Penalties, Fines, Violations
Patient's Rights
Protected Health Information
History of HIPAA
Policies, Proceedures, Protocol
100
Individuals you report HIPAA violations to.
Privacy Officer, Supervior, Manager
100
The name of MPCC's Notice of Privacy Practice (NOPP)
Respecting Your Privacy-How Mercy Primary Care Center Protects Your Health Information
100
Any individually identified health information including demographic information that relates to the individual's past, present, or future physical or mental health condition or any other identifying information that can be used to identify the individual.
Protected health information.
100
Year HIPAA law was enacted?
1996
100
Examples of how an office can protect confidentiality of health information?
The use of a password, lock file cabinets, cover health record.
200
Criminal penalties for improperly disclosing patient health information.
250,000 fine, 10 years in prison.
200
What a patient signs after recieving a NOPP
HIPAA Privacy Acknowledgement Form
200
1.Names 2.Address (including zip code) 3.Dates (birth, admission, discharge, death) 4.Telephone numbers 5.Medical record numbers 6.Account numbers 7.Biometric identifiers, including finger and voice prints 8.Full face photographic images and any comparable images
Examples of PHI
200
When the right to privacy of health information varied by state; only about half the states had laws requiring patients to be able to see and copy their own medical records.
PHI rights before HIPAA
200
How would you dispose of patient information that is not needed at an office
Shredder
300
Penalty jail time for unknowingly or with resonable cause violating HIPAA regulations.
Up to one year.
300
When the patient's written authorization needed.
Everytime something goes outside of the office.
300
Only PHI you need to do your job?
Minimum necessary
300
Health plans, healthcare clearinghouses, and healthcare providers that electronically transmit health information in connection with standard transactions.
Now affected by HIPAA that was not affected when orginal law was enacted
300
The procedure that occurs when protected health information is disclosed.
Report incident to your Supervisor or Privacy Officer
400
Potential jail time for HIPAA violations for personal gain of malicious reasons.
Up to ten years.
400
Patients ability to acquire PHI.
Patients' right to access, inspect, and copy PHI.
400
Any inappropriate disclosure of patient information unless the provider can resonably demonstrate otherwise?
Privacy breach
400
Notifying individuals (and in some instances, media outlets) when there has been a privacy/security breach.
Required by the Health Information Technology for Economic and Clinical Health ("HITECH") in 2003.
400
Who the HIPAA security & privacy rule applies to
Everyone who steps into the office.
500
Fine for HIPAA violations due to willful neglect but the violation was corrected within the required time period.
$10,000-$50,000 for each violation, up to a maximum of $1.5 million for identical provisions during a calendar year.
500
The right to access informaton, right to amend informaton, right to restrict information, right to restrict disclosure of information, right to complain if patient feels informaton has been used inappropriately.
Patient's legal rights under HIPAA
500
Sending a fax to the wrong recipient, two different patients' information mailed in the same envelope, laptop stolen with PHI on a drive.
Examples of PHI privacy breach.
500
Reason #1 Eliminating the "pre-existing condition" issue. Reason #2 Ensure the security and confidentiality of patient information/data
Reason HIPAA was created.
500
That all patients receive NOPP; all patients sign an acknowledgement form, acknowledgement form is placed in respective medical charts.
Mercy Primary Care Center Responsibilities
M
e
n
u