Acronyms
PHI
What is Protected Health Information?
Protected Health Information includes these 3 information.
Information that can identify an individual and their:
–Physical or mental health or condition
–Provision of health care services
–Payment for provision of health care
This happens when you do not follow HIPAA compliance.
What is going to jail?
There are 3 questions to ask yourself about ways to protect patient privacy.
•What are they asking for?
•What can I share?
•Will this information break confidentiality?
The 7 ways to Protect Patient Privacy includes these actions.
Avoid discussing patients.
Protect your workstations and computers.
Avoid downloading unnecessary programs
Have up to date spyware/virus software
Do not leave potentially identifying information in public spaces.
Do not leave messages regarding conditions or test results on answering machines, in emails, in texts, or with anyone other than the patient.
Avoid paging patients using information that could reveal their health issues.
NPP
What is Notice of Privacy Practices?
These people must comply with HIPAA.
Who are health care providers?
Knowingly releasing patient information results in these actions.
What is a 1-year jail sentence and $50,000 fine?
Bare Minimum Necessary Rule does not apply in these situations.
- Treatment: Provision, coordination, or management of health care and related services with other treatment providers (with ROI signed).
- Clinical Supervision
Your responsibilities include these actions to comply with HIPAA.
•Understand PHI
•Know the rules
•Check if your agency and/or outside providers you are working with adheres to HIPAA
•Report violations
ROI
What is Release of Information?
Patient care includes 4 things.
What is:
–Know how their information is used
–Access their health information
–Correct misinformation in the file
–Control how their information is used in specific instances
Individuals can sue the agency or other individuals for any of these 5 reasons.
–Negligent Disclosure
–Breach of Confidentiality
–Invasion of Privacy
–Breach of Warranty
–Malpractice
Notice of Privacy Practices includes these 4 requirements.
•HIPAA requires all covered entities to give this out to every patient.
•Informs client about privacy practices and how their information is used
•Required to give out during intake meeting
•Must get written signature acknowledging receipt
Reasons to Release PHI Without Authorization include these 3 reasons.
•State health agencies require providers to report to them when patients have certain communicable diseases, even if patient doesn’t want it reported
•The FDA requires providers to report certain information about medical devices that break or malfunction
• Who suspect child abuse or domestic violence to report it to police
DCS
What is Deaf Community Services?
Protected Health Information protects several things.
What is Individual Identifiable health Information (Demographic Information)?
These 4 actions constitutes a HIPAA breach.
–Laptop containing PHI is stolen
–Staff person who is not authorized looks through patient files
–Wrong discharge instructions given to person
–Billing statements mailed to wrong address
We disclose the bare minimum necessary only in these situations.
–Treatment Situations (Anything and everything in a medical record may be important)
–Release of information (ROI) is signed by the client or client’s authorized individual
–HIPAA compliance (e.g., to HHS Office of Civil Rights or Inspector General)
Ways to Keeping Patient Data Secure include these actions.
•Initial and on-going risk analysis and threat assessments
•Areas of Security
–Computer Security
–Communication Security
–Physical Security
–Personnel Security
–Procedural Security
HIPAA
What is Health Insurance Portability & Accountability Act?
HIPAA Philosophy
What is Patient care?
Gaining access to health information under false pretenses results in these actions.
What is a 5-year jail sentence and $100,000 fine?
Minimum Necessary Rule DOES apply in these situations.
Payment: Activities of a health plan to obtain premiums or fulfill coverage and benefits responsibilities, or to obtain reimbursement.
Health Care Operations: Activities of an agency related to covered functions including quality assurance, professional qualification review, and medical reviews.
If unsure, you must talk with these individuals to make an informed decision.
Who is your supervisor, Human Resources, and/or Clinical Director?