Privacy and Security Orientation for Visiting Observers. DUHS Compliance Office

Similar documents
What is HIPAA? Purpose. Health Insurance Portability and Accountability Act of 1996

HIPAA Privacy Training for Non-Clinical Workforce

HIPAA Privacy & Security Training

HIPAA PRIVACY TRAINING

DE-IDENTIFICATION OF PROTECTED HEALTH INFORMATION (PHI)

HIPAA Privacy & Security Training

HIPAA and HITECH: Privacy and Security of Protected Health Information

IRB 101. Rachel Langhofer Joan Rankin Shapiro Research Administration UA College of Medicine - Phoenix

HIPAA Policies and Procedures Manual

Advanced HIPAA Communications and University Relations

HIPAA. Health Insurance Portability and Accountability Act. Presented by the UMMC Office of Integrity and Compliance

Information Privacy and Security

INSTITUTIONAL REVIEW BOARD Investigator Guidance Series HIPAA PRIVACY RULE & AUTHORIZATION THE UNIVERSITY OF UTAH. Definitions.

Navigating HIPAA Regulations. Michelle C. Stickler, DEd Director, Research Subjects Protections

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT

Compliance Program, Code of Conduct, and HIPAA

WHAT IS HIPAA? HIPAA is the ELECTRONIC transmission of Three programs have been enacted to date Privacy Rule April 2004

Safeguarding PHI Nutrition Services. UAMS HIPAA Office May 2015

CLINICIAN S GUIDE TO HIPAA PRIVACY

The University of Toledo. Corporate Compliance and HIPAA Training. Presented by: The Compliance and Privacy Office

THE JOURNEY FROM PHI TO RHI: USING CLINICAL DATA IN RESEARCH

Student Orientation: HIPAA Health Insurance Portability & Accountability Act

HIPAA THE PRIVACY RULE

It defines basic terms and lists basic principles that all LSUHSC-NO faculty, staff, residents and students must understand and follow.

LifeBridge Health HIPAA Policy 4. Uses of Protected Health Information for Research

MCCP Online Orientation

San Francisco Department of Public Health Policy Title: HIPAA Compliance Privacy and the Conduct of Research Page 1 of 10

The HIPAA privacy rule and long-term care : a quick guide for researchers

HIPAA Privacy Regulations Governing Research

New HIPAA Privacy Regulations Governing Research. Karen Blackwell, MS Director, HIPAA Compliance

APPLICATION FOR RESEARCH REQUESTING AN IRB WAIVER OF CONSENT AND HIPAA AUTHORIZATION

The Privacy & Security of Protected Health Information

Presented by the UAMS HIPAA Office August 2013 Anita B. Westbrook

Chapter 9 Legal Aspects of Health Information Management

Patient Privacy Requirements Beyond HIPAA

SCHOOL OF PUBLIC HEALTH. HIPAA Privacy Training

HIPAA Training

Commission on Dental Accreditation Guidelines for Filing a Formal Complaint Against an Educational Program

Health Insurance Portability and Accountability Act. Awareness Training for Volunteers

WRAPPING YOUR HEAD AROUND HIPAA PRIVACY REQUIREMENTS

HIPAA for CNAs. This course has been awarded one (1.0) contact hour. This course expires on May 31, 2020.

HIPAA Compliancy Group, LLC. 2017

USES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION: HIPAA PRIVACY POLICY

Professional Compliance Program Grievance Report

HIPAA PRIVACY DIRECTIONS. HIPAA Privacy/Security Personal Privacy. What is HIPAA?

INFORMATION ABOUT Children s Mercy Hospitals and Clinics for our Affiliates

INFORMATION ABOUT CHILDREN S MERCY HOSPITALS AND CLINICS

Patient-Level Data. February 4, Webinar Series Goals. First Fridays Webinar Series: Medical Education Group (MEG)

Pennsylvania Hospital & Surgery Center ADMINISTRATIVE POLICY MANUAL

Williamson County EMS (WCEMS) HIPAA Training for Third Out Riders

Valley Regional Medical Center HIPAA AND HITECH EDUCATION

A general review of HIPAA standards and privacy practices 2016

The Impact of The HIPAA Privacy Rule on Research

HIPAA Privacy Rule. Best PHI Privacy Practices

Privacy and Security Compliance: The. Date Presenter Name of Member Organization

The HIPAA Privacy Rule and Research: An Overview

FCSRMC 2017 HIPAA PRESENTATION

HIPAA Health Insurance Portability and Accountability Act of 1996

Updated FY15 Dignity Health General Compliance Education for Staff Module 2

Access to Patient Information for Research Purposes: Demystifying the Process!

