ImageVerifierCode 换一换
格式:PPT , 页数:38 ,大小:145.50KB ,
资源ID:376663      下载积分:2000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-376663.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(Introduction to HIPAA for Health Care Professionals.ppt)为本站会员(bonesoil321)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

Introduction to HIPAA for Health Care Professionals.ppt

1、Introduction to HIPAA for Health Care Professionals,Gerald P. Koocher, Ph.D., ABPP,Introduction,This educational module is intended to help students understand the fundamentals of HIPAA prior to beginning work at clinical sites. Many sites or agencies will expect you to complete an orientation to th

2、eir specific approach to HIPAA policies.,What is HIPAA and Why Should I Care?,The Health Insurance Portability and Accountability Act (HIPAA) is a federal law designed to improve the efficiency and effectiveness of the health care system. Part of HIPAA directly affects your clinical work and the ope

3、rations of any facility where you will train. Understanding the fundamentals of HIPAA will prepare you to step into training sites with a clear understanding of how to comply with requirements for respecting the privacy of protected health information (PHI).,Content,I. The Importance of Protecting P

4、atient Health Information II. General HIPAA and Privacy Rule Overview III. Permitted Uses and Disclosures IV. Patients Rights to Control their Health Information V. Administrative Requirements,The Importance of Protecting Patient Health Information,Employees with access to patient data may use or di

5、sclose it only on a “need to know” basis: Keep this information confidential. Access or use this information only as required to perform your job. Provide the minimum necessary information when responding to information requests. Do not discuss this information with others unless it is administrativ

6、ely or clinically necessary to do so. Do not use any electronic media to copy or transmit information unless you are specifically authorized to do so.,The Importance of Protecting Patient Health Information,Additional examples of actions to protect patient privacy: At nursing stations, keep computer

7、 monitors that display patient information turned away from public view. Log off from patient records before leaving a data terminal. If you must leave for a few moments, do not leave records face up on your desk or work area. Place fax machines used to receive confidential records in locations with

8、 appropriately limited access. Avoid elevator and hallway consultations involving patients.,Consequences of Violations,Inappropriate disclosure of confidential information is subject to discipline, up to and including discharge from employment. For licensed professionals, it is also subject to disci

9、pline by licensing and credentialing bodies There are civil and criminal penalties for violations of patient privacy: Fines up to $25,000 for multiple violations of the same standard in a calendar year Fines up to $250,000 and/or imprisonment up to 10 years for deliberate misuses of individually ide

10、ntifiable health information.,HIPPA rules are not a barrier to good care:,The HIPAA Privacy Rule is not intended to prohibit providers from talking to each other and to their patients. Staff and students are free to communicate as required for quick, effective, and high-quality health care. The Priv

11、acy Rule also recognizes that overheard communications in these settings may be unavoidable and allows for these incidental disclosures.,HIPAA and Privacy Rule Overview: The Health Insurance Portability and Accountability Act (HIPAA) has many parts. Most relevant to students in the health profession

12、s are the “Administrative Simplification” provisions including national standards for electronic health care transactions, codes, identifiers, security, and the privacy of personal health information.,The Privacy Rule applies to protected health information (PHI).,Protected health information (PHI)

13、is “identifiable” health information acquired in the course of serving patients. Any of the following data make health information “identifiable”: Name Social security number Street and email addresses Employer Telephone and fax numbers Member or account numbers (e.g. medical record number, health p

14、lan identification number) Relatives names Date of service, birth or death Fingerprints, photographs, voice recordings Certificate or license numbers Any other linked number, code, characteristic (e.g. device identifiers, serial numbers),HIPAA generally defers to state law concerning the relative ri

15、ghts of parents and minors. In this module, the terms “individual” or “patient” mean: Parents and legal guardians may generally exercise the HIPAA rights of their minor children; Patients 18 or older, or with emancipated or “mature minor“ status, may exercise their own rights under HIPAA. If you are

16、 in doubt about a patients status or have questions about the legal definition of emancipation or “maturity,“ check with the agencys legal counsel. A minor patient may exercise HIPAA rights regarding matters involving diagnosis or treatment relating to certain conditions (e.g., sexually transmitted

