HIPAA Basics
Acronym for Health Insurance Portability and Accountability Act
What is HIPAA?
A provider may share PHI with this person if the patient gives written consent.
Who is a family member or personal representative?
If a provider accidentally emails PHI to the wrong person, this is considered a ________.
What is a breach?
Under HIPAA, patients have the right to file this type of complaint.
What is a privacy complaint?
In California, this additional act supplements HIPAA by providing stronger privacy protections.
What is the California Confidentiality of Medical Information Act (CMIA)?
Without written authorization, PHI can still be shared for these three core reasons.
What are treatment, payment, and health care operations?
Term for uses to protect data from being stolen, changed or compromised.
What is encryption?
Type of communication where clients have the right to decide to communicate via unencrypted email /text.
What is electonic communications?
HIPAA applies to these three types of entities.
What are health care providers, health plans, and health care clearinghouses?
Referred to as sharing information WITHIN an organization.
What is authorized use?
This is the third step in the internal breach process.
What is investigate to detrmine scope and impact?
HIPAA requires that patients receive this document detailing how their PHI may be used and shared.
What is a Notice of Privacy Practices (NPP)?
Under both HIPAA and CMIA, this is the term for health information that can be used to identify an individual.
What is Protected Health Information (PHI)?
Services excluded in permitted disclosure.
What is substance use disorder services or SUD?
Seeking guidance from this department for records request with nuance or special circumstances.
What is Legal department?
California patients have the right to request this limitation on disclosures, even if the provider disagrees.
What is a restriction on the use or disclosure of their medical information?