Ruthie Prunty Class Discussion

1. Protecting Patients Confidentiality The Health Insurance Portability and Accountability Act of 1996 (HIPAA)

2. What is HIPAA? A government mandated rule to protect access to and use of patient personal health information Gives patient certain individual rights

3. What Type of Information Do HIPAA Cover? Identifiable Protected Health Information (PHI) Information that Identifies a Patient or Individual

4. Privacy Information What are Identifiable Information?

5. Answer Pictures Names Birthdates Phone Numbers SSN (social security number) Medical Record Information

6. Patient’s Rights May review medical record Request correction of any noticeable errors File grievance with provider

7. Responsibility to Patient Protect and secure PHI (personal health information) Institute policies and procedures for managing PHI

8. Principles of the Privacy Rule Customer Control Set Boundaries Answerability Civic Accountability Safety

9. Protected Health Information Policies Guide access to and use of personal health information

10. Assess to Personal Health Information Is based on who needs to know and minimum necessary information By health care providers By payment activity

11. Use of Protected Health Information When Providing Patient Health Care Treatment or Services Such as: Verification of insurance Medical treatments

12. How to Protect Privacy Do not share PHI with non clinical staff Utilize the minimum necessary standard with protected health information Avoid public discussion of patient information Avoid public viewing and access of patient information

13. When is it allowed to reveal PHI? In court processes (subpoena) Law enforcement processes (criminal investigation)

14. When is Patient Authorization Required? Receiving Medical Treatment Conducting Medical-Related Tests (AIDS, Drug)

15. What to Do When Requests are Made for an Individual’s Personal Information Verify who is requesting the information Verify photo (if available) Document the information being given

16. What Technological System Make It Easy to Access, Copy, and Distribute PHI Computerized Medical Records

17. Organizations that Enforce HIPAA’S Regulations FBI (federal bureau of investigation) Office for Civil Rights Joint Commission on Accreditation of Healthcare Organization

18. For Non-Compliance to HIPAA Security of Privacy rules Civil-Enforced by Office of Civil Rights Criminal-Enforced by Department of Justice Intentionally exposing PHI-1yr sentence & $50,000 fine Falsely accessing PHI-5yr sentence & $100,000 fine Giving PHI to someone with criminal intent-10yr sentence & $250,000 fine

19. References Mir, S.S. (2011, March). HIPAA Privacy Rule: Maintaining the confidentiality of medical records, Part I. Journal of Health Care Compliance, 13(2), 5-14. Retrieved August 17, 2011, from ABI/INFORM Global Protecting patients privacy. (n. d.). Retrieved August 17, 2011 from http://cnhs.fiu.edu/ot/pdf/HIPAA_Regulations.ppt Protecting patient privacy. (n. d.). Retrieved August 17, 2011 from http://www.westernu.edu/bin/nursing/hipaa.pps Wolper, L.F. (2011). Health care administration: Managing organized delivery systems (5th ed.). Boston: Jones and Bartlett.