Summary For the Practice of: Vail Aspen Breckenridge Dermatology
HIPAA Privacy Rights and Operations Guide HIPAA Security Summary For the Practice of: Vail Aspen Breckenridge Dermatology Publish Date: 1/2/2018 This guide has been created to serve Vail Aspen Breckenridge
More informationCatholic Charities Disabilities Services. In-Home Behavioral Support Services (2017)
Catholic Charities Disabilities Services In-Home Behavioral Support Services (2017) A Program funded through a Family Support Services Grant from OPWDD Submit Application and supporting documentation to:
More informationHCCA Institute Privacy Officer Round Table Discussion
HCCA Institute Privacy Officer Round Table Discussion Marti Arvin Deann Baker Why We re Here X A facilitated discussion of current issues that Privacy Professionals are dealing with in their day-to-day
More informationExecTech. The following examples help explain why the US Government created the HIPAA Privacy Rule.
ExecTech ExecTech Guideline Six Steps to HIPAA Rules Compliance HIPAA, the Health Insurance Portability and Accountability Act, became law in 1996. Its original intent was to help employees change jobs
More informationSlide 1 WHO IS THE CLIENT? WHO CONTROLS THE RECORD? ETHICS AND HIPAA. Slide 2. Slide 3. The Four As of Ethical Practice
Slide 1 WHO CONTROLS THE RECORD? ETHICS AND HIPAA 22 nd Oklahoma Child Abuse & Neglect Conference Norman, Oklahoma, on September 4, 2014 Dr. Arlene B. Schaefer, Ph.D. Forensic and Clinical Psychology Oklahoma
More informationHIPAA Privacy Rule. Best PHI Privacy Practices
HIPAA Privacy Rule Best PHI Privacy Practices Learning Objectives Define the acronym HIPAA. Understand your role and responsibilities under the privacy regulations. Know what patient s rights are in terms
More informationNOTICE OF PRIVACY PRACTICE UNIVERSITY OF CALIFORNIA SAN FRANCISCO DENTAL CENTER
Effective Date: February 1, 2018 NOTICE OF PRIVACY PRACTICE UNIVERSITY OF CALIFORNIA SAN FRANCISCO DENTAL CENTER THIS NOTICE DESCRIBES HOW HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW
More informationNotice of Privacy Practices
Notice of Privacy Practices Effective September 23, 2013 TCHC.org An equal opportunity employer and provider. CLINICS Baxter Bertha Henning Ottertail Sebeka Verndale Wadena HOSPITAL Wadena 415 Jefferson
More informationCHI Mercy Health. Definitions
CHI Mercy Health Definitions If you have any questions about this notice, please contact the CHI Mercy Health s Privacy Office at (701) 845-6540 or 570 Chautauqua Blvd, Valley City ND 58072. Notice of
More informationREVISED NOTICE OF PRIVACY PRACTICES ORIGINAL DATE: JANUARY 1, 2003 REVISED: JANUARY 16, 2014 REVISED: NOVEMBER 27, 2017 PLEASE REVIEW IT CAREFULLY
REVISED NOTICE OF PRIVACY PRACTICES ORIGINAL DATE: JANUARY 1, 2003 REVISED: JANUARY 16, 2014 REVISED: NOVEMBER 27, 2017 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED
More informationCLINICIAN S GUIDE TO HIPAA PRIVACY
CLINICIAN S GUIDE TO HIPAA PRIVACY Introduction... 2 What is HIPAA?... 2 Health Information Privacy... 2 Protected Health Information... 3 Identifiers... 3 HIPAA s Impact on Clinical Practice, Treatment,
More information2514 Stenson Dr Cedar Park TX Fax
HIPAA QUESTIONS LESSON 2 1. Civil monetary penalties can be as high as: a. $100 b. $1,000 c. $10,000 d. $50,000 2. Civil penalties for HIPAA violations apply to: a. Covered entities b. Business associates
More informationPEDIATRIC HEALTH ASSOCIATES HIPAA NOTICE OF PRIVACY PRACTICES
Policy effective date: 4-14-2003 Revised January 2014 PEDIATRIC HEALTH ASSOCIATES HIPAA NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND
More informationWHAT IS HIPAA? HIPAA is the ELECTRONIC transmission of Three programs have been enacted to date Privacy Rule April 2004
Rev. 1/22/2010 HIPAA TRAINING WHAT IS HIPAA? Health Insurance Portability and Accountability Act HIPAA is the ELECTRONIC transmission of Three programs have been enacted to date Privacy Rule April 2004
More informationPRIVACY POLICY USES AND DISCLOSURES FOR TREATMENT, PAYMENT, AND HEALTH CARE OPERATIONS
PRIVACY POLICY As of April 14, 2003, the Federal regulation on patient information privacy, known as the Health Insurance Portability and Accountability Act (HIPAA), requires that we provide (in writing)
More informationHumana At Home-Star Member Talking Points
At Home-Star Member Talking Points What are the CMS Medicare Star Ratings? The Center for Medicare & Medicaid Services (CMS) is a federal agency that oversees Medicare & Medicaid, and is part of the Department
More informationINFORMATION ABOUT Children s Mercy Hospitals and Clinics for our Affiliates
INFORMATION ABOUT Children s Mercy Hospitals and Clinics for our Affiliates The purpose of this brochure is to provide you with a brief orientation to Children s Mercy Hospitals and Clinics. It provides
More informationSouthwest Idaho Ear, Nose and Throat, P.A. Notice of Privacy Practices
Southwest Idaho Ear, Nose and Throat, P.A. Notice of Privacy Practices THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.
