hipaa for the physician office

Download HIPAA for the Physician Office

Post on 01-Jan-2016




1 download

Embed Size (px)


HIPAA for the Physician Office. Maintaining Patient Privacy and Confidentiality. Introduction. HIPAA Understanding what it means to your practice What does it mean to the office manager and staff of the physician office?. Overview. NPP. HPI. BA. Code Sets. Covered entities. TPO. - PowerPoint PPT Presentation


  • Maintaining Patient Privacy and Confidentiality*

  • HIPAAUnderstanding what it means to your practiceWhat does it mean to the office manager and staff of the physician office?

  • HIPAA-Administration SimplificationElectronic Data and the Privacy ComponentCovered entitiesPOHotlinesCode SetsTPOCMSBANPPHPI

  • Covered Entities Business AssociatesPHI: Protected Health InformationTPO: Treatment, Payment, OperationsMinimal Necessary DataAmendmentsNotice of Privacy Practices

  • Hospitals and Physicians as providers of HealthcareHealth plans: BCBS, Tufts, US Family etcClearinghouses: The businesses that process billing information for the hospitals and submit it to the health plans

  • Businesses that work with your practice but dont provide health careThe Business has employees that may have access to PHIIn general, we must have contracts with each BA and the BA agrees to follow our privacy policiesAction must be taken if the BA misuses PHI

  • Confidential information about our patients that we can not release.Patients may request their PHIYou may charge a reasonable fee for providing records and a physician summary of the information. 60 Days to comply.No automatic access to:

  • Psychotherapy notesInfo on a criminal, civil or administrative action or proceedingPHI that is subject to or exempted from CLIA (HIV data)Health information that a qualified provider has determined would endanger the life of the individual if he had access to it. Requires special authorization specifically identifying this information, the dates and to whom it will be released.

  • TreatmentPaymentOperationsCovered entities may use PHI for the purposes of TPO without obtaining an individuals authorization.

  • Only the information that is needed should be released.To carry out the intended purpose. Exceptions:When PHI is disclosed for treatment purposesDisclosed to the individual to which the PHI pertainsWhen PHI is disclosed to DHHS

  • Patients may request that amendments be added to the patient medical recordRequest can be required to be in writingRequest could be denied, but..The request and the reason for the denial will need to be kept in the patients medical record60 days to comply with the request

  • The six components of the NoticeInformation regarding uses and disclosures of PHIClarification of individual rightsCovered entities responsibilities (CPN)How to file complaintsContact information for more informationEffective date of the noticeAcknowledgement of receipt by the patient

  • To request an accounting of health information disclosuresTo request an amendment to their health informationInspect and copy their health informationTo receive confidential communications about their health informationTo request restrictions on uses or disclosuresTo complain to the covered entity and to the secretary of the Department of Health and Human Services

  • Accessing Employee Medical RecordsTraining the front desk: NPPTraining Medical Record StaffProcessing releases of informationSecurity BasicsNot leaving Computers unattendedSharing passwordsThe foot prints of the computer*Blah Blah Blah

  • http://www.hhs.gov/ocr/hipaa/HIPAA: The questions you didnt know to ask ISBN: 0-13-114426-X



View more >