17、diseases, drug or alcohol dependency, and pregnancy).,The Privacy Rule: Parents and Minors,Permitted Uses and Disclosures of PHI,An agency may use or disclose PHI for the following purposes: In order to treat a patient. Justifying payment for treating a patient. Certain administrative, financial, le

18、gal, and quality-improvement activities that are necessary to “run the business” (such activities are called “health care operations”).,Additional Permitted Uses and Disclosures of PHI,If the disclosure complies with and is limited to what the law requires, agencies are permitted to disclose PHI: To

19、 public health authorities and health oversight agencies To coroners, medical examiners, and funeral directors For organ procurement To respond to court orders and subpoenas,Permitted Uses and Disclosures of PHI,There are certain disclosures that agencies may make if the patient is given the opportu

20、nity to agree or object: A patients location and condition (in general terms) if the patient is asked for by name or for disaster relief purposes. PHI relevant to care, or to family/close friends who are designated by the patient.,Permitted Uses and Disclosures of PHI,Written permission or authoriza

21、tion from the patient is required to use or disclose PHI for purposes other than treatment, payment, health care operations, or as required by law or for public health reasons.,PHI and Research,Specific procedures may allow PHI to be used or disclosed for research purposes:Records can be de-identifi

22、cation. Written authorization may be obtained from the patient for research use or discloser. The Institutional Review Board (IRB) may grant a waiver of written authorization. Only data needed to prepare work for research purposes only may be disclosed. Special provisions may allow for research usin

23、g a decedents PHI.,General Data Disclosures,An agency may use or disclose demographic information and the dates of treatment for the purpose of raising funds for its own benefit, without an authorization. Example: “Between January and June we treated 47 patients under 18, 20% of whom had family inco

24、mes under $25,000 per year.,General data disclosures,An agency must make reasonable efforts to limit protected health information to the minimum necessary to accomplish the intended purpose of uses, disclosures, or requests.,Incidental Disclosures,An incidental disclosure that occurs as a by-product

25、 of an otherwise permitted use or disclosure is permitted: If it cannot be reasonably prevented. If it is limited in nature. To the extent that reasonable safeguards exist.,Permitted Uses and Disclosures to Carry Out Treatment, Payment, and Health Care Operations,An entity may use or disclose PHI fo

26、r its own “Treatment,” “Payment,” or “Health Care Operations”: “Treatment” generally means the providing, coordinating, or managing health care and related services among health care providers or by a health care provider with a third party; consultation between health care providers regarding a pat

27、ient; or the referral of a patient for health care from one health care provider to another. “Payment” encompasses the various activities of health care providers to obtain payment or be reimbursed for their services and of a health plan to obtain premiums, to fulfill coverage responsibilities, and

28、to provide benefits under the plan. “Health Care Operations” are certain administrative, financial, legal, training, and quality improvement activities of a covered entity that are necessary to run its business and to support the core functions of treatment and payment.,Disclosures of PHI for Treatm

29、ent, Payment, and Health Care Operations of Another Entity,This is appropriate for: Treatment activities of a health care provider. Payment activities of the entity that receives the PHI. Several specific uses included in the health care operations of the entity that receives the PHI, if both the se

30、nding and the receiving entities either have or had a relationship with the individual who is the subject of the PHI and the PHI is related to this relationship. The permitted disclosure may be for the purpose of Health care fraud and abuse detection or compliance, Conducting quality assessment and

31、improvement activities, population-based activities relating to improving health or reducing health care costs, protocol development, case management and care coordination, or contacting of health care providers and patients with information about Treatment alternatives. Reviewing the competence or

32、qualifications of health care professionals, evaluating practitioner or health plan performance; conducting training programs for students or practitioners; or accreditation, licensing, or credentialing activities.,“Public Good” Uses and Disclosures,An agency may use or disclose PHI without the writ

33、ten authorization of the individual in the situations listed below: Uses and disclosures required by law. Uses and disclosures for public health activities (i.e., public health, child abuse and neglect, FDA, communicable diseases, employment workplace medical surveillance). Disclosures about victims