More informationHIPAA Education Program
HIPAA Education Program 2017-2018 Assurance and Compliance Services HIPAA Training Requirement This HIPAA Training Program is intended for and will satisfy the training requirement for the: Mount Sinai
More informationAUDIT DEPARTMENT UNIVERSITY MEDICAL CENTER HIPAA COMPLIANCE. For the period October 2008 through May JEREMIAH P. CARROLL II, CPA Audit Director
UNIVERSITY MEDICAL CENTER HIPAA COMPLIANCE For the period October 2008 through May 2009 JEREMIAH P. CARROLL II, CPA Audit Director Audit Department 500 S Grand Central Pkwy Ste 5006 PO Box 551120 Las Vegas
More informationMobile Mammo Registration Instructions
Mobile Mammo Registration Instructions 1. Call to schedule your appointment @ 239-936-4068 2. Fill out the following forms Note: All forms must be completed even if you were a previous patient on RRC Mobile
More informationNOTICE OF PRIVACY PRACTICES
Page 1 of 10 NOTICE OF PRIVACY PRACTICES EFFECTIVE DATE: The Notice of Privacy Practices became effective on April 14, 2003 and was amended on August 30, 2013. THIS NOTICE DESCRIBES HOW HEALTH INFORMATION
More informationFEDERAL AND STATE BREACH NOTIFICATION LAWS FOR CALIFORNIA
FEDERAL AND STATE BREACH NOTIFICATION LAWS FOR CALIFORNIA LEGAL CITATION California Civil Code Section 1798.82 California Health and Safety (H&S) Code Section 1280.15 42 U.S.C. Section 17932; 45 C.F.R.
More informationMEMPHIS LUNG PHYSICIANS FOUNDATION AN OFFICE OF BAPTIST MEDICAL GROUP NOTICE OF PRIVACY PRACTICES
MEMPHIS LUNG PHYSICIANS FOUNDATION AN OFFICE OF BAPTIST MEDICAL GROUP NOTICE OF PRIVACY PRACTICES Effective Date: September 23, 2013 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED
More informationCatholic Charities Disabilities Services 2017 Family Reimbursement Grant For Respite Funds 1 Park Place, Suite 200 Albany, NY (518)
Catholic Charities Disabilities Services 2017 Family Reimbursement Grant For Respite Funds 1 Park Place, Suite 200 Albany, NY 12205 (518) 783-1111 Instructions (Please read thoroughly prior to completing
More informationNOTICE OF PRIVACY PRACTICES MOUNT CARMEL HEALTH SYSTEM
NOTICE OF PRIVACY PRACTICES MOUNT CARMEL HEALTH SYSTEM Effective Date: 9/23/ 2013 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.
More informationNOTICE OF PRIVACY PRACTICES
NOTICE OF PRIVACY PRACTICES This notice describes how Pine Creek Medical Center may use and disclose your medical information, and how you may access this information. Please read through and review it
More informationYour Medical Record Rights in New Mexico
Your Medical Record Rights in New Mexico (A Guide to Consumer Rights under HIPAA) JOY PRITTS, JD NINA L. KUDSZUS HEALTH POLICY INSTITUTE GEORGETOWN UNIVERSITY Your Medical Record Rights in New Mexico (A
More informationEMS and the Law: How to Protect Yourself from Medical Negligence Claims and other Legal Considerations. Julia A. Rush, J.D.
EMS and the Law: How to Protect Yourself from Medical Negligence Claims and other Legal Considerations Julia A. Rush, J.D. Ambulance Chasing The myth of the frivolous malpractice lawsuit Medical, legal,
More informationInformed Consent for Treatment
Informed Consent for Treatment TO THE PATIENT: You have the right, as a patient, to be informed about your condition and the recommended diagnostic, physical therapy or rehabilitation treatment/procedure
More informationValley Regional Medical Center HIPAA AND HITECH EDUCATION
Valley Regional Medical Center HIPAA AND HITECH EDUCATION Privacy and Security of Protected Health Information 1 HIPAA and Its Purpose What is HIPAA? Health Insurance Portability and Accountability Act
More informationEast Carolina University 2010 Annual HIPAA Privacy Training
East Carolina University 2010 Annual HIPAA Privacy Training What are the HIPAA Privacy and Security Rules? Federal laws that govern the use and disclosure of health information of our patients and research
More informationPrivacy & Security: What You Need to Know
Privacy & Security: What You Need to Know DISCLAIMER: The views and opinions expressed in this presentation are those of the author and do not necessarily represent official policy or position of HIMSS.
More informationNOTICE OF PRIVACY PRACTICES
Student Health NOTICE OF PRIVACY PRACTICES UNIVERSITY OF CALIFORNIA STUDENT HEALTH SYSTEM THIS NOTICE DESCRIBES HOW HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO
More informationNotice of Privacy Practices
River Valley Chiropractic LLC Notice of Privacy Practices Effective 9/2014; Revised 9/2014 If you have any questions about this notice, please contact the River Valley Chiropractic Privacy Officer at 308-534-5840.
More informationNOTICE OF PRIVACY PRACTICES
535 East 70th Street New York, NY 10021 (212) 606-1000 Specialists in Mobility NOTICE OF PRIVACY PRACTICES Effective Date: April 14, 2003 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE
More information