Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Welcome to UF We’re from the Privacy Officeand we’re here to help you… HIPAA Orientation College of Nursing– Fall 2014 Cheryl Webber, MS, RHIA University of Florida Privacy Manager Jacksonville Campus
Patients must trust their care givers enough to share personal and often sensitive information needed for care. • If trust is broken, the health of the patient suffers first, and the reputation of the institution may follow. Trust
Orientation and Annual Training are different! • You must complete the appropriate online module • Electronically sign the Confidentiality Agreement • Additional training modules for Shands and VA may be required! HIPAA Training
Complete: • General Awareness Training – if you will not be involved in any research OR • HIPAA for Researchers – if you will be involved in human subject research. • NOTE: If you completed the official training between December 1 and today, you’re good to go – until next January. HIPAA Training
Failure to complete the training on time is a Level II HIPAA violation and will result in disciplinary action. • Be sure you are included in your college or department’s email list – • If so, you will also be on the All-HSC email list. Training and Re-training….
Sanctions for HIPAA violations are serious: • Fines • Jail-time • UF Sanctions • Loss of student privileges, computer access • Verbal counseling up to termination • Suspension or expulsion • Reporting to professional licensing or credentialing boards Privacy Sanctions
So, a breach involving PHI for 10 individuals could cost anywhere from $100 to $50,000 per disclosure New Penalties
Unauthorized disclosures: • Be aware of your surroundings when discussing patients • Use extra caution with privileged information • Improper use of portable devices: laptops, PDAs, camera phones, etc. • Recording (and sharing) unauthorized pix and videos • Failure to use encryption • Losing or misplacing equipment • Removal of PHI or health records from UF premises. Common HIPAA Violations
Share PHI only with those who have a professional need to know. • Use strong passwords consistent with UF policies. • Properly destroy PHI. • Do not disable virus protection applications. Practical Tips for Compliance
You are responsible for activity originating from your account. • Do not access your own record or that of a family member’s • Email PHI when necessary-within the UF domain • Encrypt external emails containing PHI-avoid AOL, Yahoo, Gmail. Practical Tips for Compliance
HITECH Act and Florida law requires covered entities to report breaches to the patient when: • Unencrypted PHI is disclosed • An individual’s SSN is inappropriately disclosed Breach Notification
A breach is any unauthorized disclosure: • Stolen laptop/tablet • Accidental disclosure- sharing PHI with someone over the phone or in person you thought was the patient • Emailing/faxing patient information to an unauthorized third party Examples of a Breach
To your supervisor • UF Privacy Hotline: (866) 876-4472 • Online at firstname.lastname@example.org • If you know about a Privacy or Security incident, it is your responsibility to report it! Reporting a Breach
Only access the PHI you need. • Complete HIPAA training • Report a breach Primary Take-Aways
UF Privacy Office • (352) 273-1212 • Privacy@ufl.edu • Cheryl Webber, MS, RHIA • (904) 244-6229 • Cheryl.Webber@jax.ufl.edu Questions?