WHAT IS HIPAA AND HOW TO COMPLY WITH IT? - PowerPoint PPT Presentation

1 / 29
About This Presentation
Title:

WHAT IS HIPAA AND HOW TO COMPLY WITH IT?

Description:

LMC AND HIPAA LMC is dedicated to maintaining patient privacy and securing any protected health information (PHI) from inappropriate use or disclosure. – PowerPoint PPT presentation

Number of Views:855
Avg rating:3.0/5.0
Slides: 30
Provided by: LMC78
Category:
Tags: and | comply | hipaa | how | what | with

less

Transcript and Presenter's Notes

Title: WHAT IS HIPAA AND HOW TO COMPLY WITH IT?


1
WHAT IS HIPAA AND HOW TO COMPLY WITH IT?
  • Health Insurance Portability and Accountability
    Act of 1996

2
WHAT IS HIPAA?
  • HIPAA stands for Health Insurance Portability and
    Accountability Act, a federal law enacted in 1996
    to help employees maintain health insurance when
    they move to a different job, and to receive
    health insurance regardless of preexisting
    conditions.

3
What is HIPAAcontinued
  • The newest part of HIPAA also ensures privacy for
    patients and their health information.
  •  
  • Covered entities include any health care
    provider, health care clearing house, and health
    care plans.

4
LMC AND HIPAA
  • LMC is dedicated to maintaining patient privacy
    and securing any protected health information
    (PHI) from inappropriate use or disclosure.
  • This presentation is intended to introduce you to
    HIPAA and to the general guideline to help you
    implement these requirements in your job.

5
HIPAA RIGHTS AND RESPONSIBILITIES
  • Every patient will be given a Notice of Privacy
    Practices (NPP) at the first point of service
    delivery from LMC. The NPP will inform patients
    of their privacy rights. These rights include
  • The right to restrict certain release of
    information, which the patient can revoke or
    change at any time. The patient may request that
    their name not be included on the general
    registry.
  • The right to request confidential communications.
    Examples would include having their medical
    information mailed to an alternate address, or
    contacting them at an alternate phone number.

6
PATIENTS RIGHTS continued
  • The right to receive a paper copy of the Notice
    of Privacy Practices (NPP).
  • The right to amend protected health information
    (PHI) through a request to the Privacy Officer.
  • The right to an accounting of disclosures or
    releases done without patient authorization.
    Examples include disease reporting and animal
    bite reporting.
  • The right to inspect and copy, and to obtain a
    copy of their medical record.

7
WHO DOES THE PATIENT GO TO FOR THESE SERVICES?
  • Most of these restrictions can be handled by each
    department. For those requests that cannot,
    contact the LMC Privacy Officer
  • George Evans
  • Director of Information Services
  • 803-936-8235
  • Email LMCprivacyofficer_at_lexhealth.org

8
WHO does HIPAA cover and protect?
  • HIPAA covers all PATIENTS and their protected
    health information (PHI).
  • HIPAA covers ANYONE who deals with patients or
    their protected health information.
  • HIPAA covers any ORGANIZATION and their BUSINESS
    ASSOCIATES who deal with patients and/or their
    protected health information

9
THE PATIENT JOURNEY AND HIPAA
  • At every point where we come in contact with the
    patient or with protected health information, we
    must each do our part to maintain privacy.
  • Think of the journey of a patient through the
    LMC system

10
WHERE DO WE INTERACT WITH THE PATIENT?
  • Registration/scheduling process
  • Waiting area
  • Treatment area
  • During transport
  • Billing inquiry requests

11
PASSWORD PROTECTION PLAN
  • PASSWORD DOS AND DONTS
  • DO protect your password
  • DO use good password choices
  • DO change your password if you feel it has been
    violated
  • DONT share your password with anyone
  • DONT use anyone elses password
  • DONT work under anyone elses password
  • DONT leave passwords displayed on keyboards or
    monitors

12
COMPUTER SECURITY
  • Each user is responsible for maintaining the
    integrity of his or her computer password.
  • Your password is linked to you.
  • Protect yourself by protecting your password.

13
Computer Security What is the difference
between privacy and security?
  • Privacy refers to WHAT is protected
  • Health information about an individual, and the
    determination of WHO is permitted to use or
    disclose or access the information, is protected.
  • Security refers to HOW private information is
    safeguarded
  • Privacy is ensured by controlling access to
    information and protecting it from inappropriate
    disclosure and accidental or intentional
    destruction or loss.

14
Privacy/Security Issues Types of Violations of
HIPAA
  • Accidentally releasing patient information to a
    non-intended recipient. Examples include
    discussing patient information in public
    location.
  • Accessing a patient record without a legitimate
    business need to know
  • Using another persons user ID.
  • Allowing another employee to access LMC
    information systems with my password.
  • Failure to log off when leaving station, allowing
    unattended and unauthorized access.
  • Purposeful break in Confidentiality Agreement.

