Learning Center
Plans & pricing Sign in
Sign Out



									 Academic Medical Centers and Health Insurance
Portability and Accountability Act of 1996 (HIPAA)

• Ken Klingenstein - Michael Pickett
• Rob Carter - Duke OIT Director of Systems
  Administration, Interim Institutional IT
  Security Officer
• David McKelvey - Duke Medical Center
  Information Systems Information
  Technology Security Organization
• The legislation
• Regulations, consequences, and timeframes
• HHS and I2 Health/Security workshops
• Academic medical centers plans for
  addressing HIPAA
• DUHS responses; awareness, education,
  identification, organization, technology
• Discussion
                     Purpose of HIPAA
• Reduce costs of administrative overhead estimated at $.26 of every
  healthcare dollar
• Improve efficiency and effectiveness of national health system
    • EDI estimated to save providers $9 billion - 10 years
    • Estimated national health care savings $30 billion - 10 years
• Reduce fraud and abuse ($.11 of every healthcare dollar)
• Protect privacy of health information
• Protect patient rights
• Better quality of patient care from improved clinical data access
• Better information availability for decision making
• Security for Internet based technology
      What Does the Law Say
• Hospitals may use personal health
  information to provide care, teach, train,
  conduct research and ensure quality.
• Information may not be used for non-health
  purposes like hiring, firing, determining
  promotions, or underwriting life insurance.
• Any non-approved verbal, written, or
  electronic disclosure is a violation
               Some Background
• Who’s covered by the law/regs: healthcare providers,
  healthcare insurance plans, healthcare clearinghouses,
  those who receive covered information from these entities
• Key regulations defined now:
   –   Standard Transactions and Coding Sets (8/00)
   –   Standard Identifiers (actually 3 regulations)
   –   Security
   –   Privacy(12/00)
• When will other regulations be known?
   – By 01/01 – Security and provider/plan id (estimate)
   – By 12/01 – Standard identifiers for provider (These dates have a
     history of moving)
   – Others - National patient identifier
• Civic fines - $100/incident - up to
• Federal Criminal Penalties
  – $50,000 - 1 year in prison for obtaining or
  – $100,000 - 5 years in prison for
    obtaining/disclosing under false pretenses
  – $250,000 - 10 years in prison for
    commercial/personal gain, malicious harm
    HIPAA and the CAMPUS
• How does HIPAA effect the campus?
• Why should I care?
• Who’s making the money (remember
      Additional Resources
   (downloadble presentations)

To top