hipaa training presentation for new employees n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
HIPAA Training Presentation for New Employees PowerPoint Presentation
Download Presentation
HIPAA Training Presentation for New Employees

Loading in 2 Seconds...

play fullscreen
1 / 55

HIPAA Training Presentation for New Employees - PowerPoint PPT Presentation


  • 912 Views
  • Uploaded on

HIPAA Training Presentation for New Employees. HIPAA Police. How did we get here?. Goals of this session To answer the following question:. What is HIPAA?. What is HIPAA?. H ealth I nsurance P ortability and A ccountability A ct (HIPAA) 1996. Portable health insurance. 1992.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

HIPAA Training Presentation for New Employees


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
    Presentation Transcript
    1. HIPAA Training Presentationfor New Employees HIPAA Police How did we get here?

    2. Goals of this sessionTo answer the following question: • What is HIPAA? • What is HIPAA? Health Insurance Portability and Accountability Act (HIPAA) 1996

    3. Portable health insurance 1992 The Origin of HIPAA +

    4. Portability • Enable people to easily change from one health insurance plan to another when changing jobs or becoming unemployed • Accountability • Enable federal government to increase authority for fraud enforcement • Administrative • Includes patient privacy, confidentiality and security of health information A A H I P Health Insurance Portability andAccountability Act 1996 Our Focus:

    5. Accountability Privacy Rule • Portability • Accountability Privacy Rule HIPAA Privacy Rule Our Focus:

    6. HIPAA Privacy Rule Enacted to: • increase the privacy protection of health information identifying individuals who are living or deceased

    7. What does HIPAA require? • Use patient information for Treatment, Payment and routine business Operations (TPO) only • Limit access to patient information to Minimum Necessary to perform job duties • Provide patient right to view own medical record, obtain copies and request amendments

    8. Main Principles of HIPAA Privacy Rule 1) You cannot access or use patients’ identifiable health information without their knowledge and consent. 2) If you learn patients’ private health information, you must keep it confidential.

    9. As a patient Privacy Rule As an employee Implications for you

    10. Goals of this sessionTo answer the following question: • What is HIPAA? • How does it affect me as a patient?

    11. Your rights as a patient • You have the right to view your own medical record, obtain copies and request amendments • You have the right to receive notification as to how healthcare providers use your information • You have to provide authorization for uses other than Treatment, Payment or routine business Operations • You have the right to rescind that authorization

    12. Goals of this sessionTo answer the following questions: • What is HIPAA? • How does it affect me as a patient? • How does it affect me as an employee?

    13. Milton S. Hershey Medical Center and College of Medicine are Covered Entities under HIPAA

    14. Covered Entity a health care provider a health care clearinghouse a health plan

    15. Your obligations as an employee of a covered entity • Respect the confidentiality of patients, co-workers, and Penn State Milton S. Hershey Medical Center/College of Medicine • Keep confidential information confidential

    16. What is meant by“confidential information”? • Patient healthcare and financial records • Employee records and information • Business or system information related to PSMSHMC/COM

    17. Obligations of the employee • All MSHMC/PSCOM employees are expected to follow the terms of the HMC Privacy Notice. http://www.hmc.psu.edu/visitors/privacynotice.pdf

    18. Obligations of the employee • Failure to follow the terms of the Privacy Notice will result in disciplinary action, including termination, expulsion, and possible pursuit of legal action! • Signing and adhering to the conditions of the Confidentiality Statement are conditions of employment • Report violations to Privacy Officer, Jim Bifano, x8059

    19. Special considerations for electronic communications • Follow security policies on Infonet. • Keep your passwords private, hidden. • Do not open email of unknown origin. • Confirm e-mail address prior to sending. • Maintain current anti-virus software. • Report violations or concerns to: • Information Security Officer Matt Weber x5904

    20. How does this affect my work as an employee in Public Health Sciences? I don't treat patients!

    21. PHS Design, conduct, and support research Train future researchers

    22. HIPAA and Research • Privacy Rule not originally enacted to regulate research; Code of Federal Regulations in place • HIPAA does not apply to health information collected by a basic scientist solely for research purposes. • Adoption of a common set of standards for patients and clinical research subjects • Research at CoM treated the same as patient care with regard to privacy and confidentiality • Oversight by the Human Subjects Protection Office

    23. HIPAA Privacy Rule: Definitions What is protected health information (PHI)? Any information created or received by a healthcare provider related to past, present, or future physical or mental health condition of an individual. Examples: history of cardiovascular disease, measles, psychiatric illness,...

