This document provides an overview of HIPAA privacy rules and how they affect employees. It outlines the goals of HIPAA training which are to increase knowledge of protected health information, enhance awareness of individual roles in complying with HIPAA, provide reporting responsibilities for violations, and protect patient privacy. Key aspects of HIPAA covered include what information is protected, penalties for non-compliance, and individual rights to privacy of health records. The conclusion emphasizes that HIPAA compliance is required for healthcare businesses and shifts power to consumers regarding their personal health information.
2. Goals of Training
• To increase your knowledge & understanding of what protected health
information (PHI) is in this facility, and what threats may exist to its privacy and
its security
• To enhance your awareness of your role in helping this facility follow HIPAA rules
• To provide information about to whom you can go with questions about privacy,
and about security
• To inform you about your reporting responsibilities when HIPAA violations occur
• To alert you to the possible penalties for violation of HIPAA law for both you and
this facility
• To protect the confidentiality of our consumer's Protected Health Information
(PHI) in support of one of our values -- dignity, self-worth and individual
rights. It's the right thing to do!
• To Understand that this same law also protects you as a consumer of health care.
2
3. What is HIPAA?
• Portability: Protects and guarantees health
insurance coverage when an employee changes job
• Accountability: Protects health data integrity,
confidentiality and availability
• Reduces Fraud and Abuse
• Makes fraud prosecution easier
(Medicare/Medicaid)
• Reduces Paperwork
3
4. WHY COMPLY WITH HIPAA ?
• Avoid denied and or delayed reimbursements
– DHHS agencies process claims bringing in more than $
550 million in receipts annually.
– Annual Medicaid disbursements totaling more than
$4.6 billion.
• May risk Accreditation. (e.g. Joint Commission on
Accreditation on HealthCare Organizations:
• Public relations and business risk issues
• Benefit from long term healthcare cost reductions
• Impose severe penalties for non-compliance
4
5. DEFINITION: PRIVACY
Privacy is the right of an individual to keep
his/her individual health information
from being disclosed.
5
6. HIPAA Enforcement Continued
• These penalties apply to oral, paper
and electronic Protected Health
Information (PHI).
6
7. QUESTIONS?
• If you are ever in doubt, always ask your
Supervisor or their designee!
• Remember, that person is your first line
of response to privacy questions.
7
8. Conclusion
HIPAA - A Health Care Paradigm
• Affects clearinghouses, patients.
• Requires changes to business processes and
applications, staffing plans, facilities and
Information systems applications
• Provides patients with rights
• Shifts power in provider/consumer
relationships
• Introduces new legal liabilities
• Conveys severe civil and criminal penalties
payers, providers, employers, medical
manufacturers, Pharmaceutical companies,
employees
8
9. Conclusion Continued…
HIPAA - is not going away
• Healthcare industry wants standardization
• Consumers want health information to be protected
• HIPAA is not an option
• HIPAA is doing business in the “New Millennium”
• Implementation cost is short term
• Operational benefit is long term
9
10. References
US Department of Health and Human Services
- www.aspe.os.shhs.gov
Center for Medicare and Medical Aid Services
- www.cms/gov
Workgroup for Electronic Data Interchange (WEDI)
- www.wedi.org
Washington Publishing Company
- www.wpc-edi.com
10