Health Insurance Portability and Accountability Act (HIPAA) Review - PowerPoint PPT Presentation

1 / 16
About This Presentation
Title:

Health Insurance Portability and Accountability Act (HIPAA) Review

Description:

Health Insurance Portability and Accountability Act (HIPAA) Review ... Refer ALL authorization exemptions to Privacy Officer for review! Rx Obligations ... – PowerPoint PPT presentation

Number of Views:99
Avg rating:3.0/5.0
Slides: 17
Provided by: debbi2
Category:

less

Transcript and Presenter's Notes

Title: Health Insurance Portability and Accountability Act (HIPAA) Review


1
Health Insurance Portability and Accountability
Act (HIPAA) Review
  • Auburn University Harrison School of Pharmacy

2
HIPAA Basics
  • HIPAA passed in 1996
  • Protect and secure patient information
  • Guarantee patients right to access health
    information and control its use
  • Implemented April 14, 2003

3
Protected Health Information (PHI)
  • Spoken, written, or electronic
  • Prescription
  • Fax or email
  • Patient consultation
  • Created or received by a covered entity (e.g.
    health care providers, pharmacies, health
    insurance plans)
  • Info related to past, present, or future health

4
De-identified Data
  • Data that cannot identify an individual patient
  • De-identified data does not fall under HIPAA
    rules
  • Often used in research

5
Patient Rights
  • Limit how PHI used
  • Determine when/how communicated with patient
  • Review and obtain copy of PHI
  • Request edits of PHI
  • Know how pharmacy uses PHI

6
Rx Obligations
  • Provide written notice to patients regarding
    Privacy Practices
  • Patient rights
  • How uses and discloses PHI
  • Who to contact with complaints
  • Obtain written acknowledgement from patients of
    receipt of Privacy Practices

7
Rx Obligations
  • Minimum Necessary
  • Limit PHI provided by pharmacy
  • Provide only minimum necessary information to
    complete a task (e.g. fill prescription, counsel
    patient, file a claim)

8
Rx Obligations
  • Exceptions to Minimum Necessary
  • Health care provider request to aid treatment
  • Disclosure directly to patient
  • Disclosure according to patients written
    authorization
  • Must avoid incidental uses and disclosures of PHI!

9
Acknowledgement vs. Authorization
  • Acknowledgement
  • Patient written acknowledgement of receipt of
    written notice of privacy practices
  • Notice to include types of PHI disclosures for
    treatment, payment, operations (TPO)
  • Authorization
  • Signed authorization required for any disclosure
    other than that necessary for TPO

10
Authorization Exemptions
  • PHI relative to the following
  • Public Health
  • Abuse, neglect, domestic violence
  • Health oversight
  • Law enforcement
  • Judicial and administrative proceedings
  • Decedents
  • Avert serious threat to health or safety
  • Specialized government
  • Comply with workers compensation laws
  • ADR reports to the FDA
  • DEA or state Board of Pharmacy inspections

11
Authorization Exemptions
  • Refer ALL authorization exemptions to Privacy
    Officer for review!

12
Rx Obligations
  • Prevent incidental disclosures of PHI!
  • Telephone (refills, call in Rx)
  • Faxed Rx
  • Info left via pharmacy voice mail
  • Drive through pick up window
  • Insurance requests for information
  • Patient consultations
  • Friend or family member requests info regarding
    patients Rx or condition

13
Penalties for HIPAA Violation
  • Civil
  • 100 per rule violation, up to 25,000 for
    identical violations in one calendar year
  • Only 2 Exceptions (do not apply)
  • Did not know violated HIPAA rule
  • Failure to comply with rule not due to willful
    negligence, and corrected within 30 days

14
Penalties for HIPAA Violation
  • Criminal
  • Knowingly and in violation of HIPAA rules uses or
    causes to be used unique health identifiers,
    and/or obtains or discloses PHI relating to an
    individual
  • 50,000 fine and/or up to 1 year imprisonment

15
Penalties for HIPAA Violation
  • Criminal
  • 10,000 fine and/or up to 5 years imprisonment if
    obtain PHI under false pretenses
  • 250,000 and/or up to 10 years imprisonment if
    intent to sell, transfer, or use PHI for
    commercial advantage, personal gain, or malicious
    harm
  • AUHSOP Honor Code Violation

16
Summary
  • You will have access to PHI every day
  • Access only PHI necessary to complete the task at
    hand
  • Make every effort to avoid incidental disclosure
    of PHI
  • If unsure about a request for PHI, do not
    disclose and contact Privacy Officer
  • Treat PHI as if it is your own
Write a Comment
User Comments (0)
About PowerShow.com