By the end of this course you will demonstrate:

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "By the end of this course you will demonstrate:"

Transcription

1 1

2 By the end of this course you will demonstrate: 1. that HIPAA privacy rules protect privacy and security of confidential information. 2. your responsibility for use and protection of protected health information (PHI), including the electronic health record. 3. an awareness of fines and penalties for privacy violations. 4. that you must not put a client* name or any PHI in an subject line. 5. that you must not post PHI to social media. 6. how to report an actual or suspected Privacy Breach * The term client includes patients & long-term care residents 2

3 Recent Privacy Violations: Backpacks & laptops with PHI stolen from locked cars Briefcase/ packets with PHI stolen while out in public Client information and memorials posted on internet blogs PHI sent insecurely on electronic devices such as unencrypted cell phones, PDA s, flash drives, or personal s Misdirected s, faxes, and mail s, faxes, and mail sent without the required DPH coversheet Lost charts Unauthorized access to electronic client records Result: Expensive Fines to DPH 3

4 HIPAA is the Health Insurance Portability and Accountability Act HIPAA Federal privacy law: protects client privacy and only allows sharing of protected information for the purposes of: Treatment Payment Operational purposes (such as quality management and risk management) requires that information sharing must be kept to the minimum amount of information necessary to do our jobs this is known as the minimum necessary rule identifies fines and other consequences for violations California has additional laws: We are held to the most strict standard 4

5 These laws apply to institutions and individuals Unauthorized access includes the inappropriate viewing of client medical information without the direct need for diagnosis, treatment, or other lawful use OR the loss of client medical information whether in paper or electronic format Licensed facilities are required to report known or suspected Privacy Breaches within 5 days to the California Department of Public Health (CDPH) Licensed facilities must also notify the affected client(s) within 5 days after breach detection 5

6 YOU are responsible to follow SFDPH policies and procedures to protect the privacy and security of information Random audits of inappropriate access are regularly conducted Contractors and Business Associates of DPH must comply with all Privacy laws, and there is direct liability for noncompliance YOU MUST Report known or suspected Privacy Breaches to your Privacy Office immediately. 6

7 Privacy violations may carry penalties under Federal HIPAA, State Privacy Laws, and DPH Policies: HIPAA: Criminal Penalties: $50,000 - $1,500,000 fines and imprisonment up to 10 years HIPAA: Civil Penalties: $100 - $25,000/ year fines and more fines if multiple year violations 2009/2013 federal HITECH (Health Information Technology for Economic and Clinical Health) laws added even stricter penalties State Laws: Fines and penalties apply to individuals and institutions up to $250,000 Violations may jeopardize an individual s professional license Various DPH disciplinary actions up to termination 7

8 PHI is information that can be individually identified as belonging to a particular person either living or dead: Personal Identifiers (name, medical record number, etc.) Health status Care received Payment of services Demographics (age, gender, zip code, etc.) Protections apply to all types of communication: Verbal Paper documents Electronic data An individual s privacy rights continue after the person s death 8

9 Client Rights: Notice of HIPAA Privacy Practices Every client is provided with the DPH Notice of HIPAA Privacy Practices upon admission What the HIPAA Notice does: Informs the client that DPH may use and disclose PHI without the client's authorization ONLY for treatment, payment and health care operations Advises the client of their right to ask to see, read and obtain a copy of information used to make decisions about their care Provides information about how to file a complaint if they feel their privacy rights have not been maintained Gives the client the opportunity to sign the Notice Clients of Mental Health services must be given the Notice Annually 9

10 Client Rights: Access to the Health Record The Health Record is the property of the facility Clients can request a copy of their Health Record through Medical Records DO NOT give out any part of the health record on your own Even if you are subpoenaed, ONLY the Medical Records staff can release the requested records 10

11 We can share the minimum necessary information with those that have a need to know for purposes of Treatment, Payment, or Operations including: Diagnosis and treatment Referrals Coordination of health care with any health provider in any discipline who has medical or psychological responsibility for the client Follow the DPH Privacy Matrix when deciding to share PHI 11

12 DPH Privacy Policy Matrix *including knowledge of Mental Health, Substance use/ Abuse, HIV/AIDS, STD Description of PHI Who may disclose it? Who may receive it? General Health* Mental Health* Drug/Alcohol Treatment Program* HIV/AIDS CCSF Health Service Provider Network* General Health Provider Mental Health Provider Drug/Alcohol Treatment Program Provider HIV/AIDS CCSF Health Service Provider Patient s providers and providers staff for the purpose of treatment, diagnosis, or referral Any healthcare provider (any discipline) "who has medical or psychological responsibility for the patient" Only another member of the client's treatment team WITHIN the specific drug/alcohol treatment program Exception: a medical emergency Only another HIV Health Service provider who registers client in ARIES database. All other circumstances require signed authorization 12

13 A signed Authorization for Release and Disclosure of PHI is required before sharing: For any purpose other than Treatment, Payment or Operations Before a Substance Abuse Treatment program may share PHI outside their own program Before City and County of S.F. HIV Health Services providers may share PHI with providers outside of the ARIES system (used by HIV Health Service providers) 13

14 Disclosures to family, relatives, friends No information may be disclosed to a family member, relative, or close personal friend regarding treatment or health status Get written authorization from the client prior to sharing any information about mental health, substance abuse, sexually transmitted disease, HIV/AIDS, or developmental disabilities. 14

15 If the client is a minor: Authorizations to release PHI must come from the parent/legal guardian If the services fall under the DPH Minor Consent Policy, the Minor may authorize disclosures Authorizations are NOT required for minors who are dependents or wards of the court when information used is for purposes of coordinating care with county social workers probation officers another person legally authorized to have care and custody of a dependent or ward of the court 15