15
Ask Yourself this Question
  • Before accessing protected health information
  • Do I have a business need to know?

16
Who can lodge a complaint?
  • Privacy related complaints may be made by
  • Patients
  • Family members
  • Visitors
  • Anyone

17
Where can people make complaints?
  • Secretary of Department of Health and Human
    Services (federal government)
  • LMC Privacy Officer
  • NOTE All privacy-related complaints handled by
    LMC staff must be forwarded to the LMC Privacy
    Officer for tracking purposes according to the
    law.

18
What are LMC Privacy Policies and Where Can I
Find Them?
  • The LMC Privacy Policies are
  • Protected Health Information
  • Privacy Compliance
  • Notice of Privacy Practices
  • Business Associates
  • Patient Complaints and Grievances
  • These policies may be viewed as needed upon
    arrival to Lexington Medical Center via access to
    the Intranet

19
Heres the situation. What would you do?
  • You notice that your department has a broken
    computer that can no longer be used. What should
    you do?
  • Call Help Desk at 2022 so they can pick up the
    computer.
  • Take computer and have it repaired and then take
    it home.
  • Throw it in the dumpster.

Press enter to see answer
Correct Answer 1. Call Help Desk at 2022 so
they can pick up the computer.
20
What would you do?
  • You have printed too many copies of a document
    containing PHI. What should you do with the extra
    copies?
  • Throw copies in the nearest waste basket.
  • Shred copies and throw them away.
  • Dispose of copies in locked recycle bin.

Press enter to see answer
Correct Answer 3. Dispose of copies in locked
recycle bin.
21
What would you do?
  • Your friend is having lab work done today. She
    contacts you at work and requests that you access
    her lab results on the computer and let her know
    the outcome. What should you do?
  1. Look up her labs and call her back with her
    results.
  2. Do not look up her labs. Tell her to contact her
    physician for the results.

Press enter to see answer
  • Correct Answer
  • Do not look up her labs. Tell her to contact her
    physician for the results.

22
What would you do?
  • A Mayday is called for ICU Bed 1. You are
    concerned about a coworker who was admitted to
    ICU during the night. It is OK for you to access
    the patient record online to see if this is your
    coworker. 
  • True
  • False

Press enter to see answer
  • Correct Answer
  • False. It is NOT OK for you to access the patient
    record online to see if this is your coworker. 

23
What would you do?
  • You see a well-known local football coach waiting
    in the ED with his family. He is also a family
    friend. You are concerned. What should you do?
  1. Go online and search for medical information
    pertaining to your friend and or his family
    member.
  2. Ask a co-worker why this family is here.
  3. Say hello to your friend and respect their right
    to privacy.

Press enter to see answer
Correct Answer 3. Say hello to your friend and
respect their right to privacy.
24
What is HIPAA?
  • Health Insurance Portability and Accountability
    Act
  • Health Insurance Privacy and Authorization Act
  • Health Insurance Procurement Action Act

Health Insurance Portability and Accountability
Act
Press enter to see answer
25
True or False ?
Press enter to see answer
  • The following indicators are considered PHI
    (protected health information)
  • Patients name
  • Patients date of birth
  • Patients diagnosis
  • Patients visit or account number for billing
    purposes
  • Patients social security number
  • Patients billing information

Correct Answer True. Any individual
identifiable health information is considered
PHI.
26
HIPAA Reminders
  • Be aware of  WHERE you discuss patient
    information
  • SHRED paper containing PHI
  • LOG OFF computer  before you walk  away
  • Do not access PHI in any medium unless  you have
    the RIGHT OR NEED TO KNOW
  • DO NOT SHARE your computer LOGIN or password
  • KEEP patient RECORDS  in SECURE location

27
THIS IS SERIOUS CIVIL AND CRIMINAL PENALTIES
  • CAN BE APPLIED TO INDIVIDUALS OR ORGANIATION
  • 100.00 per violation, not to exceed 25,000 per
    violation per person or incident
  • 50,000 and up to one year in prison for
    knowingly obtaining or disclosing individual
    identifiable health information (IIHI) illegally
  • 100,000 and up to 5 years in prison if done
    under false pretenses.
  • 250,000 and up to ten years in prison if done
    with the intent to sell, transfer, or use for
    commercial advantage, personal gain or malicious
    harm.

28
How to get more information on HIPAA
  • Ask your supervisor or director
  • Go to
  • Contact George Evans, Director of Information
    Services LMC Privacy Officer or
  • Contact Tammy Grubbs in Information Services
  • Both can be reached at 803-936-8235
  • or via email LMCPrivacyOfficer_at_lexhealth.org

29
DOCUMENTATION OF TRAINING
  • Your clinical rotation group will be asked to
    sign a HIPAA Training Confirmation Form along
    with a Confidentiality Acknowledgement upon
    arrival to clinical areas.
Write a Comment
User Comments (0)
About PowerShow.com