FIPA HIPAA Overview - PowerPoint PPT Presentation

1 / 13
About This Presentation
Title:

FIPA HIPAA Overview

Description:

Excludes Public Records (MGL c. 4, 7, cl. ... Relationship to Public Records Law ... Statutory definition of Public Records, with its exemptions, seeks to achieve a ... – PowerPoint PPT presentation

Number of Views:306
Avg rating:3.0/5.0
Slides: 14
Provided by: Lin558
Category:

less

Transcript and Presenter's Notes

Title: FIPA HIPAA Overview


1
FIPA - HIPAA Overview
  • The Massachusetts Fair Information Practice Act
  • and
  • The Federal Health Insurance
  • Portability and Accountability
  • Act of 1996
  • Linda M. Palmateer
  • EOHHS
  • Asst General Counsel
  • February 20, 2008

2
FAIR INFORMATION PRACTICES ACT(FIP
A)(Massachusetts General LawsChapter 66 A)
  • State law passed in 1975
  • Ensures that certain types of personal data
    collected and held by the state government remain
    private and are only disclosed in accord with
    applicable law
  • Extends to individuals certain rights over
    state-held data pertaining them
  • Authorizes certain agencies to issue related
    regulations

3
FIPA Key Concepts
  • Holder (Agency)
  • Personal Data
  • Data Subject
  • Disclosure Rules
  • Other Holder Obligations
  • Data Subject Rights
  • Relationship to Public Records Law

4
Holder
  • FIPA only applies to a Holder, as defined in the
    statute
  • Holder
  • an Agency that collects, uses, maintains or
    disseminates Personal Data OR
  • any person or entity that contracts or has an
    arrangement with an Agency whereby it holds
    Personal Data as part or as a result of
    performing a governmental or public function or
    purpose
  • (Agency
  • any agency of the executive branch
  • any authority created to serve a public purpose,
    having either statewide or local jurisdiction)

5
Personal Data
  • Any information concerning an individual which,
    because of name, identifying number, mark, or
    description can be readily associated with a
    particular individual
  • Excludes Public Records (MGL c. 4, 7, cl. 26)
    and Intelligence, Evaluative or CORI information
    (MGL c. 6, 167)

6
Data Subject
  • An individual to whom Personal Data refers
  • Excludes corporations, corporate trusts,
    partnerships, limited partnerships, trusts, or
    other similar entities

7
Key Disclosure Rule(MGL c. 66A, 2 c)
  • No disclosure of Personal Data unless
  • authorized by statute or regulation
  • OR
  • approved by Data Subject
  • Certain limited exceptions, including
  • Medical or psychiatric data upon request of
    treating physician if emergency precludes Data
    Subject consent, provided receives notice after
    emergency

8
Subpoena Disclosure Rule (MGL c. 66A, 2 k)
  • Maintain procedures to ensure that Personal Data
    are not made available in response to compulsory
    legal process unless Data Subject is given notice
    of such demand in reasonable time to seek to
    quash process

9
Other Holder Obligations(MGL c. 66A, 2 a, b,
d, e, f, h ,l)
  • One responsible manager to ensure compliance
  • Staff education
  • Reasonable safeguards against data theft,
    identity theft, and certain physical threats to
    data (fire, flood, etc)
  • Record data access and use beyond Holder
  • Maintain data in accurate, complete, timely, and
    relevant manner to assure fair determination of
    Data Subjects character, rights, benefits when
    such determinations depend on data
  • Collect/maintain only reasonably necessary
    Personal Data to fulfill statutory functions
  • Secretary of State annual report

10
Data Subjects Rights(MGL c. 66A, 2 c, g, i, j)
  • Upon Data Subjects request, release Personal
    Data to third person if practicable (may charge
    reasonable fee)
  • Provide Data Subject with list of data uses,
    including identity of those with access
  • Upon request, provide Data Subject with access to
    own Personal Data, unless otherwise restricted by
    law or subject of investigation and access would
    prejudice effective law enforcement
  • Allow Data Subject to contest datas accuracy and
    permit amendment if no disagreement re change,
    or if disagreement, permit note

11
Relationship to Public Records Law
  • FIPA was passed to ensure that the government
    does not abuse the privacy of its citizens
  • Public Records Law was passed to ensure that the
    government functions openly with public scrutiny
  • Statutory definition of Public Records, with its
    exemptions, seeks to achieve a balance of these
    equally important but possibly conflicting goals

12
Relationship to Public Records LawContd
  • Public Records Definition (MGL c. 4, 7, cl. 26
    )
  • Documentary materials or data, regardless of
    physical form or characteristics
  • Made or received by any officer or employee of
    any agency, executive office, department, board,
    commission, bureau, division or authority of
    commonwealth, or political division thereof, or
    of any authority established by general court to
    serve public purpose
  • Unless falls within one of the exemptions listed
    in MGL c. 4, 7, cl. 26

13
Relationship to Public Records LawContd
  • Exemption cl. 26 (c)
  • Personnel and medical files or information
  • Any other materials or data relating to a
    specifically named individual, the disclosure of
    which may constitute an unwarranted invasion of
    personal privacy
  • Intimate details of a highly personal nature
  • Balance general publics right to know vs.
    individuals privacy interests
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "FIPA HIPAA Overview" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!