34、 of abuse, neglect, or domestic violence. Uses and disclosures for health oversight activities. Disclosures for judicial and administrative proceedings. Disclosures for law enforcement purposes. Uses and disclosures about decedents (i.e., to coroners and funeral directors). Uses and disclosures for

35、cadaveric organ, eye, or tissue donation purposes Uses and disclosures for research purposes. Uses and disclosures to avert a serious threat to health or safety. Uses and disclosures for specialized government functions (i.e military and veterans activities, national security and intelligence activi

36、ties, protective services for the president and others, medical suitability determinations, or correctional institutions and other law enforcement custodial situations). Disclosures for workers compensation.,“Public Good” Uses and Disclosures,State Law and other Federal Laws that are more protective

37、 of individuals privacy should be followed. Agencies are required to track most disclosures and to provide individuals with a listing of them upon their request.,Authorization Requirements,HIPAA requires the agency to obtain a written authorization to disclose or release any PHI that is not for trea

38、tment, payment, or health care operations, or otherwise permitted by the rules Examples of disclosures requiring written authorization under HIPAA: Schools, camps, airlines, hotels, aid organizations, outside attorneys These authorizations must contain the following elements: A description of the in

39、formation to be used or disclosed. Who is authorized to make the use or disclosure. To whom the disclosure may be made. A description of each purpose of the disclosure. An expiration date or an expiration event. Signature of the individual and date. Required statements: The individuals right to revo

40、ke the authorization and directions how to revoke. The ability or inability to condition treatment or payment. The risk that redisclosure by the recipient may occur.,Additional Written Authorizations,Agencies must typically obtain written authorization to disclose or release patient information in s

41、ituations beyond what HIPAA requires. Examples of practices that typically requires permission or consent to release information: Photographs and videos for treatment and training. Transports. Sharing patient information with outside providers at the patients request or at the request of another pro

42、vider. Second opinions. Making requests for patient information from other providers.,Clinical research is uniquely affected by the regulations.,From a clinical investigator perspective, the new regulations will control access to existing health information (medical/database record reviews) and hand

43、ling of identifiable information created as part of clinical research. There are specific methods that allow PHI to be used or disclosed for research purposes: All data are de-identified (according to the specific standards of the Privacy Rule). A limited data set is collected and released (accordin

44、g to the specific standards of the Privacy Rule). A patient gives a written authorization that his or her data may be used and/or disclosed. The Institutional Review Board (IRB) may grant a waiver of written authorization. Data are collected for preparatory work for research purposes only (according

45、 to the specific standards of the Privacy Rule). Special provisions are in place for research on a decedents PHI.,Incidental Disclosures,An incidental disclosure that occurs as a by-product of an otherwise permitted use or disclosure is permitted: If it cannot be reasonably prevented. If it is limit

46、ed in nature. To the extent that reasonable safeguards exist. Examples: Keep patient information on white boards/locator boards to a minimum. Reduce unnecessary incidental disclosures during check-in processes and in waiting rooms. Take care to limit the amount of information disclosed on an answeri

47、ng machine. Do not discuss patients in public areas. Consider location when posting patient schedules and storing patient charts. Keep voices low when discussing patient issues in joint treatment areas. Position workstations so screen does not face public areas; consider using screen filters.,Notice

48、 of a Persons Rights to Control His or Her PHI,An agency must distribute to each patient at the first treatment encounter, and obtain written acknowledgment of receipt of, a “Right to receive Notice of Privacy Practices”: Describing how the agency may use and disclose PHI. Describing the rights the

49、individual has to control his or her health information.,Notice of a Persons Rights to Control Their PHI,Patients should receive a listing of disclosures required by law, public health, health oversight, child abuse reporting, FDA reporting, communicable disease exposure, wound or injury reporting,

50、response to legal process, law enforcement, coroner or medical examiner, organ procurement, research protocols where the IRB has waived the individuals authorization requirement, or workers compensation.,Notice of a Persons Rights to Control Their PHI,People have a right to request confidential form

51、s of communication. Agencies must accommodate reasonable requests to receive confidential communications. People have a right to request restricted uses and disclosures of PHI: Permitting such restrictions not required. Requests for restrictions should be made in writing to the institutions privacy officer.,

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1