Health Information Privacy Policies and Procedures

Faculty Profile. PART I Privacy Training for Health Professionals. Disclaimer. Always Be Prepared 7/11/2013. Why should you care about Privacy?

HIPAA Privacy & Security

HIPAA Education Program

1303A West Campus Drive

Objectives. By the end of this educational encounter, the clinician will be able to:

HIPAA & PRIVACY TRAINING FOR HEALTH PROFESSIONALS: Part 1 Denise M. Hill, JD, MPA

HIPAA COMPLIANCE APPLICATION

National Health Information Privacy and Security Week. Understanding the HIPAA Privacy and Security Rule

YALE UNIVERSITY THE RESEARCHERS GUIDE TO HIPAA. Health Insurance Portability and Accountability Act of 1996

Notice of Privacy Practices

Geisinger IRB Member Orientation Session 2. Debra L. Henninger, MHS RN CCRC Associate Director, Research Compliance

******************************************************************** Policy Expectation:

System-wide Policy: Use and Disclosure of Protected Health Information for Research

The Queen s Medical Center HIPAA Training Packet for Researchers

DO ASK BUT DON T TELL HIPAA PRIVACY RULE

Guidelines for Requesting an Increase in Enrollment in a Predoctoral Dental Education Program

Your Role in Protecting Patient Privacy 2018

VHA Privacy Policy Training FY VHA Privacy Office

UNIVERSITY OF ILLINOIS HIPAA PRIVACY AND SECURITY DIRECTIVE

2514 Stenson Dr Cedar Park TX Fax

SUMMARY OF NOTICE OF PRIVACY PRACTICES

Privacy and Security For Teammates

Protecting Patient Privacy It s Everyone s Responsibility

Residents Rights. Objectives. Introduction

VCU Health System PatientKeeper Connect. Request Instructions

NOTICE OF PRIVACY PRACTICES

WELCOME. Payment will be expected at the time of service. Please remember our 24 hour cancellation notice.

Slide 1 WHO IS THE CLIENT? WHO CONTROLS THE RECORD? ETHICS AND HIPAA. Slide 2. Slide 3. The Four As of Ethical Practice

Guidelines for Requesting an Increase in Authorized Enrollment in Orthodontics and Dentofacial Orthopedics Residency and Fellowship Programs

PEDIATRIC HEALTH ASSOCIATES HIPAA NOTICE OF PRIVACY PRACTICES

AUDIT DEPARTMENT UNIVERSITY MEDICAL CENTER HIPAA COMPLIANCE. For the period October 2008 through May JEREMIAH P. CARROLL II, CPA Audit Director

System Office New Hire Orientation

HIPAA Privacy and Security Training for Researchers

- Cardiac Catherization - Cardiac Angioplasty - Cardiac Bypass - MUGA - CT Scan

COMMISSION ON DENTAL ACCREDITATION GUIDELINES FOR PREPARING REQUESTS FOR TRANSFER OF SPONSORSHIP

Payment: We are permitted to use and disclose your health information to receive payment for our services. For example, we may:

Notice of Privacy Practices

Psychological Services Agreement

WHAT IS AN IRB? WHAT IS AN IRB? 3/25/2015. Presentation Outline

Transcription:

Privacy and Security Orientation for Visiting Observers DUHS Compliance Office 919-668-2573 compliance@dm.duke.edu

Introduction This orientation is to provide new Visiting Observers with the HIPAA Privacy and Security information to respect patient privacy during your visitor experience. 2

Agenda Discuss HIPAA Privacy and Security Rules Describe Visiting Observer obligations to protect patient information. Explain the penalties for privacy and security violations. 3

