Health Insurance Portability and Accountability Act (HIPAA)

Similar documents
Health Insurance Portability and Accountability Act. Awareness Training for Volunteers

MCCP Online Orientation

Study Management PP STANDARD OPERATING PROCEDURE FOR Safeguarding Protected Health Information

HIPAA PRIVACY TRAINING

Privacy and Security Compliance: The. Date Presenter Name of Member Organization

Information Privacy and Security

QUESTIONS. Print Student s/faculty Name: Date of Test Completion: Site of Experience: School/University: Semester:

HIPAA is the Health Insurance Portability and Accountability Act

HIPAA PRIVACY DIRECTIONS. HIPAA Privacy/Security Personal Privacy. What is HIPAA?

HIPAA Training

HIPAA Health Insurance Portability and Accountability Act of 1996

Safeguarding PHI Nutrition Services. UAMS HIPAA Office May 2015

HIPAA Privacy Rule. Best PHI Privacy Practices

Updated FY15 Dignity Health General Compliance Education for Staff Module 2

WHAT IS HIPAA? HIPAA is the ELECTRONIC transmission of Three programs have been enacted to date Privacy Rule April 2004

The University of Toledo. Corporate Compliance and HIPAA Training. Presented by: The Compliance and Privacy Office

Breach Reporting and Safeguarding PHI Outpatient Services August, UAMS HIPAA Office Anita Westbrook

A general review of HIPAA standards and privacy practices 2016

CLINICIAN S GUIDE TO HIPAA PRIVACY

What is HIPAA? Purpose. Health Insurance Portability and Accountability Act of 1996

Privacy and Security For Teammates

HIPAA. Health Insurance Portability and Accountability Act. Presented by the UMMC Office of Integrity and Compliance

Student Orientation: HIPAA Health Insurance Portability & Accountability Act

East Carolina University 2010 Annual HIPAA Privacy Training

HIPAA Education Program

VHA Privacy Policy Training FY VHA Privacy Office

Health Information Privacy Policies and Procedures

Protecting Patient Privacy It s Everyone s Responsibility

Advanced HIPAA Communications and University Relations

Emergency Medical Services Division Policies Procedures Protocols

Title: HIPAA PRIVACY ADMINISTRATIVE

The Privacy & Security of Protected Health Information

HIPAA and HITECH: Privacy and Security of Protected Health Information

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT

PRIVACY POLICIES AND PROCEDURES

HOW TO MAINTAIN A LAB NOTEBOOK- RECORD KEEPING AND HIPAA. Fern Tsien, PhD Department of Genetics LSUHSC

AUDIT DEPARTMENT UNIVERSITY MEDICAL CENTER HIPAA COMPLIANCE. For the period October 2008 through May JEREMIAH P. CARROLL II, CPA Audit Director

INFORMED CONSENT DOCUMENT. Project Title: The Contraceptive Choice Center: an innovative health services delivery and payment model

HIPAA Privacy Training for Non-Clinical Workforce

Louisiana Medicaid Hospital Precertification for Acute Care. On Line Webinar November 12 13, 2009

Houston Rheumatology Center Sabeen Najam, MD, PA Board Certified in Rheumatology

Houston Rheumatology Center Sabeen Najam, MD, PA Board Certified in Rheumatology

Williamson County EMS (WCEMS) HIPAA Training for Third Out Riders

SUMMARY OF NOTICE OF PRIVACY PRACTICES

Chapter 9 Legal Aspects of Health Information Management

Re-Vita -Life. Sub-dermal Bio-identical Pellets

HIPAA for CNAs. This course has been awarded one (1.0) contact hour. This course expires on May 31, 2020.

HIPAA Privacy Policies & Procedures Table of Contents

It defines basic terms and lists basic principles that all LSUHSC-NO faculty, staff, residents and students must understand and follow.

Emergency Medical Treatment and Active Labor Act (EMTALA) AUDIT GUIDE

2018 Employee HIPAA Orientation (EHO) Handbook

Compliance and Privacy/Security Training Academic Year

PATIENT INFORMATION. In Case of Emergency Notification

WELCOME. Payment will be expected at the time of service. Please remember our 24 hour cancellation notice.

