Hipaa privacy rule
This presentation is the property of its rightful owner.
Sponsored Links
1 / 15

HIPAA Privacy Rule PowerPoint PPT Presentation


  • 149 Views
  • Uploaded on
  • Presentation posted in: General

HIPAA Privacy Rule . Compliance Training for YSU April 9, 2014. What is HIPAA?. Health Insurance Portability and Accountability Act (HIPAA), enacted in 1996

Download Presentation

HIPAA Privacy Rule

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Hipaa privacy rule

HIPAA Privacy Rule

Compliance Training for YSU

April 9, 2014


What is hipaa

What is HIPAA?

  • Health Insurance Portability and Accountability Act (HIPAA), enacted in 1996

  • Federal law designed to give patients control over all Protected Health Information (PHI) that might be shared between health care providers and other covered entities

  • Ensure confidentiality of PHI


What is phi protected health information

What is PHI?(Protected Health Information)

  • “Individually identifiable health information” in any form - paper, electronic, or oral

  • Relates to the physical or mental health condition of an individual

  • Identifies or can be used to identify an individual (e.g., name, address, birth date, Social Security number, account number)

  • Is in the possession of or has been created by covered entities


Examples of phi

Examples of PHI

  • Health care claims

  • Health care payment and remittance advice

  • Coordination of benefits

  • Health care claim status

  • Enrollment or disenrollment in a health plan

  • Eligibility for a health plan

  • Health plan premium payments

  • Referral certification and authorization


What is the hipaa privacy rule

What is the HIPAA Privacy Rule?

  • Provides federal protection for PHI held by covered entities and Business Associates

  • Gives patients rights over determining who can look at and receive their health information

  • Applies to all forms of protected health information – electronic, written, or oral


Who must comply

Who Must Comply?

Health Plans

  • Health insurance companies - HMOs, Medicaid, Medicare, and employer-sponsored health plans

    Health Care Providers

  • Doctors, clinics, hospitals, pharmacies, dentists

  • Electronic billing to insurance

    Health Care Clearinghouses

  • Process nonstandard health information (e.g., billing services)


What is the hipaa security rule

What is the HIPAA Security Rule?

  • Specifies a series of administrative, physical and technical safeguards to use to assure confidentiality, integrity, and availability of electronic PHI


Employer has 2 roles

Employer has 2 Roles

If the Employer is the Plan Sponsor of a self-insured plan it has two different roles:

  • Employer

  • Plan Sponsor


Employer role

Employer Role

HIPAA Privacy Rule does not apply when:

  • Doctor’s information is needed for determining FMLA or an ADA Accommodation

  • Doctor’s release to return to work

  • Workers Compensation injury

  • OHSA logs

  • Wellness programs

  • Health insurance


Plan sponsor role

Plan Sponsor Role

HIPAA Privacy Rules does apply when:

  • Employer participates in the administration of a group health plan

  • Is involved in the decision-making process


Plan sponsor responsibilities

Plan Sponsor Responsibilities

  • Designate a privacy officer

  • Provide written PHI procedures

  • Limit use and disclosures of PHI to the “minimum necessary” to accomplish the intended purpose

  • Require business associates to ensure confidentiality with written contracts/agreements


Employees rights

Employees’ Rights

Employers acting in a plan sponsor role may not share employee PHI without written authorization unless it is shared:

  • With the employee

  • For treatment/care coordination

  • To pay for employee health care services.


Employees rights cont

Employees’ Rights (cont.)

Employees have a right to:

  • A copy of their medical records

  • Restrict who can obtain their PHI

  • Change incorrect information in their medical records

  • A report of when and why PHI was used

  • File complaints


Hipaa privacy violations

HIPAA Privacy Violations

  • Civil penalties - $100 per violation

  • Maximum civil penalties of $25,000 per year, per person, per standard

  • Criminal penalties - $50,000 to $250,000 and imprisonment

  • Additional penalties under state law

  • Lawsuits


Summary

Summary

  • Medical information maintained by employers is not always considered PHI

  • Employer must determine where the information was obtained and whether the information is maintained under the role of employer or plan sponsor of a group health plan

  • Regardless of the role, employers should carefully handle all employee medical information


  • Login