Level 1 l.jpg
This presentation is the property of its rightful owner.
Sponsored Links
1 / 31

HIPAA Level One Training PowerPoint PPT Presentation


  • 87 Views
  • Uploaded on
  • Presentation posted in: General

Level 1. HIPAA Level One Training. Objectives. Define HIPAA Training Requirements Define PHI PHI Identifiers Requesting Restrictions Discarding PHI Email, Internet & Fax Policies Minimum Necessary Policy Media Guidelines Complaints/Violations Sanctions. HIPAA.

Download Presentation

HIPAA Level One Training

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Level 1 l.jpg

Level 1

HIPAALevel One Training

HIPAA Level One


Objectives l.jpg

Objectives

  • Define HIPAA

  • Training Requirements

  • Define PHI

  • PHI Identifiers

  • Requesting Restrictions

  • Discarding PHI

  • Email, Internet & Fax Policies

  • Minimum Necessary Policy

  • Media Guidelines

  • Complaints/Violations

  • Sanctions

HIPAA

HIPAA Level One


Level i training requirements l.jpg

Level I Training Requirements

  • The entire workforce must be trained in level I including students, volunteers, and agency staff

HIPAA Level One


Training requirements level two l.jpg

Training Requirements Level Two

All staff defined by the minimum Necessary policy must attend. This includes all patient care staff, compliance officers, admitting, physicians, billing staff, and medical records staff, etc.

HIPAA

HIPAA Level One


Training requirements level three board med exec vp ceo coo cno etc l.jpg

HIPAAHIPAA

Training Requirements Level ThreeBoard, med exec, VP, CEO, COO, CNO, etc.

HIPAA Level One


What is hipaa l.jpg

HIPAA POLICE

What is HIPAA?

  • Health Insurance Portability and Accountability Act of 1996

  • Strongest confidentiality protection ever enacted

  • Affects any information transmitted orally, written or electronically

  • HIPAA is enforced by The

    Office of Civil Rights –

    “The HIPAA Police”

HIPAA POLICE

HIPAA Level One


Acronyms l.jpg

Acronyms

HIPAA – Health Insurance Portability and Accountability Act

NPP – Notice of Privacy Practice

PHI – Protected Health Information

TPO – Treatment, Payment or Health Care Operations

HIPAA Level One


The three r s of hipaa l.jpg

The Three R’s of HIPAA

HIPAA Level One


What is phi protected health information l.jpg

What Is PHI?(Protected Health Information)

A person’s personal & protected health information that is used to render care and bill for services provided.

Individually identifiable health information that is transmitted or maintained by electronic media or in any other form or medium.

Applies to all patients, both living and deceased.

HIPAA Level One


Protected health information l.jpg

Protected Health Information

(This list is not inclusive.)

  • PATIENT NAME

  • SOCIAL SECURITY NUMBER

  • BIRTHDATE

  • ADDRESS

  • ACCOUNT NUMBER

  • MEDICAL RECORD NUMBER

  • DIAGNOSES

  • EMAIL ADDRESS

  • EMPLOYER

  • MEDICAL TESTS

  • PRESCRIPTIONS

  • TELEPHONE NUMBER

HIPAA Level One


Notice of privacy practices l.jpg

Notice of Privacy Practices

NOTICE OF PRIVACY PRACTICES IS GIVEN TO EVERY PATIENT PRIOR TO SERVICES RENDERED.

HIPAA Level One


Notice of privacy practices12 l.jpg

Notice of Privacy Practices

  • Identifies uses and disclosures of PHI by the facility

  • Rights of the Patient

    • Inspect and copy their PHI

    • Amend their PHI

    • Receive an accounting regarding disclosure of PHI

    • Request restrictions to PHI

    • Request confidential communications of PHI

    • Obtain a paper copy of this notice

  • Report a complaint

HIPAA Level One


Things to remember l.jpg

Things to Remember

All patients, employees, & volunteers sign

confidentiality agreements.

Patients have a right to control who will have access to their medical information.

It is a breach of confidentiality to take pictures of patients or facility events that include patients.

Taking pictures for treatment purposes to be included in the medical record does not require documentation

Every person views a patient record must record that he/she has seen the file

HIPAA Level One


More things to remember l.jpg

More Things to Remember

  • Privacy policies apply even after employment or student experience ends.

  • Patients have a right to request restrictions, however, do not automatically agree to requested restrictions. Restrictions must go through process of approval

HIPAA Level One


Minimum necessary policy l.jpg

Minimum Necessary Policy

Before you ask someone for patient information, always ask yourself, “Do I need to know this to do my job?” If the answer is “Yes”, then no need to worry. If the answer is “No”, thenSTOP!

“HIPAA requires that each health care provider make reasonable efforts to limit the use or disclosure of Protected Health Information (“PHI”) to the minimum necessary to accomplish the intended purpose.”

HIPAA Level One


Use and disclosure of phi l.jpg

Use and Disclosure of PHI

  • Permitted for TPO

    • Treatment

    • Payment

    • Health Care Operations

  • Additional permitted disclosures (Not all inclusive)

    • Law Enforcement

    • Judicial and Administrative Proceedings

    • Health Oversight Activities

    • Business Associates

HIPAA Level One


Use and disclosure of phi17 l.jpg

Use and Disclosure of PHI

Patient Directory Information

  • If someone inquires about a patient by name, the facility will provide the location and their “general condition”.