HIPAA PHI HIPAA stands for the Health Insurance Portability and Accountability Act. Accountability requires health care institutions to protect patient information. When we speak of patient information, we are talking about Protected Health Information. Protected Health Information (PHI) is any health information that could identify a particular person. 4

Patient Confidentiality PHI The Privacy Rule: Protects an individual s health care information known as Protected Health Information (PHI). Identifies permitted uses and disclosures of PHI. Gives patients control over their health information (Patients Rights). The Security Rule: Protects an individual s health care information that is maintained or transmitted electronically. Defines administrative, physical, and technical safeguards for electronic PHI (ephi). Requires corrective action of workforce members who fail to comply with security policies and procedures. 5

Names HIPAA: 18 Patient Identifiers Street address, city, county, ZIP All elements of dates, age >89 Telephone Number Account Numbers Certificate/License Number Vehicle Identifiers & Serial Numbers Device Identifiers & Serial Numbers URL Address Fax Number E-mail Address Social Security Number Medical Record Number Health Plan Beneficiary Number IP Address Biometric identifiers, e.g., fingerprints and voiceprints Full-face photos and any comparable images Any other unique identifying number, characteristic or code, e.g., tattoo, unique/rare diagnosis or procedure codes 6

Privacy and Security Responsibilities PHI may be spoken, written or electronic Respect every patient s privacy and maintain confidentiality. Visiting Observers are bound by the same confidentiality standards that Physicians, Researchers, Clinicians and other members of the Duke Health community observe. Let s Consider During a hospital tour a visiting observer recognizes a patient in an oncology clinic.. The visiting observer should not disclose this to any person, e.g. spouse, friend. To mention that information is a breach of patient privacy and could lead to termination of the visit. 7

Privacy and Security Responsibilities Visiting Observers: Must be escorted by Duke stall in all clinical and administrative areas of Duke facilities. Must ensure nametag is visible at all times in any Duke Health facilities. Must be introduced to patients to allow the patient the opportunity to decline the visitors presence during the encounter. Must not discuss a patient s presence, identity, diagnosis, or treatment with anyone not involved in the care of that patient or the learning activities you are participating in as a Visiting Observer. Must not receive or remove documents containing PHI from Duke Health facilities. This includes, but is not limited to: Post-it notes, spreadsheets, observation notes, agendas, calendars, etc. Must not photograph or record patients or patient information. Must not engage in any activities outside of the scope of the Purpose of the Activity section of the Visiting Observer Agreement. 8

Things to Consider Observership: an opportunity to learn about particular clinical or research activity. This is not a volunteer position. Observers do not participate in any functions: No access to electronic or paper medical records. Cannot provide patient care or have direct communication with patients. Cannot perform surveys of patients. Remember: this is an observational experience only. 9

Violating HIPAA Privacy or Security Rules You, your Sponsor and Duke may receive severe penalties for HIPAA Privacy or Security Rule violations. If you do not protect an individual s health information, you may be penalized: Up to and including termination of Visiting Observer Agreement. Civil and criminal penalties. Penalties depend on the level of violation. 10

In general, HIPAA violations are enforced by the Department of Health and Human Services. The recently enacted Health Information Technology for Economic and Clinical Heath (HITECH) Act now permits State Attorney Generals to bring civil actions AND permits monetary awards to be shared with harmed individuals. Penalties for Unauthorized Access $50,000/violation, with an annual maximum of $1.5 million Duke placed under a Resolution Agreements (compliance reporting/monitoring) Civil Monetary Penalties for Duke and perpetrator of privacy breach Criminal Penalties, up to 10 years in prison State Attorney General pursuing civil action 11

Reporting Compliance Concerns When you observe something you believe to be improper it is part of your compliance responsibilities to report your concerns immediately. There are options available to assist you in reporting your concerns: Option 1: Contact your Sponsor immediately Option 2: Contact the DUHS Compliance Office: 919-668-2573 Option 3: call the Integrity Line Hotline 1-800- 826-8109 for Confidential and Anonymous reporting 12

Questions Privacy and Security Guidance: DUHS Compliance Office: 919-668-2573 or compliance@dm.duke.edu 13

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback