Hip Hip ah.....
Strictly Jeopardy
Q and A
What we need to know
More Q & A
100
1. Make sure papers, documents, and reports containing patient information are shredded or destroyed in a compliant manner. 2. If fax and copy machines are used to send or copy patient information, make sure they are located away from public areas. 3. Always consider where you are when talking about confidential information. 4. Whether you are talking to a patient or with coworkers, try to keep your conversations from being overheard. 5. Keep confidential patient information out of public areas such as waiting rooms, conference rooms, receptionist desk or on white boards viewable by the public. 6. Don't assume the person with the patient knows all the patient's information. 8. Keep records safe and protected regardless of where they are kept.
What are steps you can take to keep patient health information confidential?
100
This is obtained before releasing Protected Health Information for purposes other than treatment, payment, and operations.
What is a written patient authorization?
100
Can we use sign in sheets?
Yes, as long as there is no health information contained on the sheet.
100
Protect the confidentiality of patient's Protected Health Information.
What do the Privacy Regulations seek to do?
100
Does your supervisor have access to review your entire personnel file?
No. There would be no need for your supervisor to have access to your health information to do their job.
200
Two components of the HIPPA regulation.
What are the Privacy Rule and Security Standard.
200
PHI
What is Protected Health Information?
200
Can we leave message for a patient about an upcoming appointment?
Yes, as long as no specific health information is included in the message.
200
“An acquisition, access, use, or disclosure of protected health information in a manner not permitted under the Privacy Rule"
What is a breach?
200
Do all patients have to take our "Notice of Privacy Practices?"
No. We must offer it to everyone one time. If they refuse it, we must document the attempt to give it to them.
300
Person or entity who provides certain functions, activities, or services that involve the use and/or disclosure of protected health information, other than a member of our workforce.
What is a Business Associate?
300
HIPAA
What is The Health Insurance Portability and Accountability Act?
300
Can a patient restrict our filing a claim with their health insurance?
Yes. The Final Omnibus Ruling gave individuals the right to restrict disclosure to a health plan, but only for treatment they paid for in full out of pocket.
300
1. A specific description of the information to be disclosed 2. Who is authorized to make the disclosure 3. Who is authorized to receive the disclosure 4. A description of how the PHI will be used 5. An expiration date or event 6. Authorizing individual’s signature and date 7. Statement of individual’s right to revoke 8. Statement of potential of re-disclosure 9. Authorization must be written in plain language 10. Individual must be provided with a copy of the signed authorization 11. Covered entity may not condition treatment on whether the individual signs the authorization
What are components of a HIPAA compliant Authorization for Release?
300
Can we fax PHI?
Yes, if standard precautions are taken to ensure reasonable security of the transmitted data.
400
HIPAA standards were enacted during this presidential administration.
What is the Clinton adminstration.
400
1. Name 2. Address 3. Dates 4.SSN 5.License numbers, phone numbers, medical record numbers 6.Photographs 7.Finger or voice prints, retinal scans 8.Email addresses 9.Handwriting samples 10.Any other unique characteristic, code, number
What are examples of Protected Health Information?
400
Can I discuss a patient's situation with them on the phone when other clients are at the desk or in the lobby?
You may, but caution should be used to minimize exposure to others, this is an example of an incidential disclosure that is unavoidable in day to day practice.
400
Administrative, Physical, and Technical Safeguards
What are three types of protection required by the Security Standards?
400
Can I share a patients PHI with their insurance company?
Yes. This is considered part of treatment, payment or health care operation and does not require the patient's authorization. Only the minimum information is shared.
500
This country singer's medical records were sold to the National Enquirer and Star tabloids by a hospital employee for $2,610?
Who is Tammy Wynette?
500
Minimum Necessary HIPAA rule
What limits PHI access to only the information necessary to do your job?
500
Can an adult who is not a child's parent or legal guardian accompany them to a medical appointment? Can we share the child's PHI with them?
From a strictly HIPAA standpoint, yes, but other regulations governing minors may still mandate that parental consent is documented.
500
1. Right to an accounting of disclosures 2. Right to request restriction on use or disclosure of protected health information 3. Right to an accounting of non-routine disclosure of protected health information 5. Right to inspect, copy and request amendments to protected health information 6. Right to breach notification
What are the Individual Rights that must be stated in the Notice of Privacy Practices?
500
Can we discuss a client's PHI with other providers involved in their care or other provider to whom we are referring them?
Yes. This is part of treatment and does not require authorization.
M
e
n
u