16 Special Case for Public Health Activities In conducting certain limited Public Health Activities, authorized DPH staff may access PHI without individual authorization, including for the purposes of: reporting of disease, injury, and vital events (e.g., birth or death); conducting public health surveillance, investigations, and interventions (e.g., outbreaks, partner elicitation and notifications); and; providing the SF Medical Examiner information needed to carry out duties authorized by law. Contact the Privacy Office if you have questions 16

17 All DPH staff must refer media requests to the Public Information Officer DPH programs should not release or publish identifiable photos, videos or any other information about clients with diagnoses or services for mental health, substance abuse, or HIV / AIDS, even if the client authorizes or requests you to do so This policy applies to media in any publication, brochure, and training materials PHI may NOT be used for marketing or fundraising 17

18 Do Not access records of employees even if they ask you or give you permission unless authorized to do so as part of your job If authorized to access employee PHI as part of your job, the minimum necessary and confidentiality rules still apply Employees are prohibited from accessing their own records and records of family members 18

19 Data Security Policies Guiding Principle: You are responsible for protecting data, information, workstations, portable electronic devices used in your job from: LOSS DAMAGE MISUSE 19

20 All staff are required to follow DPH Data Security Policies Log off anytime you leave your computer unattended Do not allow others to use a computer under your log on Place your monitor so it cannot be read by unauthorized persons Be present at the fax and printer when documents print out Discard documents with PHI only in the confidential bin / shredder Never recycle documents with PHI or re-use to save paper 20

21 Use complex passwords and change passwords regularly when using DPH computer systems Do not share passwords, even with IT or your supervisor Do not store passwords where anyone else might discover them If you feel you must write down your password to remember it: Keep it under lock and key Do not label it password Write only a hint that will remind you of the password 21

22 Never put personal identifiers of a living or dead client in the subject line of an Always confirm the recipient s address before sending PHI only the minimum necessary and only between DPH or UCSF providers with a need to know (i.e. s ending in sfdph.org or ucsf.edu) Never send PHI to personal or home s such as gmail Always put the official confidentiality statement as a permanent signature statement for all of your s s to clients are limited to appointment reminders- put the client address in the BCC: line to avoid inadvertent disclosure For SFGH and LHH Only: Type the word Secure: in the subject line for any containing PHI 22

23 If you receive an that does not follow DPH policies: Call or the sender to respectfully let them know Never choose reply to all Never forward to others unless it is to refer to the Privacy Office for follow up in this case, make sure you remove any PHI from the subject line 23

24 Electronic Devices present new challenges to privacy & confidentiality DPH prohibits the storing or use of client data on privately owned portable devices, such as cell phones, flash drives, memory sticks, and lap tops All portable devices issued by DPH or UCSF must be encrypted or have a security token When traveling, keep portable devices with you at all times and guard against theft or loss Loss of a device with PHI that is not encrypted is a reportable privacy breach, even if the loss occurs in another city or state Have I.T. staff render PHI on devices unreadable before discarding or recycling the device 24

25 When you participate in personal blogs/ social media remember: Never share any client information or share details of a client situation that you have experienced from your work Never post pictures of clients Posting of client information or sharing details of a client situation can result in a privacy violation which may subject you to disciplinary action, individual fines and penalties and professional sanctions which could impact your professional license Social media includes Twitter, Facebook, blogs, etc. 25

26 Research Data HIPAA regulates how PHI may be obtained and used for research. This is true whether the PHI is completely identifiable or partially de-identified in a limited data set A researcher or health care provider cannot use PHI in research without the appropriate HIPAA documentation, including authorization or an IRB-approved waiver Research that proposes to use SFDPH sites or recruit clients from SFDPH programs must be approved in advance by the appropriate SFDPH Administrator and by an IRB Researchers must abide by the SFDPH Conduct of Research Policy IPAAPrivacyConductResearchPol pdf 26

27 Any actual or suspected breach must be reported to your Privacy Office immediately You may also report anonymously to the DPH Privacy Hotline at DPH has a non-retaliation policy for employees that register complaints 27

28 NAME REPRESENTING PHONE Alice Gleghorn Lorraine Killpack Community Programs/ Population Health Division Jill LeCount Laguna Honda Hospital Maggie Rykowski San Francisco General Hospital Campus Joe Goldenson Jail Medical Services

29 DPH Privacy and Data Security Policies: Link to official DPH cover sheet for ALL faxes and mail: Sht4FaxInterofficeyMailAdopted pdf SFDPH confidentiality statement to copy and paste to permanent signature line: This message and any attachments are solely for the intended recipient and may contain confidential information. If you are not the intended recipient, any disclosure, copying, use or distribution of this message and any attachments is prohibited. If you have received this communication in error, please notify sender by reply and immediately and permanently delete this message and any attachments. 29

30 Before completing and receiving credit for the Annual Privacy and Security training, you MUST: 1. Read and sign the User Confidentiality, Security, and Electronic Signature Agreement (This form can be downloaded from the DPH website) ConfidSecElecSigAgrmnt pdf 2. Take and pass the Annual Privacy Quiz 3. Give your Privacy Certificate to your supervisor 30

31 SFDPH values patient privacy as an important part of our mission to provide quality healthcare and trauma services with compassion and respect. Thank you for helping us protect the privacy and security of our patients and staff. 31

2014 Core Training 1

2014 Core Training 1 2014 Core Training 1 Course Agenda Review of Key Privacy Laws/Regulations: Federal HIPAA/HITECH regulations State privacy laws Privacy & Security Policies & Procedures Huntsville Hospital Health System

More information

PHI- Protected Health Information

PHI- Protected Health Information HIPAA Policy 2014 The Health Insurance Portability and Accountability Act is a federal law that protects the privacy and security of patients health information and grants certain rights to patients. Clarkson