What is your start date? (Date in which you plan to begin seeing patients in the hospital). Specialty SECTION I. IDENTIFICATION DATA

USES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION: HIPAA PRIVACY POLICY

Yale University. HIPAA PRIVACY FAQs

AN OVERVIEW OF FIPPA for FACULTY, INSTRUCTORS & ADMINISTRATORS. Information and tips on how to keep you FIPPA FRIENDLY

Protecting PHI for Clinical Staff and Students

HIPAA Privacy Rights and Operations Guide HIPAA Security Summary For the Practice of: Vail Aspen Breckenridge Dermatology

PATIENT INFORMATION RESPONSIBLE PARTY INFORMATION NAME: DOB: SEX: M / F SOCIAL SECURITY # RELATIONSHIP TO PATIENT: PHONE #: CELL#: EMPLOYER:

FCSRMC 2017 HIPAA PRESENTATION

Medical History Form

I. POLICY: DEFINITIONS:

PROTECTING PATIENT PRIVACY IS NOT ONLY

Compliance & Privacy For Teammates

HIPAA Privacy & Security Training

Accessing HEALTHeLINK

HIPAA THE PRIVACY RULE

ENTERPRISE INCOME VERIFICATION (EIV) SECURITY POLICY

Presented by the UAMS HIPAA Office August 2013 Anita B. Westbrook

I. PURPOSE DEFINITIONS. Page 1 of 5

Information Sharing and HIPAA Compliance

STANDARD ADMINISTRATIVE PROCEDURE

Notice of Privacy Practices

HIPAA 201: Student Self-Learning Module & Test

LAW AND ETHICS I N T R O D U C T I O N T O H E A L T H S C I E N C E

HIPAA and Joint Commission Requirements Compared and Contrasted

1303A West Campus Drive

Please Turn Off or Silence Cell Phones & Pagers

SAMPLE. Release of Information in California: E-book Series, 12 of 12. Published by:

VCU Health System PatientKeeper Connect. Request Instructions

HIPAA Privacy & Security Training

REVISED NOTICE OF PRIVACY PRACTICES ORIGINAL DATE: JANUARY 1, 2003 REVISED: JANUARY 16, 2014 REVISED: NOVEMBER 27, 2017 PLEASE REVIEW IT CAREFULLY

Valley Regional Medical Center HIPAA AND HITECH EDUCATION

NOTICE OF PRIVACY PRACTICES Full Length Version Effective Date: 4/19/2016

National Health Information Privacy and Security Week. Understanding the HIPAA Privacy and Security Rule

PROCEDURE-STUDENT RECORDS

Section: Medical Staff Office Page: 1 of 2

Failure to comply may result in WU being liable for civil and criminal penalties under the HIPAA regulations.

PRIVACY POLICY USES AND DISCLOSURES FOR TREATMENT, PAYMENT, AND HEALTH CARE OPERATIONS

The Health Insurance Portability and Accountability Act

NOTICE OF PRIVACY PRACTICES

Lutheran Brethren Homes, Inc. NOTICE OF PRIVACY PRACTICES

The HIPAA Privacy Rule and Research: An Overview

Resident/Fellow Training Orientation Policies

Social Media IUSM-GME-PO-0031

HIPAA in DPH. HIPAA in the Division of Public Health. February 19, February 19, 2003 Division of Public Health 1

Compliance & Privacy For Teammates

(A Guide to Consumer Rights under HIPAA)

Transcription:

HIPPA Review

Health Insurance Portability and Accountability Act (HIPAA) What is HIPAA: Stands for Health Insurance Portability and Accountability Act Addresses three areas: 1. Insurance portability 2. Administrative simplification 3. Security and privacy: health care providers must use safeguards to maintain the privacy and security of protected health information (PHI). 2

Protected Health Information (PHI) Individually identifiable information: written, oral or electronically transmitted. Name Address E-mail address Telephone/fax number Social Security number Birth date Admission date Discharge date Insurance plan number Medical record number Photos Finger prints Vehicle Identifiers 3

Protected Health Information (PHI) During a patients initial visit, the staff member will give them UPMC s Notice of Privacy Practices, Data Use Agreement, and UPMS C Release of Information Policy. If staff receive a subpoena requesting PHI, you should follow the release of PHI policy and guidelines A patient may request to amend his/her PHI. If this is denied, staff will inform the patient in writing and allow them to include a statement of disagreement. 4

Confidentiality Patients have the right to privacy concerning their medical care, financial status, and family affairs. You are only allowed to access a patient s record if it pertains to your volunteer duties. Never use a patient s name when discussing their care. Never discuss or whisper a patient s care information in public areas, elevators, lobbies, waiting rooms, etc. Instead, wait until you get to a private area before discussing information. 5

Hypothetical Scenario Lalalal ala lalala, I can t hear you Terry is eating lunch in the café. Terry hears staff members at the next table talking in detail about a patient s diagnosis, mentioning the patient s name and discussing the patient s current treatment plan. What should Terry do? 6

Excuse me, I can hear what you are talking about I ll keep what I heard to myself I have a HIPAA violation to report to my supervisor I think I ll move to a table across the room 7

Action Steps When you overhear this, you should report the incident to a supervisor or privacy officer and inform the staff member that they should not be discussing patient information in public areas. 8

Computer Access Create a strong password and DO NOT share your password do not even give it to your supervisor Do not leave confidential information up on your screen when you step away from your computer Never open an e-mail attachment from an unsolicited source Use e-mail disclaimer If you believe your password was stolen, you should immediately change it and call the ISD Help Desk. 9

Computer Access When printing patient information, retrieve it from the printer, confirm the printer you are using and retrieve the information even if it was sent to the wrong printer. If a staff member received a phone call requesting medical records of a patient be faxed, they must: Use appropriate UPMC Fax Cover Sheet Notify the recipient in advance (if it is a non-routine fax) If available, use the button on the fax machine to dial the preprogrammed number Verify recipient fax number is part of the authorization Verify with the recipient that the fax was received 10

Confidential Information You are only permitted to view medical record information on yourself (to an extent) and the patient for whom you are caring for, but only as necessary to perform your volunteer duties. As a volunteer, you should always keep your computer password confidential, properly dispose of PHI by shredding or placing it in a shredding container, not download information form untrusted sources and log off your computer when not in use. 11

Confidential Information Never leave a photocopier unattended when making copies of confidential information. Confidential information should always be disposed of in a shred bin. Immediately remove confidential information from the fax machine. To report inappropriate use of patient information, you can notify your privacy officer, supervisor and call the privacy helpline. 12

Need-To-Know Need-To-Know refers to the principle that patient information should be accessed or disclosed only as necessary in order to provide services to the patient or as otherwise authorized by the patient or the law. If you receive a call from a reporter that is asking about the status of a famous patient, you should always direct them to your facility s media relations department. 13

Treatment, Payment or Operations (TPO) Without the patient s permission, information can ONLY be shared if it pertains to: A person s treatment Payment of his or her bill Hospital operations 14

Hypothetical Scenario Terry is refilling water pitchers in the patient/visitor kitchen. Terry is surprised to find that fellow volunteer, Pat, is currently a patient in one of the treatment rooms. Terry wants to tell their mutual friends that Pat is a patient so that other volunteers/friends can send Pat cards. Terry wants to be helpful and let the nice ladies in the volunteer office know, too. Pat, I pledge to protect your privacy! These lips are sealed. You want me to tell people? Okay, I ll just need your written consent. 15

Treatment, Payment or Operations (TPO) Without the patient s permission, information can ONLY be shared if it pertains to: A person s treatment Payment of his or her bill Hospital operations 16

Please take the HIPPA quiz, found on the website, to complete this topic s training. Thank you! 17

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback