WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer Topics o Compliance o HIPAA o Privacy o Security o Family Educational Rights and Privacy Act - FERPA o Public Records o Obama Administration - 2010 Who is the Compliance Officer? Lynn Hutt Health Insurance Portability and Accountability Act (HIPAA) o Privacy – covers certain health information in any form. Written, spoken, electronic or any other form. o Security – covers information that is stored or transmitted electronically. Internet, computer networks. What is HIPAA? o Law created to improve access to health insurance, protect the privacy of health information and promote standardization of electronic health- care related records to improve and safeguard their use. o Not: Hospitals In Pain, Aguish, and Agony Patient privacy is everyone’s concern. It’s a basic part of patient care. What can happen if you don’t follow the Privacy Rule? o There may be a fine for each violation of the rule. Total fines can go up to $1.5 million per year. o A person can be fined or sent to prison. o “Fifteen fired, eight disciplined for looking at medical records of octuplet mother.” FoxNews.com March 2009 o “CVS Pays $2.25 Million to Settle HIPAA Privacy Case” HHS.gov Feb 2009 o “Staff nurse faces jail time for copying medical record with intent to do malicious harm. Possible 10 years in prison, fine of $250,000. The nursing board is seeking to revoke her license.” Renal and Urology News Oct. 2008 A Closer look at PHI o Pay attention to information that gives details about who a person is: o Name o Social Security Number, Account Number, MRN o All or part of an address o Phone or fax number o Drivers License number, license plate o Date of Birth o Admission or discharge date o Tattoo's When combined with health information these could be considered PHI. Health Information is protected if it could be used to identify somebody. Examples of PHI: o Medical record o Information sent from o Prescription label one place to another- computer, fax, phone o An x-ray or mail. o Doctor’s notes about a o Computer monitors patient that can be seen by o A letter giving patient the public test results o Information that you o Facesheet say ALOUD. o Waste material that o Facebook, pictures of contains personal patients. information- patient label To name a few!!! HIPAA Rule: Minimum Necessary o Only access PHI you need to do your job. o Any time you share PHI with others provide only the information the other person or organization needs. General rules for disclosing and using PHI o You may disclose or use PHI for health-care purposes. Treat a patient Get payment for health-care services Continuity of Care Quality Assessment Fraud and Compliance programs Competency activities –accreditation Federal/State Agencies Suspected abuse or neglect Organ donation Permitted disclosures o T-Treatment o P-Payment o O-Health care operations In all instances, strict regulations apply. Incidental disclosures of PHI o When PHI is seen or heard by someone who does not need to know. o Even though UTMC has taken appropriate steps to limit the information shared or keep the information private. Example-nurses stations or two patients in the same room Getting authorization to disclose information o Authorization to disclose PHI must be obtained when o Provided to insurer or other business for marketing o Information is communicated to an employer (pre-employment physical) Some Do’s and Don’ts when talking about patients DO’s DON’Ts o Speak quietly when o Share PHI with people possible who don’t need to o Avoid using patient know it to do their job names in hallways and o Share PHI you are not public areas authorized to disclose o Share information o Let privacy issues needed to treat the keep you from patient treating the patient o Use a private space to properly discuss patient information Safeguard guidelines o Shut and lock doors when leaving o PHI should be not visible or audible o Computer monitors should be turned away from the direction of public view o Copy only the minimum necessary o Securely dispose of all PHI o Home offices subject as well o Record storage areas must be secure Safeguard guidelines cont. o Printers and Fax Machines must be secure o Unauthorized personnel may not be left alone without supervision o Policies apply to any Portable Device or LAPTOP o Visitors must be accompanied o EVERYONE is responsible for PHI o DO NOT SHARE YOUR LOG-IN OR PASSWORDS! Protect printed PHI o Where is printed PHI? o Patient chart o Wrist tag o Prescription bottle o Lab report o X-ray o Log sheets/patient lists o Patient mailing list o Faxes o ALWAYS use a shred bin for printed PHI! Patient rights o They have them o They know them o Respect them Your responsibility o Know policies and practice appropriate procedures within your unit o If unsure, ASK FERPA o The Family Educational Rights and Privacy Act of 1974 o Protects students educational/treatm ent records. Public records o The University of Toledo’s operational functions are considered public records. o Emails o Reports o Contracts President Obama legislative changes to HIPAA o Health Care Reform o American Recovery & Reinvestment Act of 2009 (ARRA) o New requirements will include: o Notification of HIPAA breaches o Application of HIPAA to BA’s o Restrictions requested by patients o Electronic Health Records o Increased penalties and enforcement o HITECH Act How do I report…. o Report concerns in these steps: o First to your professor o Advisor or Dean of College o Student Academic Affairs o Compliance/Privacy Officer, x 6933 What are my rights…. o Non-retaliation policy o Qui tam provisions (“whistleblower” ) Quiz questions o Who’s the Compliance/Privacy Officer? o Name 3 safeguards for PHI? o What does HIPAA stand for? o Name 3 examples of PHI. o Can you be held personally responsible for a HIPAA violation? o What is minimum necessary? o If you are unsure, what should you do? o PHI used for TPO are permitted disclosures, what does TPO stand for? COMPLIANCE It’s YOUR Responsibility. Questions?
Pages to are hidden for
"HIPAA Presentation Student 091"Please download to view full document