More information

HIPAA and Privacy Policy Training

HIPAA and Privacy Policy Training HIPAA and Privacy Policy Training July 2015 1 This training addresses the requirements for maintaining the privacy of confidential information received from HFS and DHS (the Agencies). During this training

More information

Grand Rapids Medical Education Partners Mercy Health Saint Mary s Spectrum Health. Pam Jager, GRMEP Director of Education & Development

Grand Rapids Medical Education Partners Mercy Health Saint Mary s Spectrum Health. Pam Jager, GRMEP Director of Education & Development Grand Rapids Medical Education Partners Mercy Health Saint Mary s Spectrum Health Pam Jager, GRMEP Director of Education & Development To understand the requirements of the federal Health Information Portability

More information

Department of Health and Human Services Policy ADMN 004, Attachment A

Department of Health and Human Services Policy ADMN 004, Attachment A WASHINGTON COUNTY Department of Health and Human Services Policy ADMN 004, Attachment A HHS Confidentiality Agreement Including HIPAA (Health Information Portability and Accessibility Act of 1996) OREGON

More information

Information Security Handbook for Employees

Information Security Handbook for Employees Information Security Handbook for Employees Providing our patients with excellence in healthcare includes protecting their information This handbook was prepared by Tom Walsh Consulting, LLC for the Kansas

More information

HIPAA 101: Privacy and Security Basics

HIPAA 101: Privacy and Security Basics HIPAA 101: Privacy and Security Basics Purpose This document provides important information about Kaiser Permanente policies and state and federal laws for protecting the privacy and security of individually

More information

HIPAA Privacy & Security Training for Clinicians

HIPAA Privacy & Security Training for Clinicians HIPAA Privacy & Security Training for Clinicians Agenda This training will cover the following information: Overview of Privacy Rule and Security Rules Using and disclosing Protected Health Information

More information

HIPAA Privacy and Security. Rochelle Steimel, HIPAA Privacy Official Judy Smith, Staff Development January 2012

HIPAA Privacy and Security. Rochelle Steimel, HIPAA Privacy Official Judy Smith, Staff Development January 2012 HIPAA Privacy and Security Rochelle Steimel, HIPAA Privacy Official Judy Smith, Staff Development January 2012 Goals and Objectives Course Goal: To introduce the staff of Munson Healthcare to the concepts

More information

Privacy and Security of Health Information Information in New York State

Privacy and Security of Health Information Information in New York State Privacy and Security of Health Information Information in New York State 2015 Privacy and Security of Health Information in New York State Welcome Hello, my name is Roger, and I'm here to talk with you

More information

HIPAA Compliance. 2013 Annual Mandatory Education

HIPAA Compliance. 2013 Annual Mandatory Education HIPAA Compliance 2013 Annual Mandatory Education What is HIPAA? Health Insurance Portability and Accountability Act Federal Law enacted in 1996 that mandates adoption of Privacy protections for health

More information

HIPAA Education Level One For Volunteers & Observers

HIPAA Education Level One For Volunteers & Observers UK HealthCare HIPAA Education Page 1 September 1, 2009 HIPAA Education Level One For Volunteers & Observers ~ What does HIPAA stand for? H Health I Insurance P Portability A And Accountability A - Act

More information

APPLETREE PEDIATRICS, PA NOTICE OF PRIVACY PRACTICES

APPLETREE PEDIATRICS, PA NOTICE OF PRIVACY PRACTICES APPLETREE PEDIATRICS, PA NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

More information

HIPAA Orientation. Health Insurance Portability and Accountability Act

HIPAA Orientation. Health Insurance Portability and Accountability Act HIPAA Orientation Health Insurance Portability and Accountability Act HIPAA Federal legislation enacted in 1996 to improve the efficiency and effectiveness of electronic information transfers used in the

More information

HIPAA PRIVACY AND SECURITY TRAINING P I E D M O N T COMMUNITY H EA LT H P L A N

HIPAA PRIVACY AND SECURITY TRAINING P I E D M O N T COMMUNITY H EA LT H P L A N HIPAA PRIVACY AND SECURITY TRAINING P I E D M O N T COMMUNITY H EA LT H P L A N 1 COURSE OVERVIEW This course is broken down into 4 modules: Module 1: HIPAA Omnibus Rule - What you need to know to remain

More information

Sarasota Personal Medicine 1250 S. Tamiami Trail, Suite 202 Sarasota, FL 34239 Phone 941.954.9990 Fax 941.954.9995

Sarasota Personal Medicine 1250 S. Tamiami Trail, Suite 202 Sarasota, FL 34239 Phone 941.954.9990 Fax 941.954.9995 Sarasota Personal Medicine 1250 S. Tamiami Trail, Suite 202 Sarasota, FL 34239 Phone 941.954.9990 Fax 941.954.9995 NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY

More information

HIPAA Self-Study Module Patient Privacy at Unity Health Care, Inc hipaa@unityhealthcare.org 202-667-0016 - HIPAA Hotline

HIPAA Self-Study Module Patient Privacy at Unity Health Care, Inc hipaa@unityhealthcare.org 202-667-0016 - HIPAA Hotline HIPAA Self-Study Module Patient Privacy at Unity Health Care, Inc hipaa@unityhealthcare.org 202-667-0016 - HIPAA Hotline Self-Study Module Requirements Read all program slides and complete test. Complete

More information

SOUTHLAKE DERMATOLOGY 1170 N. Carroll Ave. Southlake, TX 76092 www.southlakedermatology.com Main 817-251-6500 Fax 817-442-0550

SOUTHLAKE DERMATOLOGY 1170 N. Carroll Ave. Southlake, TX 76092 www.southlakedermatology.com Main 817-251-6500 Fax 817-442-0550 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY. EFFECTIVE September 15, 2014 This Notice of

More information

HIPAA Training for Staff and Volunteers

HIPAA Training for Staff and Volunteers HIPAA Training for Staff and Volunteers Objectives Explain the purpose of the HIPAA privacy, security and breach notification regulations Name three patient privacy rights Discuss what you can do to help

More information

Pacific Medical Centers HIPAA Training for Residents, Fellows and Others

Pacific Medical Centers HIPAA Training for Residents, Fellows and Others Pacific Medical Centers HIPAA Training for Residents, Fellows and Others Summary of Critical Pacific Medical Centers (PMC) HIPAA Policies and Procedures For additional information or questions, please

More information

HIPAA TRAINING. A training course for Shiawassee County Community Mental Health Authority Employees

HIPAA TRAINING. A training course for Shiawassee County Community Mental Health Authority Employees HIPAA TRAINING A training course for Shiawassee County Community Mental Health Authority Employees WHAT IS HIPAA? HIPAA is an acronym that stands for Health Insurance Portability and Accountability Act.

