Hip Hip ah.....
Name 3 action steps you can take to keep client health information confidential.
1. Use shredders or shred bins to destroy PHI when not needed. 2. Check Fax numbers prior to sending PHI 3. Do not discuss patient information with anyone who does not have a need to know 5. Keep confidential client information out of public areas such as waiting rooms, conference rooms, receptionist desk or on white boards viewable by the public. 6. Don't assume the person with the client knows all the information. 8. Keep records safe and protected regardless of where they are kept.
Obtained before releasing Protected Health Information for purposes other than treatment, payment, and operations.
What is a written patient authorization.
Can an employee access their own personal records in the EMR system since they have access to the system?
No, Under HIPAA employees have a right to request access to their own Protected Health Information (PHI) in employee medical records; however employees do not have a right under HIPAA to utilize their login credentials to access the PHI.
What do the Privacy Regulations seek to do?
The privacy regulation establish that personal health information must be kept confidential.
Does your supervisor have access to review your entire personnel file?
No. There would be no need for your supervisor to have access to your health information to do their job.
Two components of the HIPPA regulation (Hint-Rules).
What is the Privacy Rule and Security Rule.
PHI is also know as?
What is Protected Health Information
HIPAA Rules do not apply to an Employee being treated in your facility. Everyone in the facility should know what has happened to the employee and how they are being treated for their condition.
False, Employees are to be treated like all other patients when they are being cared for in your facility with all the same HIPAA rules as all other patients. The facility needs to stress the importance of the Minimum Necessary Standard to anyone in direct care of this Employee.
Protected health information includes information about...
1. a person's health, health care, or payment of health care (the term "health" includes mental health and behavioral health issues) 2. information that identifies a person 3. services created or received by a covered health care plan or provider.
Do all clients have to get a "Notice of our Privacy Practices?"
Yes. We must offer it to everyone at least at their first visit. If they refuse it, simply document the attempt to give it to them.
HIPAA is also known as
What is The Health Insurance Portability and Accountability Act.
Define the term "Business Associate"
What is a person or entity who provides certain functions, activities, or services for the agency, involving the use and/or disclosure of protected health information, other than a member of our workforce.
Can I release PHI to a patient's spouse?
Yes, we can release PHI to a patient's spouse and/or relative if we have the patient's permission/authorization. It is best practice to get the authorization in writing.
Do the same requirements apply to mental health records and to medical records?
In general, yes; however, - "Psychotherapy notes" are accorded special privacy protections under this regulation. Ordinarily, a written client consent is required before psychotherapy notes can be disclosed to anyone.
During what presidential administration was the HIPAA standards enacted?
What is the Clinton adminstration.
Name at least 2 circumstances under which protected health information may be disclosed without a client's consent or authorization.
1. disclosures required by law 2. permitted disclosures for public health activities (such as reporting diseases, collecting vital statistics, etc.) 3. disclosure about victims of abuse, neglect or domestic violence 4. health oversight activities 5. disclosures for judicial or administrative proceedings 6. disclosure for law enforcement purposes 7. use and disclosure for research purposes 8. disclosures to avert a serious threat to health or safety
What country singer's medical records were sold to the National Enquirer and Star tabloids by a hospital employee for $2,610?
Who is Tammy Wynette
"Minimum necessary HIPAA rule"
"A covered entity must make reasonable efforts to use, disclose, and request only the minimum amount of protected health information needed to accomplish the intended purpose of the use, disclosure."
Can an adult who is not a child's parent or legal guardian accompany them to a medical appointment? Can we share the child's PHI with them?
From a strictly HIPAA standpoint, yes if they are a minor and it's not teen wellness information. "Other regulations governing minors may still mandate that parental consent is documented".
Notice of Privacy Practices: Name 2 of the 5 rights individuals have within the Privacy Rule.
1. What is the Right to receive a “Notice of Privacy Practices” 2. Right to authorize any use or disclosure of protected health information 3. Right to restrict use or disclosure of protected health information 4. Right to an accounting of disclosure of protected health information 5. Right to inspect, copy and request amendments to protected health information
Can we discuss a client's PHI with other providers involved in their care or other provider to whom we are referring them?
Yes. This is part of treatment and does not require authorization.