Protecting Patient Privacy It s Everyone s Responsibility

Similar documents
WHAT IS HIPAA? HIPAA is the ELECTRONIC transmission of Three programs have been enacted to date Privacy Rule April 2004

What is HIPAA? Purpose. Health Insurance Portability and Accountability Act of 1996

HIPAA 201: Student Self-Learning Module & Test

HIPAA Training

The University of Toledo. Corporate Compliance and HIPAA Training. Presented by: The Compliance and Privacy Office

HIPAA Privacy Training for Non-Clinical Workforce

The Privacy & Security of Protected Health Information

VHA Privacy Policy Training FY VHA Privacy Office

HIPAA Privacy Rule. Best PHI Privacy Practices

Chapter 9 Legal Aspects of Health Information Management

HIPAA and HITECH: Privacy and Security of Protected Health Information

National Health Information Privacy and Security Week. Understanding the HIPAA Privacy and Security Rule

Privacy and Security Compliance: The. Date Presenter Name of Member Organization

Valley Regional Medical Center HIPAA AND HITECH EDUCATION

HIPAA PRIVACY TRAINING

Health Information Privacy Policies and Procedures

2018 Employee HIPAA Orientation (EHO) Handbook

NOTICE OF PRIVACY PRACTICES

MCCP Online Orientation

Health Insurance Portability and Accountability Act. Awareness Training for Volunteers

New Employee Orientation HIPAA Privacy. Marcia Matthias, MJ, RHIA, CHPC Corporate Director, Health Information/Privacy Officer

It defines basic terms and lists basic principles that all LSUHSC-NO faculty, staff, residents and students must understand and follow.

USES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION: HIPAA PRIVACY POLICY

Compliance with HIPAA Administrative Simplification

Study Management PP STANDARD OPERATING PROCEDURE FOR Safeguarding Protected Health Information

Payment: We are permitted to use and disclose your health information to receive payment for our services. For example, we may:

Student Orientation: HIPAA Health Insurance Portability & Accountability Act

New York Notice Form Notice of Psychologists Policies and Practices to Protect the Privacy of Your Health Information

IVAN FRANKO HOME Пансіон Ім. Івана Франка

HIPAA THE PRIVACY RULE

Information Privacy and Security

A general review of HIPAA standards and privacy practices 2016

INFORMATION ABOUT CHILDREN S MERCY HOSPITALS AND CLINICS

Failure to comply may result in WU being liable for civil and criminal penalties under the HIPAA regulations.

Privacy and Security For Teammates

PERSONAL HEALTH INFORMATION PROTECTION ACT (PHIPA) Frequently Asked Questions (FAQ s) Office of Access and Privacy

PRIVACY POLICIES AND PROCEDURES

FEDERAL AND STATE BREACH NOTIFICATION LAWS FOR CALIFORNIA

HIPAA in DPH. HIPAA in the Division of Public Health. February 19, February 19, 2003 Division of Public Health 1

Information Sharing and HIPAA Compliance

Oklahoma Surgicare NOTICE OF PRIVACY PRACTICES. Effective Date: 02/17/2010

Patient Privacy Requirements Beyond HIPAA

INFORMATION ABOUT Children s Mercy Hospitals and Clinics for our Affiliates

QUESTIONS. Print Student s/faculty Name: Date of Test Completion: Site of Experience: School/University: Semester:

Williamson County EMS (WCEMS) HIPAA Training for Third Out Riders

NOTICE OF PRIVACY PRACTICES

HIPAA. Health Insurance Portability and Accountability Act. Presented by the UMMC Office of Integrity and Compliance

2514 Stenson Dr Cedar Park TX Fax

NOTICE OF PRIVACY PRACTICES

Notice of Privacy Practices for Protected Health Information (PHI)

Senior Care Pharmacy Wichita

[Enter Organization Logo] CONSENT TO DISCLOSE HEALTH INFORMATION UNDER MINNESOTA LAW. Policy Number: [Enter] Effective Date: [Enter]

REVISED NOTICE OF PRIVACY PRACTICES ORIGINAL DATE: JANUARY 1, 2003 REVISED: JANUARY 16, 2014 REVISED: NOVEMBER 27, 2017 PLEASE REVIEW IT CAREFULLY

HIPAA PRIVACY DIRECTIONS. HIPAA Privacy/Security Personal Privacy. What is HIPAA?

REVIEWED BY Leadership & Privacy Officer Medical Staff Board of Trust. Signed Administrative Approval On File

East Carolina University 2010 Annual HIPAA Privacy Training

HIPAA for CNAs. This course has been awarded one (1.0) contact hour. This course expires on May 31, 2020.