    • Celebrities and other public officials are subject to the same standards

  • Patient has the right to opt out of the patient directory information.

  • “general conditions” include: Good, Fair, Serious, Critical

  • Clergy will be given patient name & religious affiliation.

HIPAA Level One


Use and disclosure of phi18 l.jpg

Use and Disclosure of PHI

Disclosure of PHI to Individuals Other than Patient

  • ANY & ALL information regarding a patient is considered PHI.

  • When patients provide information to their providers, they expect that only people who are caring for them will have access to it and that it will only be used in providing care for them.

  • Even releasing unsolicited information that a person is a patient at an HHS facility or clinic is considered a violation.

HIPAA Level One


Use and disclosure of phi19 l.jpg

Use and Disclosure of PHI

  • Only patient directory information can be provided to visitors unless they are actively participating in the care of the patient, such as immediate family members, etc. When in doubt, ask the patient or the patient’s representative for approval.

  • What patients discuss with you about their condition may not be inappropriately passed on.

  • Limit all patient related conversations in public areas (halls, nursing stations, elevators, cafeteria, restrooms)

  • If you overhear conversation regarding a patient, let them know you can hear them and remind them of HIPAA policy.

HIPAA Level One


Use and disclosure of phi20 l.jpg

Use and Disclosure of PHI

  • To Someone Involved in Individual’s Care

    • Family Member, relative, close friend, or other person identified by patient or patient’s representative

    • Disclose PHI relevant to involvement with individual’s care

    • Obtain individual’s agreement

    • Emergency exception – using professional judgment

  • Disaster Relief Purposes

    • To public or private entity for disaster relief efforts. Check with facility privacy officer for protocol.

HIPAA Level One


Use and disclosure of phi21 l.jpg

Use and Disclosure of PHI

  • Minors

    • Parents / Guardians access to minors PHI unless State law is more stringent

    • Loco Parentis – Acting as parent (State Laws apply)

  • Emancipated minors have control of their PHI

  • State Laws that are more stringent supercede HIPAA Laws

HIPAA Level One


Protected health information22 l.jpg

Protected Health Information

Protecting confidential information is a responsibility that the entire workforce shares, including volunteers, regardless of whether or notthey are caring for patients.

HIPAA Level One


How to trash your work l.jpg

How To “Trash” Your Work!

  • All trash that contains PHI including brief handwritten notes is PRIVATE and must be DESTROYED.

  • If you see/find PHI in the trash, you are REQUIRED to report this to your supervisor or facility privacy officer.

  • PHI also includes patient information that has been stored on computer disks. These computer disks CAN NOT be thrown in the trash. They must be destroyed if no longer needed.

  • Cross-cut shredder

  • Locked box

HIPAA Level One


How to trash your work24 l.jpg

How To “Trash” Your Work

ITEMS YOU THROW AWAY EVERY DAY THAT MAY CONTAIN PHI

1.     __________________________

2.     __________________________

3.     __________________________

4.     ___________________________

5.     ___________________________

6.     ____________________________

7.     ____________________________

8.     _____________________________

9.     _____________________________

10. ___________________________

HIPAA Level One


Email confidential notice l.jpg

Email Confidential Notice

Confidentiality Statement For Email:

All out-going e-mails should contain the following confidentiality notice at the end of the message:

IMPORTANT NOTICE:

This message is intended only for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you have received this message in error, you are hereby notified that we do not consent to any reading, dissemination, distribution or copying of this message. If you have received this communication in error, please notify the sender immediately and destroy the transmitted information.

HIPAA Level One


Fax confidentiality notice l.jpg

Fax Confidentiality Notice

IMPORTANT – This facsimile is intended only for the use of the individual or entity to which it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you have received this facsimile in error, you are hereby notified that we do not consent to any reading, dissemination, distribution or copying of this facsimile. If you have received this communication in error, please notify the sender immediately by telephone at (___) _______-_______ and destroy the transmitted information. Violators may be prosecuted.

HIPAA Level One


Reporting suspected violations l.jpg

Reporting Suspected Violations

Patient - Patient Complaint Form

Work Staff –

  • Contact your facility privacy official

  • Call 1-888-55-ISSUE

I’ve been violated!

HIPAA Level One


Penalties for violating l.jpg

PENALTIES FOR VIOLATING

  • Civil

    • Innocently

    • Unintentionally

  • Criminal

    • Knowingly

    • With Intent

      *These penalties apply to the employee or the facility or both

HIPAA Level One


Civil penalties l.jpg

~CIVIL PENALTIES~

  • $100 for each violation

  • Up to $25,000/yr for all violations of an identical regulation

HIPAA Level One


Criminal penalties l.jpg

~CRIMINAL PENALTIES~

Knowingly releasing patient information in violation of HIPAA

$50,000 fine or 1 yr. jail sentence or both

Gaining access to health information under false pretenses

$100,000 or 5 yr. jail sentence or both

Releasing patient information with harmful intent

$250,000 or 10 yr. jail sentence or both

HIPAA Level One


The end l.jpg

The End

HIPAA Level One


  • Login