More information

Reporting of HIPAA Privacy/Security Breaches. The Breach Notification Rule

Reporting of HIPAA Privacy/Security Breaches. The Breach Notification Rule Reporting of HIPAA Privacy/Security Breaches The Breach Notification Rule Objectives What is the HITECH Act? An overview-what is Protected Health Information (PHI) and can I protect patient s PHI? What

More information

HIPAA POLICY PROCEDURE GUIDE

HIPAA POLICY PROCEDURE GUIDE HIPAA POLICY & PROCEDURE GUIDE HEALTH INFORMATION MANAGEMENT DEPARTMENT Office of Compliance & Audit Services - 1 - Table of Contents I. Patient Requests for Medical Records: Page 3 II. Other Requests

More information

HIPAA And Public Health. March 2006 Delaware s Division of Public Health 1

HIPAA And Public Health. March 2006 Delaware s Division of Public Health 1 HIPAA And Public Health March 2006 Delaware s Division of Public Health 1 HIPAA The purpose for HIPAA (Health Insurance Portability & Accountability Act) is to protect the confidentiality, integrity, and

More information

PRIVACY AND SECURITY SURVIVAL TRAINING

PRIVACY AND SECURITY SURVIVAL TRAINING PRIVACY AND SECURITY SURVIVAL TRAINING 1.Typeorcutandpastethislinkintothe addressbar: http://hrwebdev.dhs.lacounty.gov/attestation/ 2.Clickthe downarrow 3.Select 2013Privacyand SecuritySurvivalHandbook

More information

Annual Compliance Training. HITECH/HIPAA Refresher

Annual Compliance Training. HITECH/HIPAA Refresher Annual Compliance Training HITECH/HIPAA Refresher January 2015 Sisters of Charity of Leavenworth Health System, Inc. All rights reserved. 1 Annual Refresher Training Welcome to the SCL Health System Compliance

More information

Keweenaw Holistic Family Medicine Patient Registration Form

Keweenaw Holistic Family Medicine Patient Registration Form Keweenaw Holistic Family Medicine Patient Registration Form How did you first learn of our Clinic? Circle one: Attended Lecture Internet KHFM website Newspaper Sign in window Yellow Pages Physician Friend

More information

Health Insurance Portability and Accountability Act (HIPAA)

Health Insurance Portability and Accountability Act (HIPAA) Health Insurance Portability and Accountability Act (HIPAA) General Education Presented by: Bureau of Personnel Department of Health Department of Human Services Department of Social Services Bureau of

More information

HIPAA. Developed by The University of Texas at Dallas Callier Center for Communication Disorders

HIPAA. Developed by The University of Texas at Dallas Callier Center for Communication Disorders HIPAA Developed by The University of Texas at Dallas Callier Center for Communication Disorders Purpose of this training Everyone with access to Protected Health Information (PHI) must comply with HIPAA

More information

HIPAA Training for Hospice Staff and Volunteers

HIPAA Training for Hospice Staff and Volunteers HIPAA Training for Hospice Staff and Volunteers Hospice Education Network Objectives Explain the purpose of the HIPAA privacy and security regulations Name three patient privacy rights Discuss what you

More information

Health Insurance Portability and Accountability Act HIPAA Privacy Standards

Health Insurance Portability and Accountability Act HIPAA Privacy Standards Health Insurance Portability and Accountability Act HIPAA Privacy Standards Healthcare Provider Training Module Copyright 2003 University of California Click the arrow to start the YouTube video in a separate

More information

HIPAA Privacy. September 21, 2013

HIPAA Privacy. September 21, 2013 HIPAA Privacy September 21, 2013 HIPAA Privacy Workforce Training The Health Insurance Portability & Accountability Act (HIPAA) requires that the University train all workforce members (faculty, staff,

More information

INDIANA UNIVERSITY SCHOOL OF OPTOMETRY HIPAA COMPLIANCE PLAN TABLE OF CONTENTS. I. Introduction 2. II. Definitions 3

INDIANA UNIVERSITY SCHOOL OF OPTOMETRY HIPAA COMPLIANCE PLAN TABLE OF CONTENTS. I. Introduction 2. II. Definitions 3 INDIANA UNIVERSITY SCHOOL OF OPTOMETRY HIPAA COMPLIANCE PLAN TABLE OF CONTENTS I. Introduction 2 II. Definitions 3 III. Program Oversight and Responsibilities 4 A. Structure B. Compliance Committee C.

