PHI & Privacy
This type of health info can be written, spoken, or electronic and can be used to identify a patient.
What is Protected Health Information (PHI)?
Name 3 examples of PHI
DOB/Address/SSN/Medical Record Number, Phone Number etc.
Viewing patient info without a work-related reason is called this.
What is snooping?
True or False: You can look up your neighbor’s record if you're curious.
What is false?
This is your primary responsibility regarding PHI.
What is to keep it confidential?
There are this many patient identifiers in PHI.
What is 18?
HIPAA is enforced by this level of government.
What is the federal government?
Talking about patients in public areas is this type of violation.
What is a HIPAA breach or unauthorized disclosure?
You're overheard discussing a patient in the elevator. What policy did you violate?
What is HIPAA confidentiality/privacy?
Only access PHI on this basis.
What is “need to know”?
This protects the right of individuals to keep their health info private.
What is Privacy?
HIPAA stands for this.
What is the Health Insurance Portability and Accountability Act?
One of the most common HIPAA violations involves posting about patients here.
What is social media?
Teresa Lopez-Gonzalez is being audited for access in the EHR. Which patient name raises a red flag?
a. Gloria Smith
b. Jorge Gomez
c. Tammy Cluff
d. Ashley Lopez
d. Ashley Lopez
To release HIV or substance use records, you must first get this.
What is patient authorization?
When you leave your computer unattended, you must do this.
This U.S. department enforces HIPAA violations.
What is the Department of Health and Human Services (HHS)?
HIPAA fines can reach up to this amount per incident.
What is $50,000–$250,000?
You leave your screen unlocked in a public area. What have you failed to do?
What is secure your workstation?
This ensures you're accountable for your documentation.
What is using your own login or signing off correctly?
PHI remains protected even after this event happens in a patient's life
Death
This type of individual can access a patient's PHi if legally authorized, such as power of attorney or court order.
What is Personal representative.
This action should be taken if you witness a breach of patient privacy.
What is report it to the Privacy Officer?
This is the term for employees sharing PHI through unsecure texting apps.
What is a HIPAA violation via insecure communication?
Name the 7 Rights of Correct Patient Documentation.
What are: Right patient, time/date, info, reason, response, provider/author, and chart/system?
These records must not be left open where others can view them.
What are medical records or charts?
These are the three key reasons PHI may be used without authorization.
What are treatment, payment, and healthcare operations?
True or False:
A spouse is automatically considered the head of the household and can receive their spouse's Protected Health Information (PHI).
What is False, not without a signed authorization.
If a Patient/member refuses to verity their identity but demands PHI, the correct action is this.
Politely refuse disclosure and explain verification is required under HIPAA
Under HIPAA, providers can share PHI with family or friends only if this condition is met
What is an authorization from the patient, or it is in the best interest of the patient is unable to consent. The provider can make that decision.