HIPAA PRIVACY DIRECTIONS. HIPAA Privacy/Security Personal Privacy. What is HIPAA?

Size: px
Start display at page:

Download "HIPAA PRIVACY DIRECTIONS. HIPAA Privacy/Security Personal Privacy. What is HIPAA?"

Transcription

1 DIRECTIONS HIPAA Privacy/Security Personal Privacy 1. Read through entire online training presentation 2. Close the presentation and click on Online Trainings on the Intranet home page 3. Click on the HIPAA & Privacy On-line Test 4. Complete the test and submit. 5. Double check that you entered your address correctly. 2 What is HIPAA? HIPAA PRIVACY HIPAA stands for the Health Insurance Portability and Accountability Act of Among other things, the law includes the Privacy Rule, which creates national standards to protect the privacy of individuals protected health information (PHI), and the Security Rule, which establishes standards for securing PHI in electronic form

2 Catholic Charities and HIPAA Catholic Charities has a Privacy and Security officer for direction and guidance on policy and practice Michele Adams (Privacy Officer) Glenda Buzzelli (Security Officer) Catholic Charities is required to provide annual HIPAA training to all staff 5 PHI includes all individually identifiable health information relating to the: Past, present or future physical or mental condition of an individual Provision of health care to an individual Past, present or future payment for the provision of health care to an individual What is PHI? Health information is individually identifiable if it contains any of the following: Names Geographic subdivisions smaller than a state Dates directly related to an individual, including birth date, health care service admission or discharge dates Telephone numbers addresses Social security numbers Medical record numbers Health plan beneficiary numbers Certificate/Driver s license numbers Full face photographic images and any comparable images Any other unique identifying number, characteristic or code 6 Who is subject to the HIPAA Privacy and Security Rules? Entities covered by HIPAA are: Health care providers Health plans Health care clearing house (e.g., billing agent) Catholic Charities is a covered entity as health care providers. Health information collected and/or used by our staff are PHI and subject to the Privacy and Security Rules 7 What are the limitations on how we can use PHI internally or disclose PHI externally? The Privacy Rule establishes permitted uses and disclosures of PHI by covered entities such as Catholic Charities. When PHI is shared within Catholic Charities it is being used and when PHI is shared outside of Catholic Charities it is being disclosed You could be using or disclosing information: Verbally Via File or paper Computer Fax Flash drive 8 2

3 The Privacy Rule allows the use or disclosure of PHI: For treatment For payment For health care operations With authorization by the individual When compelled by law How do I know if I can share PHI? You can determine whether you can use or share PHI by answering the following questions: Is the disclosure for treatment, payment or health care operations purposes? If not, do you have authorization from the client or legal guardian? If not, is there a legal requirement for disclosure? If the answer is yes to any of the above you may share PHI both within and outside Catholic Charities 9 10 Even if use or disclosure of PHI is permitted we must ensure that we are using or disclosing the minimum necessary information permitted under the Privacy Rule The following questions help to determine if it is minimum necessary disclosure: What is the specific purpose for the request, use of disclosure? Exactly what information is required to accomplish the goal? Are you requesting/using/disclosing any information that is not relevant to the stated purpose of the request/use/disclosure? Are you requesting/using/disclosing an entire record without the entire record specifically identified? 11 Take care to protect PHI from accidental disclosure: Never release any item of personal information to anyone (except that individual or their legal representative) without the individual s knowledge and written approval Double check fax number to be sure it is correct and be sure the intended recipient is available to pick up the fax when delivered Don t send PHI by Keep all files containing PHI locked in file cabinets don t leave papers or files laying out Don t share client names and other identifiers in conversations that others may overhear Place computer screens so they are not readily visible by people passing by Password protect all computer files containing PHI and don t share passwords 12 3

4 Clients have the following rights in regards to their information Able to see their records Able to make copies of their record Able to correct any inaccuracies in their record Able to request restrictions on confidential information Able to know when, how, why, with whom and by whom their information was used or shared De-Identifying Information PHI cannot be disclosed without consent unless de-identified A group counseling progress note was cited in the last audit due to problems with the documentation. The supervisor made copies of the progress note to pass out at a staff meeting so that the staff could see a noncompliant note that resulted in a payback. The progress note should not have been used/disclosed unless it had been de-identified. What is de-identified information? Information that could not otherwise be used or disclosed without consent can be used if it has been de-identified. To de-identify all elements must be removed that make it possible to identify the individual to who it pertains. Remove names (client/family member), dates related to individual, telephone, , zip code, social security, etc Definitions Confidential Information any item of personal information that can be associated with an individual and is not readily available to the public Consent for Release of Information form use to obtain information from other individuals or organizations Information Transmittal form used to obtain prior to disclosure the approval/signature of clinical supervisor when valid authorization request has been received Minimum Necessary Disclosure limits the information to the minimum amount necessary to accomplish the intended purpose of the use or disclosure Notice of Privacy Practice program participants receive at the beginning services to ensure they are aware and informed of Catholic Charities privacy practices. Protected Health Information (PHI) individually identifiable information relating to the past, present or future physical or mental or condition of an individual, provision of health care to an individual, payment for health care provided to an individual. PHI includes information in any format paper (written), electronic, oral, photographs, videotapes, and other types of images,. Privacy Officer consulted whenever a situation presents itself that could involve the disclosure of information with the individual s knowledge or approval Security Officer consulted for loss or destruction of electronic protected health information, unauthorized access computer systems, and questions regarding systems security and staff security access to electronic protected health information. 15 Policies and Procedures Number Policies and Procedures HIPAA HIPAA Privacy Policy HIPAA HIPAA Security Policy Information Services Policies 16 4

5 HIPAA Security HIPAA SECURITY A second component of the Health Insurance Portability and Accountability Act of 1996 Established a national set of security standards for protecting certain health information that is held or transferred in electronic form The Security Rule operationalizes the protections contained in the Privacy Rule by addressing the technical and non-technical safeguards that organizations must put in place HIPAA Security The Basics The Security Rule applies to electronic protected health information (EPHI) that contains information that would allow someone to identify an individual. Protects confidentiality, integrity and availability of EPHI Example: An intake form with client name and address A billing transmission with social security number and a diagnosis HIPAA Security The Basics Catholic Charities must have reasonable safeguards in place to protect Electronic Protected Health Information against risks. These safeguards are in three categories: Administrative Physical Technical

6 Administrative Safeguards Some examples of administrative safeguards are as follows: Having a named HIPAA Security Officer Having a plan for security incidents and a disaster recovery plan for IT Training staff on security practices Having policies to describe and enforce safe practices in protecting information Physical Safeguards Below are some examples of physical safeguards in use by Catholic Charities: Locks on server doors and records rooms Locking computers with passwords No use of personal computers for work No writing passwords on sticky notes and leaving on monitors! Technical Safeguards Here are some examples of technical safeguards related to HIPAA Security: Limiting users on the network to only access what they need to access Ensuring that activity on the network is logged and reviewed to monitor network activity Locking network ports to use by a single machine Using secure transfer methods for transmitting client data Other Safeguards It is important for staff to understand where EPHI is stored and how it is accessed. An inventory should be developed to catalog where this information is stored and how it is accessed to assess for vulnerabilities. Reduce the number of locations where PHI is stored; move to single data sources to improve control

7 Other Safeguards It is a good practice to walk through your site to see where information may be accidentally discoverable. What information is on your sign in sheet? How are the computer screens hidden from view? Are programs left open with client data on the screen? PERSONAL PRIVACY Catholic Charities collects, maintains and uses employee personal information to satisfy business needs and conform to applicable legal requirements. Catholic Charities preserve privacy for the employee, by limiting access only to those who have a legitimate need to know. 7

8 Personnel files are continually reviewed and updated. Examples of personal information which may be in personnel files include, but are not limited to: Hiring Information: employment applications, résumés, employment offer letters, acceptance letters, commendations, verification (copies) of credentials, employment references, verification of employment eligibility (I-9), criminal records check information and/or notification of charge(s)/conviction(s) of criminal offense(s). Wage or salary information: compensation change documentation. Work-related information: performance evaluations, hire dates, disciplinary warnings, layoff notices, documentation pertaining to leaves of absences, attendance records. 8

9 Educational information: documentation from high schools, colleges, technical schools, training courses and workshops, system and site orientations, acknowledgement of receipt of employee handbook. A separate employee benefit file is retained for each employee. This file is separate from the personnel file. Benefits information may include: Birth date, medical records, authorization to pay deductions and withholdings and retirement records. This information is only released on a strict need to know basis. An employee must authorize, in writing, the release of information from his/her personnel file if the request is from an external source. 9

10 Information is released in response to authorized requests from law enforcement agencies, including investigations, summonses, subpoenas and judicial orders. Catholic Charities does not need to inform an employee that personal information has been disclosed to law enforcement agencies if it concerns an investigation of the employee s conduct, especially when the employee s actions endanger other employees, security and/or property. The information discussed above references the paper personnel files maintained by the Human Resources Department. Please note the same rules regarding the confidentiality of employees personal information applies to electronic files. 10

11 Additionally, the requirement to maintain the confidentiality of employees personal information extends beyond employees of the HR department and applies to employees of the Finance department and also employees of the Information Services department. More broadly, Catholic Charities expects that any employee who may gain knowledge of employee personal information in the course of his or her work, will maintain the confidentiality of that information. 11

WHAT IS HIPAA? HIPAA is the ELECTRONIC transmission of Three programs have been enacted to date Privacy Rule April 2004

WHAT IS HIPAA? HIPAA is the ELECTRONIC transmission of Three programs have been enacted to date Privacy Rule April 2004 Rev. 1/22/2010 HIPAA TRAINING WHAT IS HIPAA? Health Insurance Portability and Accountability Act HIPAA is the ELECTRONIC transmission of Three programs have been enacted to date Privacy Rule April 2004

More information

HIPAA PRIVACY TRAINING

HIPAA PRIVACY TRAINING HIPAA PRIVACY TRAINING HIPAA Privacy Training Objective Present a general overview of HIPAA and define important terms Understand the purpose of HIPAA and the Privacy Rule Understand the term Protected

More information

Study Management PP STANDARD OPERATING PROCEDURE FOR Safeguarding Protected Health Information

Study Management PP STANDARD OPERATING PROCEDURE FOR Safeguarding Protected Health Information PP-501.00 SOP For Safeguarding Protected Health Information Effective date of version: 01 April 2012 Study Management PP 501.00 STANDARD OPERATING PROCEDURE FOR Safeguarding Protected Health Information

More information

HIPAA. Health Insurance Portability and Accountability Act. Presented by the UMMC Office of Integrity and Compliance

HIPAA. Health Insurance Portability and Accountability Act. Presented by the UMMC Office of Integrity and Compliance HIPAA Health Insurance Portability and Accountability Act Presented by the UMMC Office of Integrity and Compliance Rules and Regulations to ensure Privacy Set Federally recognized standards to ensure both

More information

Compliance Program, Code of Conduct, and HIPAA

Compliance Program, Code of Conduct, and HIPAA Compliance Program, Code of Conduct, and HIPAA Agenda Introduction to Compliance The Compliance Program Code of Conduct Reporting Concerns HIPAA Why have a Compliance Program Procedures to follow applicable

More information

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT INSTRUCTIONS Read through this presentation. Submit completed post test to the Portage County MRC Coordinator. Estimated completion time: 1 hour Learning

More information

Information Privacy and Security

Information Privacy and Security Information Privacy and Security 2015 Purpose of HIPAA HIPAA stands for the Health Insurance Portability and Accountability Act. Its purpose is to establish nationwide protection of patient confidentiality,

More information

HIPAA THE PRIVACY RULE

HIPAA THE PRIVACY RULE HIPAA THE PRIVACY RULE Reviewed December 2012 HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of antidepressant medications in their mail. 2 HISTORY Many

More information

HIPAA Training

HIPAA Training 2011-2012 HIPAA Training New Hire Orientation and General Training 1 This training is to ensure all Health Management workforce members (associates, contracted individuals, volunteers and students) understand

More information

PRIVACY POLICIES AND PROCEDURES

PRIVACY POLICIES AND PROCEDURES Vinay M. Reddy, M.D., Ethelynda Jaojoco, M.D. Karen D. Cain, PA-C Julie J. Stackhouse, PA-C Jacie Touart, PA-C Brian Vaccarezza, PA-C Physical Medicine & Rehabilitation Electrodiagnostic Medicine Disorders

More information

HIPAA Education Program

HIPAA Education Program HIPAA Education Program 2017-2018 Assurance and Compliance Services HIPAA Training Requirement This HIPAA Training Program is intended for and will satisfy the training requirement for the: Mount Sinai

More information

Privacy and Security Orientation for Visiting Observers. DUHS Compliance Office

Privacy and Security Orientation for Visiting Observers. DUHS Compliance Office Privacy and Security Orientation for Visiting Observers DUHS Compliance Office 919-668-2573 compliance@dm.duke.edu Introduction This orientation is to provide new Visiting Observers with the HIPAA Privacy

More information

Health Information Privacy Policies and Procedures

Health Information Privacy Policies and Procedures University of the Pacific Arthur A. Dugoni School of Dentistry Health Information Privacy Policies and s These Health Information Privacy Policies & s implement our obligations to protect the privacy of

More information

MCCP Online Orientation

MCCP Online Orientation 1 Objectives At the conclusion of this presentation, students will be able to: Discuss application of HIPAA to student s role. Describe the federal requirements of the HIPAA/HITECH regulations that protect

More information

VHA Privacy Policy Training FY VHA Privacy Office

VHA Privacy Policy Training FY VHA Privacy Office VHA Privacy Policy Training Applicable Confidentiality Statutes and Regulations The following legal provisions govern the collection, use, maintenance, and disclosure of information from VHA records. The

More information

Breach Reporting and Safeguarding PHI Outpatient Services August, UAMS HIPAA Office Anita Westbrook

Breach Reporting and Safeguarding PHI Outpatient Services August, UAMS HIPAA Office Anita Westbrook Breach Reporting and Safeguarding PHI Outpatient Services August, 2012 UAMS HIPAA Office Anita Westbrook Breaches and Breach Reporting Real Life Example An employee of a large hospital accidentally left

More information

YALE UNIVERSITY THE RESEARCHERS GUIDE TO HIPAA. Health Insurance Portability and Accountability Act of 1996

YALE UNIVERSITY THE RESEARCHERS GUIDE TO HIPAA. Health Insurance Portability and Accountability Act of 1996 YALE UNIVERSITY THE RESEARCHERS GUIDE TO HIPAA Health Insurance Portability and Accountability Act of 1996 Handbook Table of Contents I. Introduction What is HIPAA? What is PHI? What is a Covered Entity

More information

LifeBridge Health HIPAA Policy 4. Uses of Protected Health Information for Research

LifeBridge Health HIPAA Policy 4. Uses of Protected Health Information for Research LifeBridge Health HIPAA Policy 4 Uses of Protected Health Information for Research This Policy contains the following Sections: I. Policy II. III. IV. Definitions Applicability Procedures A. Individual

More information

Advanced HIPAA Communications and University Relations

Advanced HIPAA Communications and University Relations Advanced HIPAA Communications and University Relations accepts no liability of any use reliance placed on it, as it is warranty, express, or implied, or completeness of 1 the HIPAA Health Insurance Portability

More information

HIPAA Privacy Training for Non-Clinical Workforce

HIPAA Privacy Training for Non-Clinical Workforce Office of Compliance Programs HIPAA Privacy Training for Non-Clinical Workforce Revised: January 24, 2017 HIPAA Privacy Workforce Training The Health Insurance Portability & Accountability Act (HIPAA)

More information

IRB 101. Rachel Langhofer Joan Rankin Shapiro Research Administration UA College of Medicine - Phoenix

IRB 101. Rachel Langhofer Joan Rankin Shapiro Research Administration UA College of Medicine - Phoenix IRB 101 Rachel Langhofer Joan Rankin Shapiro Research Administration UA College of Medicine - Phoenix Contents Brief discussion of regulations IRB Structure Levels of Approval Informed Consent HIPAA/HITECH

More information

Health Insurance Portability and Accountability Act (HIPAA)

Health Insurance Portability and Accountability Act (HIPAA) HIPPA Review Health Insurance Portability and Accountability Act (HIPAA) What is HIPAA: Stands for Health Insurance Portability and Accountability Act Addresses three areas: 1. Insurance portability 2.

More information

What is HIPAA? Purpose. Health Insurance Portability and Accountability Act of 1996

What is HIPAA? Purpose. Health Insurance Portability and Accountability Act of 1996 Patient Privacy and HIPAA/HITECH What is HIPAA? Health Insurance Portability and Accountability Act of 1996 Implemented in 2003 Title II Administrative Simplification It s a federal law HIPAA is mandatory,

More information

CHI Mercy Health. Definitions

CHI Mercy Health. Definitions CHI Mercy Health Definitions If you have any questions about this notice, please contact the CHI Mercy Health s Privacy Office at (701) 845-6540 or 570 Chautauqua Blvd, Valley City ND 58072. Notice of

More information

CLINICIAN S GUIDE TO HIPAA PRIVACY

CLINICIAN S GUIDE TO HIPAA PRIVACY CLINICIAN S GUIDE TO HIPAA PRIVACY Introduction... 2 What is HIPAA?... 2 Health Information Privacy... 2 Protected Health Information... 3 Identifiers... 3 HIPAA s Impact on Clinical Practice, Treatment,

More information

Student Orientation: HIPAA Health Insurance Portability & Accountability Act

Student Orientation: HIPAA Health Insurance Portability & Accountability Act _ Student Orientation: HIPAA Health Insurance Portability & Accountability Act HIPAA: National Privacy Law History of HIPAA What was once an ethical responsibility to protect a patient s privacy is now

More information

Chapter 9 Legal Aspects of Health Information Management

Chapter 9 Legal Aspects of Health Information Management Chapter 9 Legal Aspects of Health Information Management EXERCISE 9-1 Legal and Regulatory Terms 1. T 2. F 3. F 4. F 5. F EXERCISE 9-2 Maintaining the Patient Record in the Normal Course of Business 1.

More information

INSTITUTIONAL REVIEW BOARD Investigator Guidance Series HIPAA PRIVACY RULE & AUTHORIZATION THE UNIVERSITY OF UTAH. Definitions.

INSTITUTIONAL REVIEW BOARD Investigator Guidance Series HIPAA PRIVACY RULE & AUTHORIZATION THE UNIVERSITY OF UTAH. Definitions. HIPAA PRIVACY RULE & AUTHORIZATION Definitions Breach. The term breach means the unauthorized acquisition, access, use, or disclosure of protected health information which compromises the security or privacy

More information

National Health Information Privacy and Security Week. Understanding the HIPAA Privacy and Security Rule

National Health Information Privacy and Security Week. Understanding the HIPAA Privacy and Security Rule National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule HIPAA Privacy and Security HIPAA Privacy Rule Final implementation April 14, 2003 Today: Monitor

More information

HIPAA and HITECH: Privacy and Security of Protected Health Information

HIPAA and HITECH: Privacy and Security of Protected Health Information HIPAA and HITECH: Privacy and Security of Protected Health Information What is HIPAA? Health Insurance Portability and Accountability Act of 1996 A federal law enacted to: Protect the privacy of a patient

More information

WELCOME. Payment will be expected at the time of service. Please remember our 24 hour cancellation notice.

WELCOME. Payment will be expected at the time of service. Please remember our 24 hour cancellation notice. WELCOME Those of us at Crossroads Counseling want to thank you for choosing to work with us and we want to make your time with us as productive as possible. In order to expedite the intake process, please

More information

HIPAA for CNAs. This course has been awarded one (1.0) contact hour. This course expires on May 31, 2020.

HIPAA for CNAs. This course has been awarded one (1.0) contact hour. This course expires on May 31, 2020. HIPAA for CNAs This course has been awarded one (1.0) contact hour. This course expires on May 31, 2020. Copyright 2015 by RN.com. All Rights Reserved. Reproduction and distribution of these materials

More information

To ensure proper disclosure and release of Protected Health Information (PHI) Division/Department: All HealthPoint Policy/Procedure #:

To ensure proper disclosure and release of Protected Health Information (PHI) Division/Department: All HealthPoint Policy/Procedure #: TITLE: Release of Medical Records Scope/Purpose: POLICY & PROCEDURE To ensure proper disclosure and release of Protected Health Information (PHI) Division/Department: All HealthPoint Policy/Procedure #:

More information

Safeguarding PHI Nutrition Services. UAMS HIPAA Office May 2015

Safeguarding PHI Nutrition Services. UAMS HIPAA Office May 2015 Safeguarding PHI Nutrition Services UAMS HIPAA Office May 2015 HIPAA (not HIPPA) What is HIPAA? The Health Insurance Portability and Accountability Act is a federal law that protects the privacy and security

More information

Chapter 19 Section 3. Privacy And Security Of Protected Health Information (PHI)

Chapter 19 Section 3. Privacy And Security Of Protected Health Information (PHI) Health Insurance Portability and Accountability Act (HIPAA) of 1996 Chapter 19 Section 3 1.0 BACKGROUND AND APPLICABILITY 1.1 The contractor shall comply with the provisions of the Health Insurance Portability

More information

PROCEDURE-STUDENT RECORDS

PROCEDURE-STUDENT RECORDS PROCEDURE-STUDENT RECORDS 3600P This procedure specifies the management of student records by the District. These procedures are aligned with the Family Educational Rights and Privacy Act (FERPA). Type

More information

East Carolina University 2010 Annual HIPAA Privacy Training

East Carolina University 2010 Annual HIPAA Privacy Training East Carolina University 2010 Annual HIPAA Privacy Training What are the HIPAA Privacy and Security Rules? Federal laws that govern the use and disclosure of health information of our patients and research

More information

Emergency Medical Services Division Policies Procedures Protocols

Emergency Medical Services Division Policies Procedures Protocols Emergency Medical Services Division Policies Procedures Protocols Patient Medical Record Security and Privacy Policies and Procedures (1003.00) I. GENERAL PROVISIONS: A. The intent of these policies and

More information

The HIPAA privacy rule and long-term care : a quick guide for researchers

The HIPAA privacy rule and long-term care : a quick guide for researchers Scripps Gerontology Center Scripps Gerontology Center Publications Miami University Year 2005 The HIPAA privacy rule and long-term care : a quick guide for researchers Jane Straker Patricia Faust Miami

More information

[Enter Organization Logo] CONSENT TO DISCLOSE HEALTH INFORMATION UNDER MINNESOTA LAW. Policy Number: [Enter] Effective Date: [Enter]

[Enter Organization Logo] CONSENT TO DISCLOSE HEALTH INFORMATION UNDER MINNESOTA LAW. Policy Number: [Enter] Effective Date: [Enter] CONSENT TO DISCLOSE HEALTH INFORMATION UNDER MINNESOTA LAW I. Policy: Policy Number: [Enter] Effective Date: [Enter] A. Purpose This policy establishes consent requirements for the disclosure of health

More information

HIPAA Policies and Procedures Manual

HIPAA Policies and Procedures Manual UNIVERSITY of NORTH CAROLINA at CHAPEL HILL SCHOOL of NURSING HIPAA Policies and Procedures Manual November 2015 1 Table of Contents I. INTRODUCTION... 3 A. GENERAL POLICY... 3 B. SCOPE... 3 II. DEFINITIONS...

More information

Parental Consent For Minors to Receive Services

Parental Consent For Minors to Receive Services Parental Consent For Minors to Receive Services Welcome to the University of San Diego s Wellness Area! We appreciate your coming our way, and look forward to working with you. The following provides important

More information

Information Sharing and HIPAA Compliance

Information Sharing and HIPAA Compliance Information Sharing and HIPAA Compliance The Health Insurance Portability and Accountability Act (HIPAA) became a federal law in 1996 and it is administered by the Department of Health and Human Services

More information

Notice of Privacy Practices

Notice of Privacy Practices Notice of Privacy Practices, pg. 1 of 5 Notice of Privacy Practices CATHOLIC CHARITIES OF THE ROMAN CATHOLIC DIOCESE OF SYRACUSE, NY This notice describes the privacy practices of Catholic Charities of

More information

Section: Medical Staff Office Page: 1 of 2

Section: Medical Staff Office Page: 1 of 2 Section: Medical Staff Office Page: 1 of 2 Subject: Job Shadowers and Observers Not Covered Under Clinical Affiliation Agreement Executive Owner: Chief Medical Officer Original Policy: 6/4/13 Current Effective

More information

Privacy and Security For Teammates

Privacy and Security For Teammates Privacy and Security For Teammates This self-directed learning module contains information all CRHS Teammates are expected to know in order to protect our patients, our guests, and ourselves. Target Audience:

More information

Notice of Privacy Practices

Notice of Privacy Practices River Valley Chiropractic LLC Notice of Privacy Practices Effective 9/2014; Revised 9/2014 If you have any questions about this notice, please contact the River Valley Chiropractic Privacy Officer at 308-534-5840.

More information

ENTERPRISE INCOME VERIFICATION (EIV) SECURITY POLICY

ENTERPRISE INCOME VERIFICATION (EIV) SECURITY POLICY ENTERPRISE INCOME VERIFICATION (EIV) SECURITY POLICY Rev. October 2011 EIV Security Policy Acknowledgment Form By signing this form I acknowledge my receipt of the EIV System Security Policy approved by

More information

A general review of HIPAA standards and privacy practices 2016

A general review of HIPAA standards and privacy practices 2016 A general review of HIPAA standards and privacy practices 2016 45 CFR, 164 Health Insurance Portability and Accountability Act Treatment, Payment and Healthcare Operations 42 CFR, Part 2, Confidentiality

More information

always legally required to follow the privacy practices described in this Notice.

always legally required to follow the privacy practices described in this Notice. The ANXIETY & STRESS MANAGEMENT INSTITUTE 1640 Powers Ferry Rd, Building 9, Suite 10 0, Marietta, Georgia 30067, 770-953-0080 Health Insurance Portability and Accountability Act (HIPAA) NOTICE OF PRIVACY

More information

The Privacy & Security of Protected Health Information

The Privacy & Security of Protected Health Information The Privacy & Security of Protected Health Information By the end of this course, you should: Be familiar with the patient s rights to privacy under HIPAA Privacy Act Be able to identify Protected Health

More information

2018 Employee HIPAA Orientation (EHO) Handbook

2018 Employee HIPAA Orientation (EHO) Handbook 2018 Employee HIPAA Orientation (EHO) Handbook Using EHO The material in this booklet is designed to provide newly hired employees with an understanding of HIPAA s regulations and their impact on the employee

More information

Navigating HIPAA Regulations. Michelle C. Stickler, DEd Director, Research Subjects Protections

Navigating HIPAA Regulations. Michelle C. Stickler, DEd Director, Research Subjects Protections Navigating HIPAA Regulations Michelle C. Stickler, DEd Director, Research Subjects Protections mcstickler@vcu.edu 828-0131 Key Definitions Covered Entity: Organization that handles identifiable health

More information

Updated FY15 Dignity Health General Compliance Education for Staff Module 2

Updated FY15 Dignity Health General Compliance Education for Staff Module 2 Updated FY15 Dignity Health General Compliance Education for Staff Module 2 This course will provide you with important information about the laws and regulations that affect the healthcare industry, our

More information

Privacy and Security Compliance: The. Date Presenter Name of Member Organization

Privacy and Security Compliance: The. Date Presenter Name of Member Organization Privacy and Security Compliance: The Basics Date Presenter Name of Member Organization Privacy and Security Compliance: The Context for What We Do Privacy and Security compliance within (your office) is

More information

SCHOOL OF PUBLIC HEALTH. HIPAA Privacy Training

SCHOOL OF PUBLIC HEALTH. HIPAA Privacy Training SCHOOL OF PUBLIC HEALTH HIPAA Privacy Training Public Health and HIPAA This presentation will address the HIPAA Privacy regulations as they effect the activities of the School of Public Health. It is imperative

More information

Protecting Patient Privacy It s Everyone s Responsibility

Protecting Patient Privacy It s Everyone s Responsibility 1 of 27 Protecting Patient Privacy It s Everyone s Responsibility This presentation is comprised of 27 screens. When you have finished reading a screen, click your mouse to continue to the next screen.

More information

Payment: We are permitted to use and disclose your health information to receive payment for our services. For example, we may:

Payment: We are permitted to use and disclose your health information to receive payment for our services. For example, we may: Your Rx Pharmacy Notice of our privacy practices THIS NOTICE DESCRIBES HOW HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

More information

REVIEWED BY Leadership & Privacy Officer Medical Staff Board of Trust. Signed Administrative Approval On File

REVIEWED BY Leadership & Privacy Officer Medical Staff Board of Trust. Signed Administrative Approval On File The Alexandra Hospital, Ingersoll PRIVACY POLICY SUBJECT-TITLE Privacy Policy REVIEWED BY Leadership & Privacy Officer Medical Staff Board of Trust DATE Oct 11, 2005 Nov 8, 2005 POLICY CODE DATE OF ORIGIN

More information

Presented by the UAMS HIPAA Office August 2013 Anita B. Westbrook

Presented by the UAMS HIPAA Office August 2013 Anita B. Westbrook HIPAA and Social Media and other PHI Safeguards Presented by the UAMS HIPAA Office August 2013 Anita B. Westbrook Social Networking Let s Talk Facebook More than 750 million users Average user has 130

More information

INFORMED CONSENT DOCUMENT. Project Title: The Contraceptive Choice Center: an innovative health services delivery and payment model

INFORMED CONSENT DOCUMENT. Project Title: The Contraceptive Choice Center: an innovative health services delivery and payment model INFORMED CONSENT DOCUMENT Project Title: The Contraceptive Choice Center: an innovative health services delivery and payment model Principal Investigator: Research Team Contact: Tessa Madden Linda Buchanan

More information

DE-IDENTIFICATION OF PROTECTED HEALTH INFORMATION (PHI)

DE-IDENTIFICATION OF PROTECTED HEALTH INFORMATION (PHI) PRIVACY 8.0 DE-IDENTIFICATION OF PROTECTED HEALTH INFORMATION (PHI) Scope: Purpose: All workforce members (employees and non-employees), including employed medical staff, management, and others who have

More information

Williamson County EMS (WCEMS) HIPAA Training for Third Out Riders

Williamson County EMS (WCEMS) HIPAA Training for Third Out Riders Williamson County EMS (WCEMS) HIPAA Training for Third Out Riders Training Statement: This training program is designed to educate you on WCEMS legal requirements to protect our patients rights and confidentiality,

More information

Notice of Privacy Practices

Notice of Privacy Practices Notice of Privacy Practices Effective September 23, 2013 TCHC.org An equal opportunity employer and provider. CLINICS Baxter Bertha Henning Ottertail Sebeka Verndale Wadena HOSPITAL Wadena 415 Jefferson

More information

A Better You Counseling Services, LLC 1225 Johnson Ferry Road, Ste 170 Marietta GA

A Better You Counseling Services, LLC 1225 Johnson Ferry Road, Ste 170 Marietta GA A Better You Counseling Services, LLC 1225 Johnson Ferry Road, Ste 170 Marietta GA 30068 404-216-1135 Health Insurance Portability and Accountability Act (HIPAA) NOTICE OF PRIVACY PRACTICES I. COMMITMENT

More information

The Queen s Medical Center HIPAA Training Packet for Researchers

The Queen s Medical Center HIPAA Training Packet for Researchers The Queen s Medical Center HIPAA Training Packet for Researchers 1 The Queen s Medical Center HIPAA Training Packet for Researchers Table of Contents Overview of HIPAA and Research 3 Penalties for violations

More information

Mobile Mammo Registration Instructions

Mobile Mammo Registration Instructions Mobile Mammo Registration Instructions 1. Call to schedule your appointment @ 239-936-4068 2. Fill out the following forms Note: All forms must be completed even if you were a previous patient on RRC Mobile

More information

If you have any questions about this notice, please contact our privacy officer Dr. Jev Sikes at

If you have any questions about this notice, please contact our privacy officer Dr. Jev Sikes at Notice of Privacy Practices For Deep Eddy Psychotherapy THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT

More information

Catholic Charities Disabilities Services. In-Home Behavioral Support Services (2017)

Catholic Charities Disabilities Services. In-Home Behavioral Support Services (2017) Catholic Charities Disabilities Services In-Home Behavioral Support Services (2017) A Program funded through a Family Support Services Grant from OPWDD Submit Application and supporting documentation to:

More information

1 LAWS of MINNESOTA 2014 Ch 250, s 3. CHAPTER 250--H.F.No BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF MINNESOTA:

1 LAWS of MINNESOTA 2014 Ch 250, s 3. CHAPTER 250--H.F.No BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF MINNESOTA: 1 LAWS of MINNESOTA 2014 Ch 250, s 3 CHAPTER 250--H.F.No. 2467 An act relating to human services; modifying requirements for human services background studies;amending Minnesota Statutes 2012, sections

More information

PATIENT INFORMATION. In Case of Emergency Notification

PATIENT INFORMATION. In Case of Emergency Notification PATIENT INFORMATION Patient Name Date Nickname DOB Age Sex Race/Ethnicity Language(s) spoken at home Person completing form Relation to Patient Patient Address City State Zip Phone # Other Phone Medical

More information

VOLUNTEER APPLICATION

VOLUNTEER APPLICATION Thank you for your interest in Estes Park Medical Center. The mission of the Estes Park Medical Center is to make a positive difference in the health and wellbeing of all we serve. VOLUNTEER APPLICATION

More information

RECEIPT OF NOTICE OF PRIVACY PRACTICES WRITTEN ACKNOWLEDGEMENT FORM. I,, have received a copy of Dr. Andy Hand s Notice of Privacy Practice.

