HIPAA 101 Education

1
HIPAA 101 Education
2
WHAT IS HIPAA???
3
WHAT IS HIPAA?

• The Health Insurance Portability and
  Accountability Act
• A Patients Rights Law
• Enacted by Congress to protect patients privacy

4
THE PRIVACY RULE

• The right to access, inspect, copy and request
  changes to medical records
• The right to say who sees their medical records
  and who doesnt
• The right to request a list of exactly who has
  seen their medical records
• The right to confidential communication about
  their health

5
CONFIDENTIALITY
6
PROTECTED HEALTH INFORMATION

• P.H.I., for short
• Information about a patients condition,
  treatment or payment

7
Protected Health Information (P.H.I.) includes

• Medical Records
• Arm Bracelets
• Pharmacy Orders
• Conversations about Patient Health
• Dietary Cards
• I.V. Bags and Meds
• Payment and Insurance Records

8
PROTECTING P.H.I.

• Place all medical records in a secure location.
• Shred or destroy all reports material like arm
  bracelets and I.V. bags.
• Escort all patients and visitors through
  departmental areas.
• Store P.H.I documents under lock and key when you
  leave the area.

9
PROTECTING P.H.I. continued.

• Lock perimeter doors so that patients and
  visitors have to use main entrances.
• Dont discuss a patient outside the treatment
  area.
• Dont leave sensitive computer files up on your
  computer screen.
• Never share your password with anyone!

10
(No Transcript)
11
You can share P.H.I. for three purposes

1. TREATMENT when talking to co-workers in the
   treatment area.
2. PAYMENT when filing an insurance claim or
   discussing payment options.
3. OPERATIONS for purposes such as audits,
   customer services, quality improvements and
   grievance resolution.

12
TREATMENT, PAYMENT and OPERATIONS

• T.P.O. for short.
• P.H.I. cannot be shared for any other reason
  without written authorization from the patient.

13
Questions?

• Ask your supervisor or manager.
• See your facilitys Privacy Officer.

14
HIPAA Review

• You can share Protected Health Information
  (P.H.I.)
• for Treatment, Payment and Operations (T.P.O.)
  only!

15
Limit the P.H.I. Shared to THE
MINIMUM NECESSARY

• You are responsible for limiting the information
  you receive to only what is required to do your
  job.

16
The Minimum NecessaryEach department must
determine what the minimum necessary means.
ER Evaluation
Hospital
Admission
Peer Evaluation/
JCAHO Review
Lab/Radiology/
Pharmacy
Documentation,
Billing/Collection
Managed
Care
Care/Case
Delivery/
Management
Treatment/
17
The Privacy Rule

• Keep Protected Health Information (P.H.I.)
  confidential.
• Share P.H.I. for Treatment, Payment and
  Operations (T.P.O.) only.
• Only share the minimum necessary as set by your
  department

18
Privacy Pledges are given to every
patient.Privacy Pledges are also posted on
bulletin boards and on the Covenant Health
website.
19
Fines and Penalties for Non-
Compliance

• Wrongful Disclosure of Health Information
• Simple disclosure fines up to 50,000 and/or 1
  year in prison
• Disclosure under false pretenses fines up to
  100,000 and/or 5 years in prison
• Disclosure with intent to sell or use fines up
  to 250,000 and/or 10 years in prison

20
Fines and Penalties for Non-Compliance

• Non-Compliance with Requirements
• 100 per violation to a maximum of 25,000 per
  requirement per year
• 80 requirements (and counting) would add up to
  over 2 million in penalties per year!

21
How do we become HIPAA compliant?

• Adjust the way we think and how we do our jobs
• Become more aware of privacy issues
• Pay close attention to trainings
• Ask questions
• Develop a constant consideration for our
  patients feelings and need for privacy

22
Help make HIPAA happen!
23

• Place items in your work area in a secure place.
• When discussing P.H.I. keep your voice down.
• Use extreme caution sending out faxes use a
  cover sheet and verify numbers.
• Dont talk about P.H.I. outside the treatment
  area.
• Bring non-compliant actions to your co-workers
  attention.
• Dispose of all P.H.I. properly by shredding.
• Protect your patients information as if it were
  your own!!

24
Timeline to HIPAA Compliance
Start Now!
THE CLOCK IS TICKING Compliance with the
Privacy Rule must be complete by April 14, 2003!
NOTE Other final rules are expected to be
released throughout 2002 and 2003.
HIPAA Privacy
25
MAKE HIPAA A HABIT!
26
TAKE THIS QUICK HIPPA QUIZ
27
P.H.I. stands for

1. A pretty hairy individual
2. Post hypnotic insomnia
3. Protected Health Information

28
If you see P.H.I. lying on a counter, you should

1. Leave it there.
2. Throw a hissy fit.
3. Pick it up and put it in a secure location and
   remind others to do the same.

29
When disposing of P.H.I., you should

1. Wad it up and throw it into the nearest trashcan.
2. Shred it or place it in the appropriate shred or
   destruction bin.
3. Tear it into several pieces before putting it in
   a trash can.

30
Patients will be informed of their privacy rights
by

1. A daily announcement over the PA system.
2. A special messenger.
3. A privacy pledge given at registration.

31
Failure to protect patient privacy could mean

1. You are a bad, bad, person.
2. A free vacation in the Bahamas.
3. Big fines and/or prison time.

32
P.H.I. may be shared without a patients
authorization for which of the following?

• Patients attorney.
• Newspaper reporter.
• Treatment, Payment and Operations.

33
If you have questions about HIPAA rules, you
should ask

• Oprah and/or Dr.Phil.
• Your friends and/or family.
• Your supervisor and/or Privacy Officer.

34
Thats it!

• Complete your documentation form and give it to
  your supervisor!