More information

HIPAA 101 Privacy and Security Training

HIPAA 101 Privacy and Security Training HIPAA 101 Privacy and Security Training Privacy and Security Training Privacy and Security for New UCSF Workforce Faculty Post Docs Residents / Fellows Staff Students Trainees Volunteers Contractors /

More information

A Privacy and Information Security Guide for UCLA Workforce. HIPAA and California Privacy Laws

A Privacy and Information Security Guide for UCLA Workforce. HIPAA and California Privacy Laws A Privacy and Information Security Guide for UCLA Workforce HIPAA and California Privacy Laws A Privacy and Information Security Guide for UCLA Workforce HIPAA and California Privacy Laws Table of Contents

More information

HFS DATA SECURITY TRAINING WITH TECHNOLOGY COMES RESPONSIBILITY

HFS DATA SECURITY TRAINING WITH TECHNOLOGY COMES RESPONSIBILITY HFS DATA SECURITY TRAINING WITH TECHNOLOGY COMES RESPONSIBILITY Illinois Department of Healthcare and Family Services Training Outline: Training Goals What is the HIPAA Security Rule? What is the HFS Identity

More information

Patient Privacy and HIPAA/HITECH

Patient Privacy and HIPAA/HITECH Patient Privacy and HIPAA/HITECH What is HIPAA? Health Insurance Portability and Accountability Act of 1996 Implemented in 2003 Title II Administrative Simplification It s a federal law HIPAA is mandatory,

More information

HIPAA Privacy Keys to Success Updated January 2010

HIPAA Privacy Keys to Success Updated January 2010 HIPAA Privacy Keys to Success Updated January 2010 HIPAA Job Specific Education 1 HIPAA and Its Purpose What is HIPAA? Health Insurance Portability and Accountability Act of 1996 Title II Administrative

More information

NOTICE OF HEALTH INFORMATION PRIVACY PRACTICES (HIPAA)

NOTICE OF HEALTH INFORMATION PRIVACY PRACTICES (HIPAA) NOTICE OF HEALTH INFORMATION PRIVACY PRACTICES (HIPAA) THIS NOTICE OF PRIVACY PRACTICES DESCRIBES HOW HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.

More information

HIPAA Privacy Policy & Notice of Privacy Practices

HIPAA Privacy Policy & Notice of Privacy Practices HIPAA Privacy Policy & Notice of Privacy Practices 1. PURPOSE 1 The purpose of this policy is to comply with patient personal health information security rights and privacy regulations as outlined in the

More information

HIPAA Privacy Policies

HIPAA Privacy Policies HIPAA Privacy Policies Healthcare Insurance Portability and Accountability Act of 1996 (HIPAA) The HIPAA Privacy Rule created a national standard to protect patient s medical records and other personal

More information

Clinical Solutions. 2 Hour CEU

Clinical Solutions. 2 Hour CEU 1 2 Hour CEU 2 Course Objectives The purpose of this program is to provide nurses with information about the Health Insurance Portability and Accountability Act (HIPAA), especially as it relates to protected

More information

Jeff M. Bauman, Psy.D. P.A. and Associates FLORIDA-HIPAA PRIVACY NOTICE FORM

Jeff M. Bauman, Psy.D. P.A. and Associates FLORIDA-HIPAA PRIVACY NOTICE FORM Jeff M. Bauman, Psy.D. P.A. and Associates FLORIDA-HIPAA PRIVACY NOTICE FORM Notice of Psychologists Policies and Practices to Protect the Privacy of Your Health Information THIS NOTICE DESCRIBES HOW PSYCHOLOGICAL

More information

Health Information Privacy Refresher Training. March 2013

Health Information Privacy Refresher Training. March 2013 Health Information Privacy Refresher Training March 2013 1 Disclosure There are no significant or relevant financial relationships to disclose. 2 Topics for Today State health information privacy law Federal

More information

8.03 Health Insurance Portability and Accountability Act (HIPAA)

8.03 Health Insurance Portability and Accountability Act (HIPAA) Human Resource/Miscellaneous Page 1 of 5 8.03 Health Insurance Portability and Accountability Act (HIPAA) Policy: It is the policy of Licking/Knox Goodwill Industries, Inc., to maintain the privacy of

More information

HIPAA and Health Information Privacy and Security

HIPAA and Health Information Privacy and Security HIPAA and Health Information Privacy and Security Revised 7/2014 What Is HIPAA? H Health I Insurance P Portability & A Accountability A - Act HIPAA Privacy and Security Rules were passed to protect patient

More information

HIPAA In The Workplace. What Every Employee Should Know and Remember

HIPAA In The Workplace. What Every Employee Should Know and Remember HIPAA In The Workplace What Every Employee Should Know and Remember What is HIPAA? The Health Insurance Portability and Accountability Act of 1996 Portable Accountable Rules for Privacy Rules for Security

More information

HIPAA PRIVACY AND SECURITY AWARENESS

HIPAA PRIVACY AND SECURITY AWARENESS HIPAA PRIVACY AND SECURITY AWARENESS Introduction The Health Insurance Portability and Accountability Act (known as HIPAA) was enacted by Congress in 1996. HIPAA serves three main purposes: To protect

More information

PROTECTING PATIENT PRIVACY and INFORMATION SECURITY

PROTECTING PATIENT PRIVACY and INFORMATION SECURITY PROTECTING PATIENT PRIVACY and INFORMATION SECURITY 2 PROTECTING PATIENT PRIVACY AND INFORMATION SECURITY PROTECTING PATIENT PRIVACY AND INFORMATION SECURITY 3 INTRODUCTION As an agency employee, student,

More information

Clinician s Guide to HIPAA Privacy. I. Introduction What is HIPAA? Health Information Privacy Protected Health Information

Clinician s Guide to HIPAA Privacy. I. Introduction What is HIPAA? Health Information Privacy Protected Health Information Clinician s Guide to HIPAA Privacy I. Introduction What is HIPAA? Health Information Privacy Protected Health Information II. HIPAA s Impact On Clinical Practice, Treatment, Referrals And Payment How is

More information

Privacy & Information Security Training. For Health Science Workforce Members

Privacy & Information Security Training. For Health Science Workforce Members Privacy & Information Security Training For Health Science Workforce Members Privacy Program, 4/6/2015 Objectives Understand what information must be protected under state and federal privacy laws Understand

More information

HIPAA Security Manual Administrative Security/Omnibus Rule

HIPAA Security Manual Administrative Security/Omnibus Rule Notice of Privacy Policies Form ***This notice describes how medical information about you may be used and disclosed and how you can get access to this information. PLEASE READ IT CAREFULLY!*** The tells

More information

The Security Rule of The Health Insurance Portability and Accountability Act (HIPAA) Security Training

The Security Rule of The Health Insurance Portability and Accountability Act (HIPAA) Security Training The Security Rule of The Health Insurance Portability and Accountability Act (HIPAA) Security Training Introduction The HIPAA Security Rule specifically requires training of all members of the workforce.

