HIPAA Privacy Security Education - PowerPoint PPT Presentation

1 / 20
About This Presentation
Title:

HIPAA Privacy Security Education

Description:

PHI Protected Health Information. EPHI Electronic Protected Health Information ... The Privacy regulations make sure PHI is properly handled. ... – PowerPoint PPT presentation

Number of Views:67
Avg rating:3.0/5.0
Slides: 21
Provided by: ginaball
Category:

less

Transcript and Presenter's Notes

Title: HIPAA Privacy Security Education


1
HIPAA Privacy / Security Education
2
HIPAA Definitions
  • HIPAA Health Insurance Portability and
    Accountability Act
  • PHI Protected Health Information
  • EPHI Electronic Protected Health Information

3
HIPAA Privacy / Security
  • The Privacy regulations make sure PHI is properly
    handled.
  • The Security regulations make sure EPHI is
    properly handled.
  • Costly lawsuits in addition to penalties and
    fines if we do not comply.

4
HIPAA Privacy
  • Privacy requirements apply to anyone that has
    access to or works with patients PHI.
  • Keep a log of the patient complaints made,
    including the resolution.

5
HIPAA Privacy
  • We use and disclose PHI to carry out essential
    health care functions
  • Treatment
  • Payment
  • Healthcare Operations

6
HIPAA Privacy
  • Treatment Management of healthcare by one or
    more providers.
  • Payment Obtain payment or reimbursement for
    services.
  • Operations Administrative, financial, legal or
    quality improvement activities necessary to run
    business and support functions of treatment and
    payment.

7
HIPAA Privacy
  • Patient Requested Restrictions
  • Hospital Directory Do Not Announce
  • Can restrict PHI from being shared with others

8
HIPAA Privacy
  • Accounting of Disclosures AOD
  • A patient has a right to receive a Accounting Of
    Disclosures of PHI.

9
HIPAA Privacy
  • AOD Exclusions
  • Treatment, payment or healthcare operations
  • Pursuant to a patients written authorization
  • Persons involved in patients care
  • Business Associates for purpose of treatment,
    payment or healthcare operations
  • Directory
  • Made to the patient

10
HIPAA Privacy
  • Notice of Privacy Practices / Business Associate
    Agreement
  • NPP Notice of Privacy Practices informs
    patients how we may use their PHI.
  • BAA Contractors or other non-workforce members
    hired to do the work of, or for, that involves
    the use or disclosure of PHI.

11
HIPAA Privacy
  • Minimum Necessary
  • We must make reasonable efforts to limit the use
    or disclosure of, and requests for PHI to minimum
    amount necessary for the intended purpose.

12
HIPAA Privacy
  • Overheard, Seen in Passing
  • The regulation permits uses or disclosures
    incidents, provided minimum necessary and
    safeguard standards are met.

13
HIPAA Security
  • Assurance of Confidentiality, Integrity and
    Availability of PHI in any form.

14
HIPAA Security
  • Three Areas
  • Physical Safeguards
  • Technical Safeguards
  • Administrative Safeguards

15
HIPAA Security
  • Physical Safeguards
  • Measures taken to protect our facility and
    computer systems from unauthorized use.
  • Computer placement should be considered prior to
    computer arriving in the area.
  • Employee badges are physical safeguards.

16
HIPAA Security
  • Technical Safeguards
  • Control access, validate the identity and have
    authorization of users and protect information.
  • Computer system access should be available on a
    need to know basis.
  • Audit trails can be used to monitor authorized
    and unauthorized system access.

17
HIPAA Security
  • Administrative Safeguards
  • Formal written policies and procedures to protect
    PHI.
  • Periodic evaluations of all security safeguards
    should be conducted and documented.

18
HIPAA Security
  • HIPAA Notes
  • Do not share or display passwords.
  • Do not e-mail PHI outside of SJHS without putting
    it into a password protected document.
  • Become familiar with policy 30110-170 Use and
    Disclosure of PHI.

19
HIPAA Security
  • HIPAA Notes
  • Do not discuss patients PHI for personal gain.
  • Do not place PHI documents in trash cans.
  • Practice common sense security. Make sure doors
    and desks are locked, as appropriate.

20
HIPAA Security
  • HIPAA Notes
  • Everyone should be assigned a personal user ID
    and should never use someone elses.
  • If you do not have access to certain records as
    part of your job, you should not be accessing
    them.
Write a Comment
User Comments (0)
About PowerShow.com