Hipaa privacy security training
This presentation is the property of its rightful owner.
Sponsored Links
1 / 10

HIPAA PRIVACY & SECURITY TRAINING PowerPoint PPT Presentation


  • 92 Views
  • Uploaded on
  • Presentation posted in: General

HIPAA PRIVACY & SECURITY TRAINING. Professional Nursing Services. Course Objectives. Privacy and Security Training explains:

Download Presentation

HIPAA PRIVACY & SECURITY TRAINING

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Hipaa privacy security training

HIPAA PRIVACY & SECURITY TRAINING

Professional Nursing Services


Course objectives

Course Objectives

  • Privacy and Security Training explains:

    • The requirements of the federal HIPAA/HITEC regulations, state privacy laws and Professional Nursing Services policies and procedures that protect the privacy and security of confidential data.

  • How these affect your job

  • How you can protect confidential and sensitive information

  • Your responsibilities for good computer and communication skills

  • How to report privacy breaches and security incidents.


What is hipaa

What is HIPAA

  • The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that specifies administrative simplification provisions that:

    • Protect the privacy of patient information

    • Provide electronic and physical security of patient health information (PHI)

    • Require “minimum necessary use and disclosure”

    • Specify patient rights to approve the access and use of their medical information


The 2009 hitect act

The 2009 HITECT Act

  • This is an update to HIPAA. As part of the American Recovery and reinvestment Act of 2009, the Health Information Technology of Economic and Clinical Health (HITECH) updated federal privacy and security standards. The updates include:

    • Breach notification requirements

    • Fine and Penalty increases for Privacy Violations

    • Right to request copies of the electronic health care record in electronic format

    • Mandates Business Associates are civilly and criminally liable for privacy and security violations.


Fines penalties

Fines & Penalties

  • Privacy violations may carry penalties under federal, state privacy laws and PNS policies:

    • HIPAA Criminal Penalties : $50,000-$1,500,000 fines, imprisonment up to 10 years

    • HIPAA Civil Penalties: $100-$25,000 /year fines, more fines if multiple year violations

    • State- States Attorney may bring legal action to collect attorney fees and damages for the individual.

  • How to report Privacy Breaches and Security Issues


How the law effects you

How the Law Effects You

  • HIPAA requires that PNS train all of its workforce members about PNS’s HIPAA policies and specific procedures which may affect the work you do. These rules apply to you when you look at, use, or share Protected Health Information.

  • What information must be protected?

    • You must protect an individual’s PHI (Protected Health Information which is collected or created as a consequence of health care operations.

  • What is PHI?

    • Is information related to a patient’s past, present or future physical and or mental health condition.

    • Can be in any form:

      • Written, spoken, or electronic including video, photographs and x-rays

    • Includes at least one of the 18 personal identifiersin Association

      THESE RULES APPLY TO YOU WHEN YOU USE, VIEW, OR SHARE PROTECTED HEALTH INFORMATION


Protected health information identifiers

Protected Health Information Identifiers

  • Name

  • Postal Address

  • Dates (excluding year)

  • Telephone numbers

  • Fax numbers

  • E-mail addresses

  • URL addresses

  • Social Security numbers

  • Account numbers

  • License numbers

  • IP addresses

  • Health plan beneficiary numbers

  • Device identifiers and their serial numbers

  • Vehicle identifiers and serial numbers

  • Biometrics (fingerprints, voice prints)

  • Medical record numbers

  • Full face photos and other comparable images

  • Any unique number, code, or characteristic


Notice of privacy practices for phi

Notice of Privacy Practices for PHI

  • The Notice of Privacy Practices (NOPP) allows PHI to be used and disclosed for purposes of TPO

  • TREATMENT (T) , PAYMENT (P) , OPERATIONS (O)

  • The TPO includes health care professionals directly involved in the teamproviding services to the client. I.e.. Case managers, equipment vendors, nurses, physicians, emergency personnel.

  • For patient care and treatment, HIPAA does not impose restrictions on use and disclosure of PHI by health care providers.

  • EXCEPTIONS:

    • PSYCHOTHERAPY INFORMATION

    • HIV TEST RESULTS

    • SUBSTANCE ABUSE INFORMATION

  • For anything else HIPAA requires users to access the minimum amount of information necessary to perform their duties. i.e. Billing clerk lab test performed but not the results.


Hipaa do s and don ts

HIPAA “DO’s and DON’Ts”

Do’s

  • Communicate to medical personnel directly involved in the care of a client i.e. Case managers, Doctors, Nurses.

  • Utilize caution when speaking in areas where information may be overheard by personnel not directly involved in the care of the client.

  • Regards to computer use- utilize your password when accessing information.

  • Protect client’s privacy disclosing the minimum necessary information when appropriate.

  • Email communications should include a test email to confirm the correct email address is provided.

  • Report all breaches immediately or within 5 days of the breach to PNS security officer/ Ann O’Shea @ 410-683-9770/1-888-329-0887.

Don’ts

  • Do not discuss clients to individuals not directly involved in the treatment payment or operations of the client.

  • Do not discuss client information or any of the PHI information to anyone not involved in the care of the client.

  • Do not discuss any patient information with anyone unless required for your job.


Hipaa privacy security training

Once you have finished reviewing the previous information, please complete the HIPAA Training Acknowledgement form


  • Login