hipaa basics
Post on 02-Dec-2014
399 Views
Preview:
DESCRIPTION
TRANSCRIPT
A crash course for CCFI employees and volunteers
HIPAA BASICS
Information by Rachelle Cook
Designed by Michelle Hughes
CCFI Privacy Officer
What is it?HIPAA …
• Health Information Portability & Accountability Act of 1996:
The Privacy Rule
• Privacy refers to the protection of an individual’s health care data
Privacy Regulations:
• DEFINE
• GIVE
• OUTLINE
The Security Rule
• Security means controlling:
•ConfidentialityConfidentiality• Storage Storage • AccessAccess
Electronic Data Exchange
• This defines the way we can electronically transfer information
Why should we care about all of this stuff?
It’s the right thing to do
It’s what we would want ourselves
Serve our clients
better
To protect ourselves
REPUTATION
The law
To protect our agency
SAFETYTo avoid potential w
ithholding of federal Medicaid
funds.
Bui
ld tr
ust w
ith c
lient
s
morals
We protect PHI in all media created, stored, or transmitted
Verbal Written Hardware
Software
We should treat personal electronic data with the same care and respect as weapons-grade plutonium. It is dangerous, long-lasting and once it has leaked, there's no getting it back.
- Corey Doctorow
Protected Health Information (PHI)
This includes information about:
o Health/condition of an individual
o Payment for health care of an individual
Appointment cards
Invoices
Examples of PHI
Enrollment forms
PHIPHI includesincludes client client identifiersidentifiers ……
The captain of this ship is my client.
He is a mess …
Captain Picard???
HIPAA Lingo
• Use
• Disclose
What does releasing the “minimum necessary” PHI mean?
I only asked for her
address … I didn’t need that
other stuff—yikes!
What is TPO?We only want to use and/or Disclose PHI for the purpose of
Treatment, Payment, and Operations.
Who Protects HIPAA?
Privacy Complaints
Remember who our privacy officer is?
Totes.
Report complaints to her.
Common violations
Accessing More Than the Minimum Necessary
Hey girl,
I found the record, and went ahead
and read the other records too — they were so interesting.
Technology Problems
Misuse of PHI It sucks when you use my PHI without
authorization …
How do these mistakes happen?
Human Error
Wrong Records Released
You gave my insurance co.
too much info!
Wrong Address
You ordered a cat, right?
No …
Oh, sorry. Wrong address
Leaving Messages
What you can do to protect information
When you see someone you know …
This is awkward …
Delivering and Transporting PHI
Keeping Paper Safe
Types of Violations
Intentional
Accidental
Incidental
Report violations … because you should
You know you are supposed to report that to our privacy officer, right?
Disposal of PHI
It’s your job!
top related