HIPAA Basics
What does HIPAA stand for?
Health Insurance Portability and Accountability Act
What does PHI stand for?
Protected Health Information
Can coworkers share PHI if both are involved in the project?
Yes
Is accessing a member’s record out of curiosity a violation?
Yes
What does HIPAA protect?
Patient privacy, medical records, personal information, and electronic data
Name 3 types of PHI.
Name, DOB, address, medical record #, etc.
What should you do if you send PHI to the email?
Report it immediately
What is a common HIPAA violation?
Talking about patients in public, accessing records without cause, lost/stolen devices with PHI, sending PHIA to the wrong person, improper disposal of PHI
Name the two main HIPAA rules.
Privacy Rule and Security Rule
Is de-identified data PHI?
No
What is the Minimum Necessary Rule?
Use/share the minimum PHI needed
Name a right patients have under HIPAA
Access their records, request corrections, receive privacy notice, request restrictions on info sharing, get an accounting of disclosures
Who must comply with HIPAA?
Covered entities and business associates
Can PHI be verbal, written, or electronic?
Yes, all of the above
Is texting PHI allowed on personal phones?
No
Can employees face personal penalties?
Yes, fines or criminal charges
What is the purpose of HIPAA?
To protect the privacy and security of health information
Give one example of an incidental disclosure.
Overhearing a name in a waiting room
Give one safeguard for PHI.
Lock cabinets, log out, privacy screens, etc.
What notice explains HIPAA rights?
Notice of Privacy Practices