More information

DALLAS ALLERGY & ASTHMA CENTER

DALLAS ALLERGY & ASTHMA CENTER DALLAS ALLERGY & ASTHMA CENTER Gary N. Gross, MD Michael E. Ruff, MD 5499 Glen Lakes Dr., Suite 100 Dallas, TX 75231 Dania A. Wierzbicki, MD Phone: (214) 691-1330 Jane Zepeda, PA-C FAX: (214) 691-6405

More information

DEPARTMENTAL POLICY. Northwestern Memorial Hospital

DEPARTMENTAL POLICY. Northwestern Memorial Hospital Northwestern Memorial Hospital DEPARTMENTAL POLICY Subject: DEPARTMENTAL ADMINISTRATION Title: 1 of 11 Revision of: NEW Effective Date: 01/09/03 I. PURPOSE: This policy defines general behavioral guidelines

More information

HIPAA and 42 CFR Part 2: What does it have to do with you? Carolyn Heyman-Layne, Esq.

HIPAA and 42 CFR Part 2: What does it have to do with you? Carolyn Heyman-Layne, Esq. HIPAA and 42 CFR Part 2: What does it have to do with you? Carolyn Heyman-Layne, Esq. 1 HIPAA 42 CFR Part 2 Other potential privacy laws: Privacy Act, FERPA, AK PIPA, other State laws Other healthcare

More information

HIPAA NOTICE TO PATIENTS

HIPAA NOTICE TO PATIENTS HIPAA NOTICE TO PATIENTS THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY. Federal regulations

More information

HIPAA PRIVACY AND SECURITY AWARENESS. Covering Kids and Families of Indiana April 10, 2014

HIPAA PRIVACY AND SECURITY AWARENESS. Covering Kids and Families of Indiana April 10, 2014 HIPAA PRIVACY AND SECURITY AWARENESS Covering Kids and Families of Indiana April 10, 2014 GOALS AND OBJECTIVES The goal is to provide information to you to promote personal responsibility and behaviors

More information

Protecting Patient Privacy It s Everyone s Responsibility

Protecting Patient Privacy It s Everyone s Responsibility Protecting Patient Privacy It s Everyone s Responsibility Observation & Student Learning Packet 1. Read packet Instructions for Self-Study Module 2. Complete post-test. A score of 80% must be achieved.

More information

UNDERSTANDING THE HIPAA/HITECH BREACH NOTIFICATION RULE 2/25/14

UNDERSTANDING THE HIPAA/HITECH BREACH NOTIFICATION RULE 2/25/14 UNDERSTANDING THE HIPAA/HITECH BREACH NOTIFICATION RULE 2/25/14 RULES Issued August 19, 2009 Requires Covered Entities to notify individuals of a breach as well as HHS without reasonable delay or within

More information

NORTHSTAR DERMATOLOGY, PA NOTICE OF PRIVACY PRACTICES

NORTHSTAR DERMATOLOGY, PA NOTICE OF PRIVACY PRACTICES NORTHSTAR DERMATOLOGY, PA NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT

More information

APPROVED BY: DATE: NUMBER: PAGE: 1 of 9

APPROVED BY: DATE: NUMBER: PAGE: 1 of 9 1 of 9 PURPOSE: To define standards for appropriate and secure use of MCG Health electronic systems, specifically e-mail systems, Internet access, phones (static or mobile; including voice mail) wireless

More information

Statement of Policy. Reason for Policy

Statement of Policy. Reason for Policy Table of Contents Statement of Policy 2 Reason for Policy 2 HIPAA Liaison 2 Individuals and Entities Affected by Policy 2 Who Should Know Policy 3 Exclusions 3 Website Address for Policy 3 Definitions

More information

NOTICE OF PRIVACY PRACTICES

NOTICE OF PRIVACY PRACTICES NOTICE OF PRIVACY PRACTICES Health Insurance Portability and Accountability Act of 1996 (HIPAA) and Drug Abuse Prevention, Treatment, and Rehabilitation ACT THE CENTER FOR HEALTH CARE SERVICES 3031 IH

More information

ACCOUNTABLE HEALTHCARE IPA HIPAA PRIVACY AND SECURITY TRAINING. By: Jerry Jackson Compliance and Privacy Officer

ACCOUNTABLE HEALTHCARE IPA HIPAA PRIVACY AND SECURITY TRAINING. By: Jerry Jackson Compliance and Privacy Officer ACCOUNTABLE HEALTHCARE IPA HIPAA PRIVACY AND SECURITY TRAINING By: Jerry Jackson Compliance and Privacy Officer 1 1 Introduction Welcome to Privacy and Security Training course. This course will help you

More information

Notice of Health Information Privacy Practices Radiology Associates of Norwood, Inc.