Health Insurance Portability and Accountability Act (HIPAA)

Greenwood Connections Notice of Privacy Practice

Yale University. HIPAA PRIVACY FAQs

Breach Reporting and Safeguarding PHI Outpatient Services August, UAMS HIPAA Office Anita Westbrook

Health Information Exchange 101. Your Introduction to HIE and It s Relevance to Senior Living

ADVANCED PLASTIC SURGERY, PLLC. NOTICE OF PRIVACY PRACTICES

OREGON HIPAA NOTICE FORM

Accommodate reasonable requests you may have to communicate health information by alternative means or at alternative locations.

Parental Consent For Minors to Receive Services

NOTICE OF PRIVACY PRACTICES

This notice describes Florida Hospital DeLand s practices and that of: All departments and units of Florida Hospital DeLand.

Privacy and Security Orientation for Visiting Observers. DUHS Compliance Office

WAKE FOREST BAPTIST HEALTH NOTICE OF PRIVACY PRACTICES

Instructions for using the following Notice of Privacy Practices

Advanced Oral & Maxillofacial Surgery, Ltd. NOTICE OF PRIVACY PRACTICES

HIPAA Notice of Privacy Practices

NOTICE OF PRIVACY PRACTICES

HIPAA. Implementation of. The Health Insurance Portability and Accountability Act of 1996 at Nash Health Care Systems

HIPAA PRIVACY NOTICE

What is your start date? (Date in which you plan to begin seeing patients in the hospital). Specialty SECTION I. IDENTIFICATION DATA

Understanding the Privacy and Security Regulations

NOTICE OF PRIVACY PRACTICES

HIPAA Health Insurance Portability and Accountability Act of 1996

SUMMARY OF NOTICE OF PRIVACY PRACTICES

Piedmont Healthcare, Inc. Code of Conduct

If you have any questions about this notice, please contact the SSHS Privacy Officer at:

Safeguarding PHI Nutrition Services. UAMS HIPAA Office May 2015

FCSRMC 2017 HIPAA PRESENTATION

PATIENT INFORMATION. In Case of Emergency Notification

AUDIT DEPARTMENT UNIVERSITY MEDICAL CENTER HIPAA COMPLIANCE. For the period October 2008 through May JEREMIAH P. CARROLL II, CPA Audit Director

MURRAY MEDICAL CENTER HIPAA NOTICE OF PRIVACY PRACTICES

Lutheran Brethren Homes, Inc. NOTICE OF PRIVACY PRACTICES

HIPAA Privacy Policies & Procedures Table of Contents

Commonwealth Health Corporation Notice of Privacy Practices CHC COMMONWEALTH HEALTH CORPORATION

NOTICE OF PRIVACY PRACTICES MOUNT CARMEL HEALTH SYSTEM

WRAPPING YOUR HEAD AROUND HIPAA PRIVACY REQUIREMENTS

THE PRIVACY ACT AND THE AUSTRALIAN PRIVACY PRINCIPLES FREQUENTLY ASKED QUESTIONS

NOTICE OF PRIVACY PRACTICES

STEP BY STEP SCHOOL. Data Protection Policy and Privacy Notice

Title: HIPAA PRIVACY ADMINISTRATIVE

HIPAA Privacy Rights and Operations Guide HIPAA Security Summary For the Practice of: Vail Aspen Breckenridge Dermatology

OAK HAMMOCK AT THE UNIVERSITY OF FLORIDA, INC. NOTICE OF PRIVACY PRACTICES. Privacy Office: (352) Effective Date: September 23, 2013

CLINICIAN S GUIDE TO HIPAA PRIVACY

Transcription:

1 of 27 Protecting Patient Privacy It s Everyone s Responsibility This presentation is comprised of 27 screens. When you have finished reading a screen, click your mouse to continue to the next screen. Use the up arrow on your keyboard if you need to go back to a screen. [click your mouse to continue]

2 of 27 What is Protected Healthcare Information Patient Identifiable Information Any information connected to the patient Physician Identifiable Information Private Facility Information Strategic/Business Planning Information

3 of 27 Where is this Information? Medical Records (Paper and Computer) Medical Staff Records Billing / Accounting Records Administrative Documents Information you gain in the course of your work at the hospital.

Confidentiality Balancing Act 4 of 27 Confidentiality Need to Know Duty to Protect Patient and Provider Privacy Hospital Trustee of Information Facilitate flow of information

5 of 27 What does this mean to users? You. only access what you need to do your job You do not access records of your family, friends or others that fall outside of your job duties. For friends and family information within your job duties you may be more comfortable having a coworker perform the necessary function, if possible. You may access your own records by going through proper channels and signing a consent What you learn at work - stays at work Do not discuss information with anyone who is not involved in the patient s care and does not have a valid need to know.

