HIPAA
What are some examples of health information Supplied by Specialists:
•Pre-hospital Notations Made By Emergency Medical Attendants
•Physiotherapy And Chiropractic Notes
•Occupational Health Files
•Consultations And Diagnostic Reports
•The HIM Release Of Information Staff Are Responsible For:
•Verifying The Information Requested
•Making Sure That Health Information Is Complete And Accurate
What are some examples of health information Supplied by the Patient:
•Hospital Cards
•Provincial Health Insurance Program Cards
•Medic Alert Bracelets
•Power Of Attorney Forms And Living Wills
•Data From Mobile Apps And Consumer Wearables That Track Fitness And Health Parameters
Two Federal Privacy Laws:
The Privacy Act
The Personal Information Protection and Electronic Documents Act (PIPEDA)
Define and guide how healthcare organizations collect, use, retain, and disclose personal or individual health information.
•Administrative Data
•Individual demographic, financial, and legal information
•Used to uniquely identify a person at the time of hospital registration, or prior to the start of treatment
Name 3 examples:
•Date of Birth
•Health Card Number
•Contact Information
•Home Address
•Email Address
•Primary Care Physician Contact Information
•Photo Identification
•Work or Private Health Insurance
Emergency Contact Information
•Clinical Data
•Describes an individual’s medical condition
•Includes their prognosis and treatment plans
•Facilitates communication between healthcare providers
Name Three Examples:
the patient’s emergency encounters, history, progress notes, medications, allergies, discharge summary, consult notes, nursing notes, and flow of clinical encounters from the time of admission to the day of discharge.
Vital Signs
Diagnostics
PHI
Stand for:
Personal Health Information
Health information compiled in healthcare facilities for a patient is the property of the: ?
•Health information compiled in healthcare facilities for a patient is the property of the organization
PHIPA
Personal Health Information Protection Act
•PHIPA outlines the individual right to access health information
Release of health information requests are generally submitted in writing and evaluated based on the type and purpose of the request. Under most privacy statutes, a response should be made no later than ___ days from the date the request is received.
30
Components of Protecting Health Information
Confidentiality
Privacy
Security
Health information flows between:
Healthcare Facilities
Providers
Patients
Third Parties
SWOT
Strengths, Weaknesses, Opportunities, and Threats
MAID
Medical Assistance in Dying
Health information can be disclosed to the following without express consent:
The ethical obligation for patients to have a right to know comes under _______.
Privacy
Which of the following is a key component of data integrity?
a) Data access
b) Data quality
c) Data maintenance
d) Data destruction
b) Data quality
To whom do healthcare organizations report privacy breaches?
a) IPC
b) Ethics Committee
c) Board of Governors
d) PIPEDA
The Office of the Information and Privacy Commissioner publishes guidance documents to promote compliance with Ontario's access and privacy laws.
Under which conditions can health information be disclosed without express consent?
a) Court subpoena
b) Police production order
c) Mother requesting records for the child
d) Life-threatening injuries
a) Court subpoena
b) Police production order
d) Life-threatening injuries
What are the three types of cybersecurity protection we covered in class
Ransomware
Malware
Hacking
•Healthcare facilities and providers act as custodians of health information and are responsible for:
Making sure it adequately identifies the purpose for collection
Complying with the legislative requirements
There are several situations where health information can be disclosed to third parties without the express consent of the patient:
•For a court summons or subpoena
(healthcare facilities and professionals are required to disclose health information without patient consent).
•For a production order or warrant by the police department
(information must be disclosed).
•In the case of life-threatening injuries
(information can be exchanged within multiple healthcare facilities without consent to provide timely care to the patient).
•Legal and ethical responsibility to report certain circumstances:
•Child abuse
•Communicable diseases
Injury due to intoxication
What is the Master Patient Index (MPI)?
a) Database assigning unique medical records numbers
b) Database used by a group of organizations to identify patients
c) Database to document medical records
a) Database assigning unique medical records numbers
•The information documented belongs to the patient and they have the right to:
•Access copies of their health information
•Consent and withdraw consent to treatment
•Disclose health information to third parties
Forms of Consent
•Implied and express consent
•Oral or written consent
•Opt-in or opt-out consent
•Consent signed by the substitute decision-maker or the legal guardian