Notice of Health Information Privacy Practices Radiology Associates of Norwood, Inc. Notice of Health Information Privacy Practices THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW THIS NOTICE

More information

IF YOU HAVE ANY QUESTIONS ABOUT THIS NOTICE OR IF YOU NEED MORE INFORMATION, PLEASE CONTACT OUR PRIVACY OFFICER:

IF YOU HAVE ANY QUESTIONS ABOUT THIS NOTICE OR IF YOU NEED MORE INFORMATION, PLEASE CONTACT OUR PRIVACY OFFICER: NOTICE OF PRIVACY PRACTICES COMPLETE EYE CARE THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED OR DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

More information

ACKNOWLEDGMENT OF RECEIPT OF NOTICE OF PRIVACY PRACTICES

ACKNOWLEDGMENT OF RECEIPT OF NOTICE OF PRIVACY PRACTICES ACKNOWLEDGMENT OF RECEIPT OF NOTICE OF PRIVACY PRACTICES I acknowledge that I have been provided a copy of Fiorillo Cosmetic and General Dentistry s Notice of Privacy Practices, which has an effective

More information

HIPAA Security Training Manual

HIPAA Security Training Manual HIPAA Security Training Manual The final HIPAA Security Rule for Montrose Memorial Hospital went into effect in February 2005. The Security Rule includes 3 categories of compliance; Administrative Safeguards,

More information

Responding to HIPAA Breaches

Responding to HIPAA Breaches Responding to HIPAA Breaches 11/06/2015 by Kim Stanger HIPAA privacy and security breaches can result in fines of $100 to $50,000 to covered entities (including healthcare providers and health plans) and

More information

Additional Information

Additional Information HIPAA Privacy Procedure #17-7 Effective Date: April 14, 2003 Reviewed Date: February, 2011 Communication of Electronic Protected Health Revised Date: Information by E-mail Scope: Radiation Oncology ****************************************************************************

More information

Northwest Cardiology Associates 400 W. Northwest Hwy Barrington, IL 60010 847.382.4600 Fax 847.382.1771. HIPAA Notice of Privacy Practices ( Notice )

Northwest Cardiology Associates 400 W. Northwest Hwy Barrington, IL 60010 847.382.4600 Fax 847.382.1771. HIPAA Notice of Privacy Practices ( Notice ) Northwest Cardiology Associates 400 W. Northwest Hwy Barrington, IL 60010 847.382.4600 Fax 847.382.1771 HIPAA Notice of Privacy Practices ( Notice ) THIS NOTICE DESCRIBES HOW INFORMATION ABOUT YOU MAY

More information

NOTICE OF PRIVACY PRACTICES

NOTICE OF PRIVACY PRACTICES Effective Date: September 23, 2013 THIS NOTICE DESCRIBES HOW HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY. OUR PLEDGE

More information

Annual Continuing Education (ACE) (Print version) Information Privacy and I.T. Security and Compliance

Annual Continuing Education (ACE) (Print version) Information Privacy and I.T. Security and Compliance Annual Continuing Education (ACE) (Print version) Information Privacy and I.T. Security and Compliance Information Privacy and IT Security & Compliance The information in this module in addition to the

More information

Reproductive Medicine Associates of New Jersey, LLC

Reproductive Medicine Associates of New Jersey, LLC NOTICE OF PRIVACY PRACTICES Effective Date: September 20, 2013 Last Modified: May 12, 2013 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO

More information

HIPAA Privacy & Security Rules

HIPAA Privacy & Security Rules HIPAA Privacy & Security Rules HITECH Act Applicability If you are part of any of the HIPAA Affected Areas, this training is required under the IU HIPAA Privacy and Security Compliance Plan pursuant to

More information

HEALTH INSURANCE PORTABILITY & ACCOUNTABILITY ACT OF 1996 HIPAA

HEALTH INSURANCE PORTABILITY & ACCOUNTABILITY ACT OF 1996 HIPAA TRAINING MANUAL HEALTH INSURANCE PORTABILITY & ACCOUNTABILITY ACT OF 1996 HIPAA Table of Contents INTRODUCTION 3 What is HIPAA? Privacy Security Transactions and Code Sets What is covered ADMINISTRATIVE

More information

TOURO UNIVERSITY WORLDWIDE AND TOURO COLLEGE LOS ANGELES IDENTITY THEFT PREVENTION POLICY 1.0 POLICY/PROCEDURE 2.0 PURPOSE 3.0 SCOPE 4.

TOURO UNIVERSITY WORLDWIDE AND TOURO COLLEGE LOS ANGELES IDENTITY THEFT PREVENTION POLICY 1.0 POLICY/PROCEDURE 2.0 PURPOSE 3.0 SCOPE 4. TOURO UNIVERSITY WORLDWIDE AND TOURO COLLEGE LOS ANGELES IDENTITY THEFT PREVENTION POLICY 1.0 POLICY/PROCEDURE Touro adopts this identity theft policy to help protect employees, students, contractors and

More information

HIPAA Notice of Privacy Practices

HIPAA Notice of Privacy Practices HIPAA Notice of Privacy Practices Date of Last Revision: 09/20/2013 Effective Date: Immediately THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS

More information

General Compliance. General Compliance Training. Course Overview. General Compliance. The intent of the Compliance Program is to:

General Compliance. General Compliance Training. Course Overview. General Compliance. The intent of the Compliance Program is to: General Compliance Training General Compliance Training i The University of Texas Medical Branch at Galveston Course Overview General Compliance The intent of the Compliance Program is to: Promote compliance

More information

The Basics of HIPAA Privacy and Security and HITECH

The Basics of HIPAA Privacy and Security and HITECH The Basics of HIPAA Privacy and Security and HITECH Protecting Patient Privacy Disclaimer The content of this webinar is to introduce the principles associated with HIPAA and HITECH regulations and is

More information

Metropolitan Living, LLC 151 W. Burnsville Parkway, Suite 101 Burnsville, MN 55337 Ph: (952) 564-3030 Fax: (651) 925-0031

Metropolitan Living, LLC 151 W. Burnsville Parkway, Suite 101 Burnsville, MN 55337 Ph: (952) 564-3030 Fax: (651) 925-0031 The Health Insurance Portability and Accountability Act (HIPAA) and Client Privacy Statement This notice describes how your medical information may be used and disclosed and how you can get access to this

More information

This notice describes how psychological and medical information about you may be used and disclosed and how you can get access to this information.