    24. HIPAA Privacy Rule Enacted to increase the privacy protection of health information of identifiable individuals who are living or deceased

    25. Protection of Health Information Identifying Individuals Health Information + Identifier Protected Health Information (PHI) Subject to Privacy Rule

    26. What is meant by “identifier”?

    27. Individual Identifiers • Names 2. All geographic subdivisions smaller than a State • street address • city • county • precinct • zip code

    28. Individual Identifiers (continued) 3. All elements of dates (except year): • birth date • admission date • discharge date • date of death All elements of dates for ages over 89

    29. Individual Identifiers (continued) • Telephone number • Fax number • Email address • Social security # • Medical Record Number • Health plan beneficiary #

    30. Individual Identifiers (continued) • Account numbers • Certificate/license #s • Vehicle identifiers and serial #s, including license plates • Device identifiers & serial #s

    31. Individual Identifiers (continued) • Web Universal Resource Locators (URLs) • Internet Protocol (IP) address #s • Finger & voice prints • Full face photos • Any other unique identifying number, characteristic, or code

    32. Breakdowns in Confidentiality • Accessing PHI not directly related to your job • Leaving confidential information unattended • Conversations in public areas • Sending confidential information unsecured • Co-mingling of confidential and general information • Improper disposal of confidential records, both paper and electronic

    33. Implications of Privacy Rule For investigators Does the study involve health information about human subjects? Does the study involve health information about human subjects?

    34. HIPAA algorithm

    35. HIPAA algorithm Does the study involve health information about human subjects? No

    36. HIPAA algorithm Does the study involve health information about human subjects? No No HIPAA issues

    37. HIPAA algorithm Does the study involve health information about human subjects? Yes No No HIPAA issues

    38. HIPAA algorithm Does the study involve health information about human subjects? Yes No Are any of the18 identifiers present? No HIPAA issues

    39. HIPAA algorithm Does the study involve health information about human subjects? Yes No Are any of the18 identifiers present? No HIPAA issues No No HIPAA issues

    40. HIPAA algorithm Does the study involve health information about human subjects? Yes No Are any of the18 identifiers present? No HIPAA issues No Yes No HIPAA issues

    41. HIPAA algorithm Does the study involve health information about human subjects? Yes No Are any of the18 identifiers present? No HIPAA issues No Yes No HIPAA issues HIPAA issues

    42. HIPAA algorithm Does the study involve health information about human subjects? Yes No Are any of the18 identifiers present? No HIPAA issues No Yes No HIPAA issues HIPAA issues

    43. What does this mean to investigators? Health information + Identifier

    44. What does this mean to investigators? Health information + Identifier Does the study involve living human subjects?

    45. What does this mean to investigators? Health information + Identifier Does the study involve living human subjects? Yes HIPAA issues

    46. What does this mean to investigators? Health information + Identifier Does the study involve living human subjects? No Yes Use of non-living human subjects? HIPAA issues HIPAA issues only

    47. What does this mean to investigators? Health information + Identifier Does the study involve living human subjects? ? No Yes Unsure Use of non-living human subjects? IRB and HIPAA issues HIPAA issues only

    48. health data – personal identifiers health data + personal identifiers NOT subject to Privacy Rule Subject to Privacy Rule Is my research subject to the Privacy Rule?

    49. Quick Review We know: • what HIPAA stands for • that the Privacy Rule of HIPAA is of utmost concern to Milton S. Hershey Medical Center/Penn State College of Medicine • what is meant by Confidentiality, Protected Health Information, and Identifiers • the standards you are held to as an employee of Penn State College of Medicine • that research at PSCoM is treated the same as patient care with respect to HIPAA regulations

    50. When can an investigator use PHI? When he/she: • Seeks authorization from study subject to use subject’s PHI • Seeks waiver of authorization from HSPO because it would be impossible to get authorization from subject • Uses a limited data set • Uses data only as preparation for research project