RECEIPT OF NOTICE OF PRIVACY PRACTICES WRITTEN ACKNOWLEDGEMENT FORM. I,, have received a copy of Dr. Andy Hand s Notice of Privacy Practice. Central Texas Institute Of Plastic Surgery, PA Dr. Andy Hand, M.D. Plastic and Reconstructive Surgery Cosmetic Plastic Surgery RECEIPT OF NOTICE OF PRIVACY PRACTICES WRITTEN ACKNOWLEDGEMENT FORM I,, have

More information

HIPAA Privacy Rule. Best PHI Privacy Practices

HIPAA Privacy Rule. Best PHI Privacy Practices HIPAA Privacy Rule Best PHI Privacy Practices Learning Objectives Define the acronym HIPAA. Understand your role and responsibilities under the privacy regulations. Know what patient s rights are in terms

More information

The University of Toledo. Corporate Compliance and HIPAA Training. Presented by: The Compliance and Privacy Office

The University of Toledo. Corporate Compliance and HIPAA Training. Presented by: The Compliance and Privacy Office The University of Toledo Corporate Compliance and HIPAA Training Presented by: The Compliance and Privacy Office Topics Compliance HIPAA (Health Insurance Portability and Accountability Act) FERPA( Family

More information

Title: HIPAA PRIVACY ADMINISTRATIVE

Title: HIPAA PRIVACY ADMINISTRATIVE Administrative-HIPAA Privacy Title: HIPAA PRIVACY ADMINISTRATIVE Scope: All MultiCare Health System (MHS) workforce members, which includes but not limited to, employees, residents, students, volunteers

More information

What is your start date? (Date in which you plan to begin seeing patients in the hospital). Specialty SECTION I. IDENTIFICATION DATA

What is your start date? (Date in which you plan to begin seeing patients in the hospital). Specialty SECTION I. IDENTIFICATION DATA This Application is for Non-employed Clinical Assistants (RN, dental assistant, orthotist, etc) who wish to assist a supervising physician at one or more of our facilities. Advanced Practice Nurses (CRNA,

More information

Pennsylvania Hospital & Surgery Center ADMINISTRATIVE POLICY MANUAL

Pennsylvania Hospital & Surgery Center ADMINISTRATIVE POLICY MANUAL Page 1 Issued: POLICY: Committee Approval: HIPAA Administrative Policy Review Committee: April 2003 April 2005 April 2006 April 2007 April 2008 Attachment(s): For purposes of this policy, Pennsylvania

More information

INLAND EMPIRE HEALTH PLAN CODE OF BUSINESS CONDUCT AND ETHICS. Our shared commitment to honesty, integrity, transparency and accountability

INLAND EMPIRE HEALTH PLAN CODE OF BUSINESS CONDUCT AND ETHICS. Our shared commitment to honesty, integrity, transparency and accountability INLAND EMPIRE HEALTH PLAN CODE OF BUSINESS CONDUCT AND ETHICS Our shared commitment to honesty, integrity, transparency and accountability UPDATED: February 2014 TABLE OF CONTENTS Topic Page A. The IEHP

More information

If you have any questions about this notice, please contact the SSHS Privacy Officer at:

If you have any questions about this notice, please contact the SSHS Privacy Officer at: Notice of Privacy Practices 0 Effective Date: April 14, 2003 Revision Date: July 15, 2016 South Shore Health System ( SSHS ) is an integrated health care delivery system. For a list of entities which comprise

More information

COMPLIANCE PROGRAM. Our commitment to ethical conduct and compliance depends on all employees having a clear understanding of Corporate expectations.

COMPLIANCE PROGRAM. Our commitment to ethical conduct and compliance depends on all employees having a clear understanding of Corporate expectations. COMPLIANCE PROGRAM Our commitment to ethical conduct and compliance depends on all employees having a clear understanding of Corporate expectations. SpecialCare Hospital Management Corporation s Commitment

More information

AUDIT DEPARTMENT UNIVERSITY MEDICAL CENTER HIPAA COMPLIANCE. For the period October 2008 through May JEREMIAH P. CARROLL II, CPA Audit Director

AUDIT DEPARTMENT UNIVERSITY MEDICAL CENTER HIPAA COMPLIANCE. For the period October 2008 through May JEREMIAH P. CARROLL II, CPA Audit Director UNIVERSITY MEDICAL CENTER HIPAA COMPLIANCE For the period October 2008 through May 2009 JEREMIAH P. CARROLL II, CPA Audit Director Audit Department 500 S Grand Central Pkwy Ste 5006 PO Box 551120 Las Vegas

More information

PRIVACY IMPACT ASSESSMENT (PIA) For the

PRIVACY IMPACT ASSESSMENT (PIA) For the PRIVACY IMPACT ASSESSMENT (PIA) For the PARATA SYSTEM SUITE Air Force Medical Support Agency SECTION 1: IS A PIA REQUIRED? a. Will this Department of Defense (DoD) information system or electronic collection

More information

DATA PROTECTION POLICY

DATA PROTECTION POLICY DATA PROTECTION POLICY Document Number 2010/35/V1 Document Title Data Protection Policy Author Nic McCullagh Author s Job Title Information Governance Manager Department IM&T Ratifying Committee Capacity

More information

REVISED NOTICE OF PRIVACY PRACTICES ORIGINAL DATE: JANUARY 1, 2003 REVISED: JANUARY 16, 2014 REVISED: NOVEMBER 27, 2017 PLEASE REVIEW IT CAREFULLY

REVISED NOTICE OF PRIVACY PRACTICES ORIGINAL DATE: JANUARY 1, 2003 REVISED: JANUARY 16, 2014 REVISED: NOVEMBER 27, 2017 PLEASE REVIEW IT CAREFULLY REVISED NOTICE OF PRIVACY PRACTICES ORIGINAL DATE: JANUARY 1, 2003 REVISED: JANUARY 16, 2014 REVISED: NOVEMBER 27, 2017 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED

More information

SCARF. Serving Children and Reaching Families, LLC. Client Handbook

SCARF. Serving Children and Reaching Families, LLC. Client Handbook SCARF Serving Children and Reaching Families, LLC Client Handbook Table of Content Who We Serve..... 3 Our Services..... 3 Our Service Philosophy........... 4 Our Mission Statement....... 4 Our Client

More information

PCA CHOICE TRATIIONAL PCA

PCA CHOICE TRATIIONAL PCA 11. PCA PROVIDER WRITTEN AGREEMENT PCA CHOICE TRATIIONAL PCA Agreement between Best Home Care, an enrolled PCA provider with the State of Minnesota (hereinafter Consumer ); Consumer Roles and Responsibilities

More information

FCSRMC 2017 HIPAA PRESENTATION

FCSRMC 2017 HIPAA PRESENTATION FCSRMC 2017 HIPAA PRESENTATION BDO USA, LLP, a Delaware limited liability partnership, is the U.S. member of BDO International Limited, a UK company limited by guarantee, and forms part of the international

More information

Compliance and Privacy/Security Training Academic Year

Compliance and Privacy/Security Training Academic Year Compliance and Privacy/Security Training Academic Year 2017-18 Dear Student, Welcome to UConn Health. This training packet includes a general overview of compliance principles, UConn Health s Compliance

More information

Valley Regional Medical Center HIPAA AND HITECH EDUCATION

Valley Regional Medical Center HIPAA AND HITECH EDUCATION Valley Regional Medical Center HIPAA AND HITECH EDUCATION Privacy and Security of Protected Health Information 1 HIPAA and Its Purpose What is HIPAA? Health Insurance Portability and Accountability Act

More information

HIPAA Privacy Rule and Sharing Information Related to Mental Health

HIPAA Privacy Rule and Sharing Information Related to Mental Health HIPAA Privacy Rule and Sharing Information Related to Mental Health Background The Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule provides consumers with important privacy rights

More information

IVAN FRANKO HOME Пансіон Ім. Івана Франка

IVAN FRANKO HOME Пансіон Ім. Івана Франка THE IVAN FRANKO HOME S COMMITMENT TO PRIVACY PRIVACY STATEMENT The Ivan Franko Home respects this privacy of our residents, employees, Directors, volunteers and donors. We are committed to ensuring that

More information

PRIVACY IMPACT ASSESSMENT (PIA) For the

PRIVACY IMPACT ASSESSMENT (PIA) For the PRIVACY IMPACT ASSESSMENT (PIA) For the Medical Readiness Decision Support System (MRDSS) United States Air Force SECTION 1: IS A PIA REQUIRED? a. Will this Department of Defense (DoD) information system

More information

UNIVERSITY OF ILLINOIS HIPAA PRIVACY AND SECURITY DIRECTIVE

UNIVERSITY OF ILLINOIS HIPAA PRIVACY AND SECURITY DIRECTIVE May 19, 2016 UNIVERSITY OF ILLINOIS HIPAA PRIVACY AND SECURITY DIRECTIVE UNIVERSITY OF ILLINOIS HIPAA PRIVACY AND SECURITY DIRECTIVE Table of Contents DIRECTIVE INFORMATION... 4 BACKGROUND... 4 APPLICABILITY...

More information

Policy Number: Disclosure of Personal. Health Information to Police Approval Signature: Original signed by A. Wilgosh.

Policy Number: Disclosure of Personal. Health Information to Police Approval Signature: Original signed by A. Wilgosh. POLICY REGIONAL Applicable to all WRHA governed sites and facilities (including hospitals and personal care homes), and all funded hospitals and personal care homes. All other funded entities are excluded

More information

14. PCA PROVIDER WRITTEN AGREEMENT (PCA CHOICE OR TRADITIONAL PCA)

14. PCA PROVIDER WRITTEN AGREEMENT (PCA CHOICE OR TRADITIONAL PCA) 14. PCA PROVIDER WRITTEN AGREEMENT (PCA CHOICE OR TRADITIONAL PCA) Agreement between (hereinafter ); Best Home Care, an enrolled PCA provider with the State of Minnesota Roles and Responsibilities As a

More information

FEDERAL AND STATE BREACH NOTIFICATION LAWS FOR CALIFORNIA

FEDERAL AND STATE BREACH NOTIFICATION LAWS FOR CALIFORNIA FEDERAL AND STATE BREACH NOTIFICATION LAWS FOR CALIFORNIA LEGAL CITATION California Civil Code Section 1798.82 California Health and Safety (H&S) Code Section 1280.15 42 U.S.C. Section 17932; 45 C.F.R.

More information

It defines basic terms and lists basic principles that all LSUHSC-NO faculty, staff, residents and students must understand and follow.

It defines basic terms and lists basic principles that all LSUHSC-NO faculty, staff, residents and students must understand and follow. Office of Compliance Programs Revised: July 18, 2017 HIPAA Privacy HIPAA Privacy Workforce Training The Health Insurance Portability & Accountability Act (HIPAA) requires that the University train all

More information

HIPAA Notice of Privacy Practices

HIPAA Notice of Privacy Practices HIPAA Notice of Privacy Practices *HIPAA: Health Insurance Portability and Accountability Act Effective Date: April 14, 2003; rev. Dec. 1, 2003; Form # 030463 CAT: 15-Patient Data To reorder, log onto

More information

HIPAA PRIVACY NOTICE

HIPAA PRIVACY NOTICE HIPAA PRIVACY NOTICE PLEASE REVIEW THIS NOTICE CAREFULLY. IT DESCRIBES HOW YOUR MEDICAL INFORMATION MAY BE USED AND DISCLOSED AND HOW YOU MAY GAIN ACCESS TO THAT INFORMATION. POLICY STATEMENT This Practice

More information