This notice describes how psychological and medical information about you may be used and disclosed and how you can get access to this information. Page 1 of 5 HIPAA Notification Policies and Practices to Protect the Privacy of Your Heath Information This notice describes how psychological and medical information about you may be used and disclosed

More information

Corporate Compliance and HIPAA Security for New Hires

Corporate Compliance and HIPAA Security for New Hires Corporate Compliance and HIPAA Security for New Hires GOALS OF SESSION Review Northside s Compliance Program and Code of Conduct Emphasize the importance of Northside s Compliance Program Review the role

More information

Notice of Privacy Practices

Notice of Privacy Practices Notice of Privacy Practices This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully. This practice uses

More information

HIPAA POLICY PROCEDURE GUIDE

HIPAA POLICY PROCEDURE GUIDE HIPAA POLICY & PROCEDURE GUIDE FRONT END AREAS Office of Compliance & Audit Services - 1 - Table of Contents I. Notice of Privacy Practices: Page 3 II. Disclosing Downstate Directory Information: Page

More information

Privacy & Security of Patient Information 2010

Privacy & Security of Patient Information 2010 Privacy & Security of Patient Information 2010 S&W PRIVACY UPDATE This module is intended to review the policies and procedures of Scott and White that address the HIPAA Privacy Regulations. The module

More information

Population Health Management Program Notice of Privacy Practices

Population Health Management Program Notice of Privacy Practices Population Health Management Program Notice of Privacy Practices Premier Health provides population health management services to its health plan members. Services include wellness program tools and technology,

More information

THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) EMPLOYEE TRAINING MANUAL

THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) EMPLOYEE TRAINING MANUAL THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) EMPLOYEE TRAINING MANUAL What is HIPAA? Comprehensive federal legislation regarding health insurance which is comprised of four key areas:

More information

Are you in the correct place?

Are you in the correct place? 1 Are you in the correct place? This is a training module on the HIPAA Privacy and Security rules. Did you access this module through Mlearning? If yes: Continue with this module If not: If you are associated

More information

PINAL COUNTY POLICY AND PROCEDURE 2.50 ELECTRONIC MAIL AND SCHEDULING SYSTEM

PINAL COUNTY POLICY AND PROCEDURE 2.50 ELECTRONIC MAIL AND SCHEDULING SYSTEM PINAL COUNTY POLICY AND PROCEDURE 2.50 Subject: ELECTRONIC MAIL AND SCHEDULING SYSTEM Date: November 18, 2009 Pages: 1 of 5 Replaces Policy Dated: April 10, 2007 PURPOSE: The purpose of this policy is

More information

The Family Counseling Center of Fulton County NOTICE OF PRIVACY PRACTICES

The Family Counseling Center of Fulton County NOTICE OF PRIVACY PRACTICES The Family Counseling Center of Fulton County NOTICE OF PRIVACY PRACTICES This notice describes the privacy practices of The Family Counseling Center of Fulton County and the privacy rights of the people

More information

HIPAA Notice of Privacy Practices

HIPAA Notice of Privacy Practices This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review this notice carefully. This practice is required by law to

More information

GONZABA MEDICAL GROUP PATIENT REGISTRATION FORM

GONZABA MEDICAL GROUP PATIENT REGISTRATION FORM GONZABA MEDICAL GROUP PATIENT REGISTRATION FORM DATE: CHART#: GUARANTOR INFORMATION LAST NAME: FIRST NAME: MI: ADDRESS: HOME PHONE: ADDRESS: CITY/STATE: ZIP CODE: **************************************************************************************

More information

Order. Directive Number: IM 10-3. Stephen E. Barber Chief Management Officer

Order. Directive Number: IM 10-3. Stephen E. Barber Chief Management Officer Pension Benefit Guaranty Corporation Order Subject: Protecting Sensitive Information Directive Number: IM 10-3 Effective Date: 4/23/08 Originator: OGC Stephen E. Barber Chief Management Officer 1. PURPOSE:

More information

Privacy & Security Standards to Protect Patient Information

Privacy & Security Standards to Protect Patient Information Privacy & Security Standards to Protect Patient Information Health Insurance Portability & Accountability Act (HIPAA) 12/16/10 Topics An An Introduction to to HIPAA HIPAA Patient Rights Rights Routine

More information

NOTICE OF THE NATHAN ADELSON HOSPICE PRIVACY PRACTICES

NOTICE OF THE NATHAN ADELSON HOSPICE PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION PLEASE REVIEW IT CAREFULLY. DEFINITIONS PROTECTED HEALTH INFORMATION (PHI):

More information

Polk Medical Center Notice of Privacy Practices

Polk Medical Center Notice of Privacy Practices Polk Medical Center Notice of Privacy Practices THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

More information

Advanced Eye Care & Optical 499 E Winchester Blvd., Suite 101 Collierville, TN 38017 Phone: 901-850-2366 Fax: 901-850-2367

Advanced Eye Care & Optical 499 E Winchester Blvd., Suite 101 Collierville, TN 38017 Phone: 901-850-2366 Fax: 901-850-2367 NOTICE OF PRIVACY PRACTICES THIS NOTICE OF PRIVACY PRACTICES ( NOTICE ) DESCRIBES HOW WE MAY USE OR DISCLOSE YOUR HEALTH INFORMATION AND HOW YOU CAN ACCESS TO SUCH INFORMATION. PLEASE READ IT CAREFULLY.

More information

ADVOCATE HEALTH CARE NOTICE OF PRIVACY PRACTICES

ADVOCATE HEALTH CARE NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY. I have received the attached Advocate Health

More information