I C U
Provides a framework for establishment of nationwide protection of pt confidentiality, security of electronic systems, and standards/requirements for electronic transmission of health information.
What is HIPAA?
Attempting to de-identify a Pts photograph does not negate Grady’s policy that the pt must _____ to usage of their information or image for purposes other than treatment, payment and/or health care operation
What is consent?
Unauthorized access to EMR is a common HIPAA violation. It doesn't matter if the N O O S P G N I happens because of curiosity or if someone wants to leak PHI. Any form of N O O S P G N I involving PHI is a violation.
What is snooping?
A C Y P R I is the foundation of HIPAA & the underlying principle that determines how and when we can use or disclose PHI.
What is privacy?
Encounter/visit documentation, Lab results, Appt dates/times, Invoices, Radiology films, & H&Ps?
What is protected health information?
Minimum Necessary Rule – Staff acting on behalf of GHS are permitted to access PHI only on a
_ _ _ _-to-_ _ _ _ for carrying out their job duties.
What is need-to-know?
Attachments to an email that contains PHI should be encrypted by typing
E S C U E R
in the Subject line.
What is Secure?
You have the responsibility to keep all PHI private; therefore, you cannot reveal that information to anyone without the pt's T N E S C O N.
What is consent?
Do not C C A E S S pt information via any media – electronic or paper without a job related need to know.
What is access?
Z___ t_______ means that an employee’s employment will be terminated if that employee intentionally accesses, uses, or discloses PHI for a purpose not related to their duties.
What is a zero tolerance?
Always encrypt email that contains PHI. The information should only include the
I M N I M U M C E N E S S A R Y PHI for treatment, payment, or health care operations.
What is the minimum necessary?
You have a responsibility to secure any
O N C F I D E N T I L A information related to a pt. You are also expected to safeguard information from misuse.
What is confidential?
The OCR settled a case with a dermatology practice for $300K when it discovered the practice disposed of empty specimen containers with PHI in an unsecured garbage bin.
What is improper disposal of PHI?
H _ _ _ _ A _ _ _ _ Trai_ tracks the moment the patients’ EMR are accessed.
What is a HIPAA Audit Trail?
_____ messaging, whether through secure or unsecured messaging may not be used as a method to communicate pt orders.
What is text messaging?
HIPAA gives pts rights that must be respected. One of these rights is:
Trust that _ _ _ will be transmitted with the appropriate restrictions and safeguards
What is PHI?
When surveyors select pts who have gone through a variety of services and trace compliance along the pt's journey through the hospital.
What is tracer methodology?
Posting on Snapchat a pt singing a Christmas carol without written consent.
What is a HIPAA violation?
What are ways to report HIPAA violations?
Pt privacy rights and/or HIPAA may be violated by any communication/posting that can reasonably be used to f y i d e n t i pts by its content or context.
What is identify?