6 of 27 What Do Patients Do When They Don t Trust Us? They do not obtain treatment Conditions may not be fully disclosed and thus go undetected or untreated Give incomplete or inaccurate information Move from one physician to another Ask the doctor not to document their actual condition Quality care is compromised

7 of 27 Privacy vs. Security Privacy The right of individuals to keep information about themselves from being disclosed to others Security The ability to control access and protect information from accidental or intentional disclosure to unauthorized persons and from alteration, destruction or loss

8 of 27 Your Responsibilities Curb human nature curiosity Be sensitive how would you want your information treated? Respect the patient s right to privacy Know your organization s policies

9 of 27 Right to Access Patients have the right to Access and copying for as long as information is retained Obtain a copy from their healthcare provider by following facility procedures. There are a few exceptions (examples: psychiatric records, emancipated minors)

10 of 27 Right to Amend Patients have the right to request an amendment (clarification or challenge) to their medical record by following facility procedure. Need to put request in writing Author of the record will review and determine if they agree or disagree If denied, the request will become part of the record.

11 of 27 Right to Account for Disclosures Patients have the right to request a list of when and where their confidential information was released A list of disclosures (releases) within past six years Date of disclosure Name of person or entity who received information and address if known Brief description of reason for disclosure Exceptions: treatment, payment healthcare operations

12 of 27 Right to Request Restrictions The patient has the right to request an organization to restrict the use and disclosure (release) of their confidential information by following facility procedure Can request restriction in use of information for treatment, payment, or healthcare operation purposes Organization is not required to agree with restriction(s) if it cannot be achieved or could impede care. Patient can request to receive communication by alternative means or locations (email or different address - different phone number).

13 of 27 Right to File a Complaint The patient has the right to file a complaint if he or she believes privacy rights were violated* Individual within the organization The Secretary of the Department of Health and Human Services * St. Peter s has identified the Risk Manager as the contact person

14 of 27 Notice of Privacy Practices The patient has the right to receive a notice of privacy practices. This is provided during registration / admission. Notice describes How medical information is used and disclosed by an organization How to access and obtain a copy of their medical records A summary of patient rights under HIPAA How to file a complaint, and contact information for filing a complaint

15 of 27 Protected Health Information Individually identifiable information Demographics Any form or medium Oral Written Electronic (PHI)

16 of 27 Doing Your Part Only access confidential information if you need it to do your job Protect your computer passwords Understand the law and your organization s policies Attend training and education programs Report problems Treat your patient s information the way you would want your personal information treated

17 of 27 Policy - Disclosure of Healthcare Information Disclosure = the release, transfer, access, or divulging of Protected Health Information to a person or entity. Permitted disclosure: * For treatment * For payment * For healthcare operations (performance improvement, risk management evaluations, etc)

18 of 27 Access to Patient Information Access is granted to employees who have a need to know; information is required in order to complete their job (nurse, pharmacist, medical record coders, etc) Employees MAY NOT access their own records or those of their friends or relatives without going through proper channels with a signed consent. All records (including personal records) must be requested through the appropriate medical record offices as defined in policy.

19 of 27 How Do I Handle An individual asking for access to or amendment of their record? Individuals have a right of access and amendment Route requests to appropriate medical records department or staff

20 of 27 How Do I Handle A family member or close friend asking about a patient? Directory information is permissible unless restricted by the patient: Name, location, condition in general terms For other type of information Obtain permission Disclose appropriate information

21 of 27 How Do I Handle Another member of the workforce inquiring into a patient s condition or treatment? Determine if it is necessary to their position. Is it related to the provision of their care/treatment?

22 of 27 How Do I Know When information is considered private? Did you learn it through your job? If yes, then it is considered private

23 of 27 St. Peter s is committed to protect the patients rights! Organizational Code of Conduct Promote and protect confidentiality and security Our goal is to maintain patient trust that their Personal health information is protected Confidential information is kept private Continue to maintain and improve systems and safeguards to protect patient privacy

24 of 27 There Are Penalties Both criminal and civil penalties for: - Failure to comply with HIPAA requirements - Knowingly or wrongfully disclosing or receiving individuallyidentifiable health information - Obtaining information under false pretences - Obtaining information with intent to: Sell or transfer it Use it for commercial advantage Use it for personal gain Use it for malicious harm

25 of 27 Privacy-Friendly Practices Abide by the organization s Policies Shred or destroy (do not discard patient information in the regular trash) Fax and copy machines are in secure locations Talking in public areas should be avoided or when necessary be conducted quietly. Keep patient information out of public areas

26 of 27 Privacy-Friendly Practices Secure records in all locations; lock your computer Screen each time you leave your workstation Do not share passwords Time-out computer screens / face away from public view. Remember individuals right to privacy during treatments.

27 of 27 Thank you for your participation in protecting patients medical information. 1. You will now be asked some questions on what you ve just learned. Press the back button on your web browser or click here to return to the home page to take the on-line quiz. 2. Once you have passed the quiz, St. Peter s Medical Staff Services will be notified and you will be contacted with information on how to access the St. Peter s Meditech system.

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback