Protecting Privacy & Security in the Health Care Setting
|
|
- Mary Farmer
- 8 years ago
- Views:
Transcription
1 2013 Compliance Training for Contractors and Vendors Module 3 Protecting Privacy & Security in the Health Care Setting For Internal Training Purposes Only.
2 After completing this training, learners will understand: General HIPAA and HITECH Guidelines (Privacy vs. Security) What is Protected Health Information (PHI) The Rule: Treatment, Payment, Healthcare Operations Penalties for Non-Compliance Where to locate policies and procedures Reporting processes
3 PROPERTIES Allow user to leave interaction: Show Next Slide Button: Completion Button Label: 9/21/12 After viewing all the steps Show For Internal upon completion Training Purposes Only. Do Next Slide not copy. Do not distribute. Rev. 10/6/09
4 What Is HIPAA & HITECH HIPAA Federal law (1996) giving patients the right to have their information kept private and secure. Protects all patient identifiable health information in any form. HITECH Expands and enhances HIPAA Privacy and Security Rules Increased regulatory enforcement and penalties for non-compliance
5 PROPERTIES Allow user to leave interaction: Show Next Slide Button: Completion Button Label: 9/21/12 After viewing all the steps Show For Internal upon completion Training Purposes Only. Do Next Slide not copy. Do not distribute. Rev. 10/6/09
6
7 To receive the Notice of Privacy Practices (Access a copy by clicking here.) To request restrictions on uses & disclosures of PHI To be assured of Confidential communications To have the ability to request access to, inspection of, amendment of and copy of PHI To limit reporting to health plans, IF the procedure or visit and subsequent treatment was paid for with cash. To receive an accounting of disclosures for third party disclosures upon request
8 Treatment to use or share PHI to treat a patient to share PHI with that patient for public health purposes for disclosure to our vendors under a written contract (aka Business Associate) Payment Coding Billing Medical Records Accounting Healthcare Operations Planning Management Training Improving quality Providing services Education A written patient authorization is required for any disclosure outside of treatment, payment, or healthcare operations.
9 Public Health Requirements Health Oversight Activities Judicial & Administrative Proceedings Public Safety Government Proceedings Workers Compensation Organ Donation
10 SCENARIO: Family Members and PHI A patient asks the hospital not to disclose any medical information to her sister. She submits the request in writing and the facility agrees. Later, the patient has to be admitted to the hospital. Her sister visits the hospital and asks the provider of an update on her sister s condition. Can the provider discuss this information with the patient s sister? ANSWER: No. In this case, because the patient specifically requested confidentiality, the provider cannot release any information. When a patient asks us to not share their personal information with a family member and we agree, we cannot disclose any information to that family member in any form, at any time.
11 Quality and Education Programs You can talk about patient conditions in provider education programs and in programs to improve quality outcomes. Prescriptions Can be discussed with the patient via telephone Voice Messages Messages can be left but only include minimum necessary No sensitive information
12 SCENARIO: Good Intentions A provider receives an errant fax of a prescription request for a member who she knows from church. From the member s prescription she can see that the member s diagnosis is serious. Later that day, the provider mentions this to another friend who attends the same church and knows the member. She then asks the church secretary to put the member on the church prayer chain. Suddenly, several hundred people know of the member s illness. Is this an acceptable disclosure of information? ANSWER No, the inappropriate disclosure of this information would be a potential HIPAA violation. We are required to protect our patients information from any unauthorized disclosure. When the provider received the fax in error, she should have notified the Compliance department and then securely destroyed the document.
13 The goal when protecting electronic information is to ensure the Confidentiality, Integrity, and Availability (CIA) of critical systems and confidential information. Click here to access IT policies.
14 You are not permitted to use your personal electronic devices for business purposes. Never leave your company-issued electronic device in a visible location in your vehicle. It must be lock in your trunk or taken with you. Never send text messages containing PHI. Texts are not encrypted so they are not secure. Always encrypt containing PHI. Type confidential in the subject line of your . Always report any potential breach of information including stolen equipment.
15 Create a paper trail When in doubt, get an authorization If no authorization and in doubt, do not disclose PHI Segregate medical records Implement internal policies governing access to PHI Never allow health information to be reviewed by employees that do not have a need to know If a breach occurs, contact Corporate Compliance immediately for assistance
16 Violation Minimum Penalty (Per Violation) Maximum Penalty (Per Violation) Individual did not know (and by exercising reasonable diligence would not have known) that he/she violated HIPAA $ Cap at $25,000 $50, Cap at $1.5 million Due to Reasonable Cause and not due to willful neglect $1, Cap at $100,000 $50, Cap at $1.5 million Up to 1 year in prison Due to willful neglect but corrected within the required time period $10, Cap at $250,000 $50, Cap at $1.5 million Up to 1 year in prison Due to willful neglect and not corrected $50, Cap at $1.5 million $50, Cap at $1.5 million Up to 10 years in prison
17 Technical Releases that do not result in inappropriate use or disclosure of PHI Report to Compliance immediately. Meet with supervisor to review the policies that were violated. Repeated violations may lead to disciplinary action including suspension or termination. Unintentional Releases that result in inappropriate use or disclosure of PHI Report to Compliance immediately. Meet with supervisor to review the policies that were violated. The violation may lead to suspension or termination. Repeated violations may lead to disciplinary action including termination. Intentional Report to Compliance immediately. An allegation of intentional release may result in the immediate suspension of the accused pending the outcome of the investigation. If it is determined to be intentional and deliberate, the employee will be terminated immediately and reported to HHS as required by law.
18 SCENARIO: Your Password Information You are reviewing hard copy medical records when a colleague walks in and asks you to look up a patient for her in the computer system. She then says, I know you re busy. Why don t you just give me your username and password so that I don t have to bother you? Is this okay? ANSWER No, this is not an acceptable practice. Never share your user name and/or password with anyone. Even our IT department will never ask you for your username or password. By sharing, you are breaching IT Security policies. This can compromise the security of our systems as well as put you at risk if someone uses your password information to access information inappropriately.
19 SCENARIO: We Never Received the Fax You fax a document to another physician s office; however, that office calls later to indicate that they never received the fax. You confirm the number and find that you faxed it to the wrong number. What do you do? ANSWER If the recipient did not receive the fax: You must attempt to retrieve the errant fax OR ensure that it is securely destroyed. Notify the Corporate Compliance department to report the disclosure. Notate the disclosure in the patient s disclosure log. In the future ALWAYS verify the fax number before sending PHI as this is an unsecure method of transmission.
20 SCENARIO: Quick Stop at the Grocery Store A provider leaves her laptop computer bag on the floorboard of the front seat of her car while going into a grocery store to pick up a few items. She also has a folder containing member names and other PHI on the seat. She puts the folder into the laptop bag and runs into the store. Is this a HIPAA violation? ANSWER Yes. This is a potential HIPAA violation because the computer and its PHI have not been adequately secured. Never leave your laptop unsecured in your vehicle. While our laptops are generally encrypted, it is your responsibility to ensure the physical security of your laptop. Lock in your trunk (utilizing a cable lock) or better, take it with you. In addition, hard copy medical records should NEVER be placed in the same bag as your computer. This increases the risk of PHI being stolen and would be considered a serious breach.
21 SCENARIO: Quick Stop at the Grocery Store A provider leaves her laptop computer bag on the floorboard of the front seat of her car while going into a grocery store to pick up a few items. She also has a folder containing member names and other PHI on the seat. She puts the folder into the laptop bag and runs into the store. Is this a HIPAA violation? ANSWER Yes. This is a potential HIPAA violation because the computer and its PHI have not been adequately secured. Never leave your laptop unsecured in your vehicle. While our laptops are generally encrypted, it is your responsibility to ensure the physical security of your laptop. Lock in your trunk (utilizing a cable lock) or better, take it with you. In addition, hard copy medical records should NEVER be placed in the same bag as your computer. This increases the risk of PHI being stolen and would be considered a serious breach.
22 Your Compliance Team WellMed Medical Group, Compliance Department 8637 Fredericksburg Rd, Suite 360 San Antonio, TX General Questions: Teresa Jacobs, Corporate Compliance Officer:
23 Your Responsibility Know what s right. Ask for clarification if necessary Do what s right. Follow policies and procedures Tell us if you think something isn t right. Every healthcare provider has an obligation to make a good faith report of any activity within the agency that appears to violate compliance policies, procedures or statutes Zero tolerance for retaliation Your Reporting Options Talk to your hiring manager Contact the Compliance Dept compliance@wellmed.net Call Directly Submit an Anonymous Report: Confidentiality is protected to the extent allowed by law. For Internal Training Purposes Only
24 This course requires a 100% passing score to receive credit for completing the training. Please click on the below link to access the quiz or copy/paste the address into your web browser: Module 3: Privacy and Security Rules Quiz Hands-On Compliance
Preventing Fraud, Waste, and Abuse
2013 Compliance Training for Contractors and Vendors Module 2 Preventing Fraud, Waste, and Abuse For Internal Training Purposes Only 1 Learning Objectives After completing this training, learners will
More informationAnnual Compliance Training. HITECH/HIPAA Refresher
Annual Compliance Training HITECH/HIPAA Refresher January 2015 Sisters of Charity of Leavenworth Health System, Inc. All rights reserved. 1 Annual Refresher Training Welcome to the SCL Health System Compliance
More informationHIPAA Privacy and Security
HIPAA Privacy and Security Cindy Cummings, RHIT February, 2015 1 HIPAA Privacy and Security The regulation is designed to safeguard Protected Health Information referred to PHI AND electronic Protected
More informationTABLE OF CONTENTS. University of Northern Colorado
TABLE OF CONTENTS University of Northern Colorado HIPAA Policies and Procedures Page # Development and Maintenance of HIPAA Policies and Procedures... 1 Procedures for Updating HIPAA Policies and Procedures...
More informationPage 1. NAOP HIPAA and Privacy Risks 3/11/2014. Privacy means being able to have control over how your information is collected, used, or shared;
Page 1 National Organization of Alternative Programs 2014 NOAP Educational Conference HIPAA and Privacy Risks Ira J Rothman, CPHIMS, CIPP/US/IT/E/G Senior Vice President - Privacy Official March 26, 2014
More informationSTANDARD ADMINISTRATIVE PROCEDURE
STANDARD ADMINISTRATIVE PROCEDURE 16.99.99.M0.26 Investigation and Response to Breach of Unsecured Protected Health Information (HITECH) Approved October 27, 2014 Next scheduled review: October 27, 2019
More informationPrivacy for Beginners: What Every Healthcare Worker Needs to Know About HIPAA and Privacy
Privacy for Beginners: What Every Healthcare Worker Needs to Know About HIPAA and Privacy What is HIPAA? Health Insurance Portability and Accountability Act (HIPAA) is broad federal legislation that includes
More informationCommunity First Health Plans Breach Notification for Unsecured PHI
Community First Health Plans Breach Notification for Unsecured PHI The presentation is for informational purposes only. It is the responsibility of the Business Associate to ensure awareness and compliance
More informationHealth Insurance Portability and Accountability Act (HIPAA) Overview
Health Insurance Portability and Accountability Act (HIPAA) Overview Agency, Contract and Temporary Staff Orientation Initiated: 5/04, Reviewed: 7/10, Revised: 10/10 Prepared by SHS Administration & Samaritan
More informationWhat is HIPAA? The Health Insurance Portability and Accountability Act (HIPAA) was enacted in 1996.
HIPAA Training What is HIPAA? The Health Insurance Portability and Accountability Act (HIPAA) was enacted in 1996. It provides the ability to transfer and continue health insurance coverage for workers
More informationCompliance Training for Medicare Programs Version 1.0 2/22/2013
Compliance Training for Medicare Programs Version 1.0 2/22/2013 Independence Blue Cross is an independent licensee of the Blue Cross and Blue Shield Association. 1 The Compliance Program Setting standards
More informationHIPAA PRIVACY AND SECURITY TRAINING P I E D M O N T COMMUNITY H EA LT H P L A N
HIPAA PRIVACY AND SECURITY TRAINING P I E D M O N T COMMUNITY H EA LT H P L A N 1 COURSE OVERVIEW This course is broken down into 4 modules: Module 1: HIPAA Omnibus Rule - What you need to know to remain
More informationProtecting Patient Privacy It s Everyone s Responsibility
Protecting Patient Privacy It s Everyone s Responsibility Observation & Student Learning Packet 1. Read packet Instructions for Self-Study Module 2. Complete post-test. A score of 80% must be achieved.
More informationHIPAA Privacy & Breach Notification Training for System Administration Business Associates
HIPAA Privacy & Breach Notification Training for System Administration Business Associates Barbara M. Holthaus privacyofficer@utsystem.edu Office of General Counsel University of Texas System April 10,
More informationDepartment of Health and Human Services Policy ADMN 004, Attachment A
WASHINGTON COUNTY Department of Health and Human Services Policy ADMN 004, Attachment A HHS Confidentiality Agreement Including HIPAA (Health Information Portability and Accessibility Act of 1996) OREGON
More informationREPRODUCTIVE ASSOCIATES OF DELAWARE (RAD) NOTICE OF PRIVACY PRACTICES PLEASE REVIEW IT CAREFULLY.
REPRODUCTIVE ASSOCIATES OF DELAWARE (RAD) NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW PROTECTED HEALTH INFORMATION (PHI) ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS
More informationReporting of HIPAA Privacy/Security Breaches. The Breach Notification Rule
Reporting of HIPAA Privacy/Security Breaches The Breach Notification Rule Objectives What is the HITECH Act? An overview-what is Protected Health Information (PHI) and can I protect patient s PHI? What
More informationHIPAA Privacy & Security Training for Clinicians
HIPAA Privacy & Security Training for Clinicians Agenda This training will cover the following information: Overview of Privacy Rule and Security Rules Using and disclosing Protected Health Information
More informationOF MICHIGAN HEALTH SYSTEM
1 PHI - Protected Health Information UNIVERSITY OF MICHIGAN HEALTH SYSTEM Updated 09/23/2013 2 Q: Is PHI the same as the medical record? A: No. protects more than the official medical record. Lots of other
More informationThe Basics of HIPAA Privacy and Security and HITECH
The Basics of HIPAA Privacy and Security and HITECH Protecting Patient Privacy Disclaimer The content of this webinar is to introduce the principles associated with HIPAA and HITECH regulations and is
More informationCOMPLIANCE ALERT 10-12
HAWAII HEALTH SYSTEMS C O R P O R A T I O N "Touching Lives Every Day COMPLIANCE ALERT 10-12 HIPAA Expansion under the American Recovery and Reinvestment Act of 2009 The American Recovery and Reinvestment
More informationUnderstanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions
Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions Table of Contents Understanding HIPAA Privacy and Security... 1 What
More informationPHI- Protected Health Information
HIPAA Policy 2014 The Health Insurance Portability and Accountability Act is a federal law that protects the privacy and security of patients health information and grants certain rights to patients. Clarkson
More informationSarasota Personal Medicine 1250 S. Tamiami Trail, Suite 202 Sarasota, FL 34239 Phone 941.954.9990 Fax 941.954.9995
Sarasota Personal Medicine 1250 S. Tamiami Trail, Suite 202 Sarasota, FL 34239 Phone 941.954.9990 Fax 941.954.9995 NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY
More informationHealth Information Privacy Refresher Training. March 2013
Health Information Privacy Refresher Training March 2013 1 Disclosure There are no significant or relevant financial relationships to disclose. 2 Topics for Today State health information privacy law Federal
More informationPRIVACY AND SECURITY SURVIVAL TRAINING
PRIVACY AND SECURITY SURVIVAL TRAINING 1.Typeorcutandpastethislinkintothe addressbar: http://hrwebdev.dhs.lacounty.gov/attestation/ 2.Clickthe downarrow 3.Select 2013Privacyand SecuritySurvivalHandbook
More informationACKNOWLEDGMENT OF RECEIPT OF NOTICE OF PRIVACY PRACTICES
ACKNOWLEDGMENT OF RECEIPT OF NOTICE OF PRIVACY PRACTICES I acknowledge that I have been provided a copy of Fiorillo Cosmetic and General Dentistry s Notice of Privacy Practices, which has an effective
More informationHIPAA TRAINING. A training course for Shiawassee County Community Mental Health Authority Employees
HIPAA TRAINING A training course for Shiawassee County Community Mental Health Authority Employees WHAT IS HIPAA? HIPAA is an acronym that stands for Health Insurance Portability and Accountability Act.
More informationHealth Insurance Portability and Accountability Act (HIPAA)
Health Insurance Portability and Accountability Act (HIPAA) General Education Presented by: Bureau of Personnel Department of Health Department of Human Services Department of Social Services Bureau of
More informationHIPAA and Privacy Policy Training
HIPAA and Privacy Policy Training July 2015 1 This training addresses the requirements for maintaining the privacy of confidential information received from HFS and DHS (the Agencies). During this training
More informationHIPAA Training for Staff and Volunteers
HIPAA Training for Staff and Volunteers Objectives Explain the purpose of the HIPAA privacy, security and breach notification regulations Name three patient privacy rights Discuss what you can do to help
More informationCREATIVE SOLUTIONS IN HEALTHCARE, INC. Privacy Policy
CREATIVE SOLUTIONS IN HEALTHCARE, INC. Privacy Policy Amended as of February 12, 2010 on the authority of the HIPAA Privacy Officer for Creative Solutions in Healthcare, Inc. TABLE OF CONTENTS ARTICLE
More informationHIPAA Information Security Overview
HIPAA Information Security Overview Security Overview HIPAA Security Regulations establish safeguards for protected health information (PHI) in electronic format. The security rules apply to PHI that is
More informationHealth Care Information Privacy The HIPAA Regulations What Has Changed and What You Need to Know
Health Care Information Privacy The HIPAA Regulations What Has Changed and What You Need to Know Note: Information provided to NCRA by Melodi Gates, Associate with Patton Boggs, LLC Privacy and data protection
More informationHIPPA Goes HITECH. Data Protection for Agents
HIPPA Goes HITECH Data Protection for Agents For agent information only. this material should not be distributed to the public or used in any solicitation. 13-0127 Course objectives Agents will be able
More informationSELF-LEARNING MODULE (SLM) 2012 HIPAA Education Privacy Basics and Intermediate Modules
SELF-LEARNING MODULE (SLM) 2012 HIPAA Education Privacy Basics and Intermediate Modules Page 2 Index Privacy 101 and Intermediate Privacy Self-Learning Module 2012 HIPAA Education 3 Instructions Index
More informationAlliance for Clinical Education (ACE) Student HIPAA Training
Alliance for Clinical Education (ACE) Student HIPAA Training Health Insurance Portability and Accountability Act of 1996 October 2003 1 Objectives Understand the HIPAA Privacy rules and regulations Understand
More informationNew Privacy Laws Impacting the Health Care Work Place
New Privacy Laws Impacting the Health Care Work Place Presented by Thomas E. Jeffry, Jr., Esq. Arent Fox LLP Washington, DC New York, NY Los Angeles, CA November 12 & 19, 2009 Overview 1. Overview of California
More informationNCHICA HITECH Act Breach Notification Risk Assessment Tool. Prepared by the NCHICA Privacy, Security & Legal Officials Workgroup
NCHICA HITECH Act Breach Notification Risk Assessment Tool Prepared by the NCHICA Privacy, Security & Legal Officials Workgroup NORTH CAROLINA HEALTHCARE INFORMATION AND COMMUNICATIONS ALLIANCE, INC August
More information2014 Core Training 1
2014 Core Training 1 Course Agenda Review of Key Privacy Laws/Regulations: Federal HIPAA/HITECH regulations State privacy laws Privacy & Security Policies & Procedures Huntsville Hospital Health System
More informationHIPAA Training for Hospice Staff and Volunteers
HIPAA Training for Hospice Staff and Volunteers Hospice Education Network Objectives Explain the purpose of the HIPAA privacy and security regulations Name three patient privacy rights Discuss what you
More informationPrivacy Compliance Health Occupations Students
Privacy Compliance Health Occupations Students Health Occupations Students The information in this power point is the same information provided to new SCHS caregivers at their orientation. We cannot stress
More informationHEALTH INSURANCE PORTABILITY & ACCOUNTABILITY ACT OF 1996 HIPAA
TRAINING MANUAL HEALTH INSURANCE PORTABILITY & ACCOUNTABILITY ACT OF 1996 HIPAA Table of Contents INTRODUCTION 3 What is HIPAA? Privacy Security Transactions and Code Sets What is covered ADMINISTRATIVE
More informationJoseph Suchocki HIPAA Compliance 2015
Joseph Suchocki HIPAA Compliance 2015 Sponsored by Eagle Associates, Inc. Eagle Associates provides compliance services for over 1,200 practices nation wide. Services provided by Eagle Associates address
More informationWhat Health Care Entities Need to Know about HIPAA and the American Recovery and Reinvestment Act
What Health Care Entities Need to Know about HIPAA and the American Recovery and Reinvestment Act by Lane W. Staines and Cheri D. Green On February 17, 2009, The American Recovery and Reinvestment Act
More informationThe ReHabilitation Center. 1439 Buffalo Street. Olean. NY. 14760
Procedure Name: HITECH Breach Notification The ReHabilitation Center 1439 Buffalo Street. Olean. NY. 14760 Purpose To amend The ReHabilitation Center s HIPAA Policy and Procedure to include mandatory breach
More informationHIPAA Omnibus & HITECH Rules: Key Provisions and a Simple Checklist. www.riskwatch.com
HIPAA Omnibus & HITECH Rules: Key Provisions and a Simple Checklist www.riskwatch.com Introduction Last year, the federal government published its long awaited final regulations implementing the Health
More informationCompliance HIPAA Training. Steve M. McCarty, Esq. General Counsel Sound Physicians
Compliance HIPAA Training Steve M. McCarty, Esq. General Counsel Sound Physicians 1 Overview of HIPAA HIPAA contains provisions that address: The privacy of protected health information or PHI The security
More informationHIPAA Compliance for Students
HIPAA Compliance for Students The Health Insurance Portability and Accountability Act (HIPAA) was passed in 1996 by the United States Congress. It s intent was to help people obtain health insurance benefits
More informationMeeting the HIPAA Training and Business Associate Requirements Questions and Answers, with HIPAA Security Expert Mike Semel
Meeting the HIPAA Training and Business Associate Requirements Questions and Answers, with HIPAA Security Expert Mike Semel Questions Answers 1 Is a Business Associate (BA) responsible for assuming a Covered
More informationUpdated HIPAA Regulations What Optometrists Need to Know Now. HIPAA Overview
Updated HIPAA Regulations What Optometrists Need to Know Now The U.S. Department of Health & Human Services Office for Civil Rights recently released updated regulations regarding the Health Insurance
More informationAuthorized. User Agreement
Authorized User Agreement CareAccord Health Information Exchange (HIE) Table of Contents Authorized User Agreement... 3 CareAccord Health Information Exchange (HIE) Polices and Procedures... 5 SECTION
More informationHIPAA Policy, Protection, and Pitfalls ARTHUR J. GALLAGHER & CO. BUSINESS WITHOUT BARRIERS
HIPAA Policy, Protection, and Pitfalls Overview HIPAA Privacy Basics What s covered by HIPAA privacy rules, and what isn t? Interlude on the Hands-Off Group Health Plan When does this exception apply,
More informationHIPAA. New Breach Notification Risk Assessment and Sanctions Policy. Incident Management Policy. Focus on: For breaches affecting 1 3 individuals
HIPAA New Breach Notification Risk Assessment and Sanctions Policy Incident Management Policy For breaches affecting 1 3 individuals +25 individuals + 500 individuals Focus on: analysis documentation PHI
More informationHIPAA Awareness Training
New York State Office of Mental Health Bureau of Education and Workforce Development HIPAA Awareness Training This training material was prepared for internal use by the New York State Office of Mental
More informationHIPAA: Bigger and More Annoying
HIPAA: Bigger and More Annoying Instructor: Laney Kay, JD Contact information: 4640 Hunting Hound Lane Marietta, GA 30062 (770) 312-6257 (770) 998-9204 (fax) laney@laneykay.com www.laneykay.com OFFICIAL
More informationGetting Hip to the HIPAA and HITECH Act Compliance
Getting Hip to the HIPAA and HITECH Act Compliance NaNotchka M. Chumley, D.O., M.P.H. Family Medicine Physician Los Angeles, CA Integrating Global Trade & Logistic and Cybersecurity Westin St. Francis,
More informationHIPAA and the HITECH Act Privacy and Security of Health Information in 2009
HIPAA and the HITECH Act Privacy and Security of Health Information in 2009 What is HIPAA? Health Insurance Portability & Accountability Act of 1996 Effective April 13, 2003 Federal Law HIPAA Purpose:
More informationOverview of the HIPAA Security Rule
Office of the Secretary Office for Civil Rights () Overview of the HIPAA Security Rule Office for Civil Rights Region IX Alicia Cornish, EOS Sheila Fischer, Supervisory EOS Topics Upon completion of this
More informationHIPAA PRIVACY POLICIES & PROCEDURES. Department of Behavioral Health and Developmental Services DBHHDS GENERAL AWARENESS TRAINING
HIPAA PRIVACY POLICIES & PROCEDURES Department of Behavioral Health and Developmental Services DBHHDS GENERAL AWARENESS TRAINING March 2012 HIPAA Humor (North Dakota Dept of Health) 2 HIPAA-Ectomy - the
More informationHIPAA COMPLIANCE PLAN. For. CHARLES RETINA INSTITUTE (Practice Name)
HIPAA COMPLIANCE PLAN For CHARLES RETINA INSTITUTE (Practice Name) Date of Adoption 1/02/2003 Review/Update 10/25/2012 Review/Update 4/01/2014 I. COMPLIANCE PLAN A. Introduction This HIPAA Compliance Plan
More informationHIPAA Compliance. 2013 Annual Mandatory Education
HIPAA Compliance 2013 Annual Mandatory Education What is HIPAA? Health Insurance Portability and Accountability Act Federal Law enacted in 1996 that mandates adoption of Privacy protections for health
More informationHealth Insurance Portability and Accountability Act (HIPAA) Compliance Training
Health Insurance Portability and Accountability Act (HIPAA) Compliance Training 1 Objectives By the end of this lesson, you should be able to: Define protected health information (PHI) covered under HIPAA
More informationKiran Mishra, Ph.D. Licensed Clinical Psychologist. Sugar Land, TX 77478 (832) 876-3232 TEXAS NOTICE FORM
Kiran Mishra, Ph.D. Licensed Clinical Psychologist 1111 Highway 6, Suite 235 Sugar Land, TX 77478 (832) 876-3232 TEXAS NOTICE FORM Notice of Psychologists Policies and Practices to Protect the Privacy
More informationHIPAA In The Workplace. What Every Employee Should Know and Remember
HIPAA In The Workplace What Every Employee Should Know and Remember What is HIPAA? The Health Insurance Portability and Accountability Act of 1996 Portable Accountable Rules for Privacy Rules for Security
More informationThis presentation focuses on the Healthcare Breach Notification Rule. First published in 2009, the final breach notification rule was finalized in
This presentation focuses on the Healthcare Breach Notification Rule. First published in 2009, the final breach notification rule was finalized in the HIPAA Omnibus Rule of 2013. As part of the American
More informationHIPAA Compliance Evaluation Report
Jun29,2016 HIPAA Compliance Evaluation Report Custom HIPAA Risk Evaluation provided for: OF Date of Report 10/13/2014 Findings Each section of the pie chart represents the HIPAA compliance risk determinations
More informationHIPAA Employee Compliance Program TRAINING MANUAL
HIPAA Employee Compliance Program TRAINING MANUAL Training Manual to Assist Employees in HIPAA Compliance January 2013 Program For HIPAA Compliance Plan Goal The purpose of this manual is to instruct our
More informationHIPAA Privacy. September 21, 2013
HIPAA Privacy September 21, 2013 HIPAA Privacy Workforce Training The Health Insurance Portability & Accountability Act (HIPAA) requires that the University train all workforce members (faculty, staff,
More informationBUSINESS ASSOCIATE ADDENDUM
BUSINESS ASSOCIATE ADDENDUM This Business Associate Addendum ( Addendum ) adds to and is made a part of the Q- global Subscription and License Agreement by and between NCS Pearson, Inc. ( Business Associate
More informationHHS Issues New HITECH/HIPAA Rule: Implications for Hospice Providers
Compliance Tip Sheet National Hospice and Palliative Care Organization www.nhpco.org/regulatory HHS Issues New HITECH/HIPAA Rule: Implications for Hospice Providers Hospice Provider Compliance To Do List
More informationHIPAA PRIVACY AND SECURITY AWARENESS. Covering Kids and Families of Indiana April 10, 2014
HIPAA PRIVACY AND SECURITY AWARENESS Covering Kids and Families of Indiana April 10, 2014 GOALS AND OBJECTIVES The goal is to provide information to you to promote personal responsibility and behaviors
More informationHIPAA Privacy & Security Health Insurance Portability and Accountability Act
HIPAA Privacy & Security Health Insurance Portability and Accountability Act ASSOCIATE EDUCATION St. Elizabeth Medical Center Origin and Purpose of HIPAA In 2003, Congress enacted new rules that would
More informationWelcome to ChiroCare s Fourth Annual Fall Business Summit. October 3, 2013
Welcome to ChiroCare s Fourth Annual Fall Business Summit October 3, 2013 HIPAA Compliance Regulatory Overview & Implementation Tips for Providers Agenda Green packet Overview of general HIPAA terms and
More informationJeff M. Bauman, Psy.D. P.A. and Associates FLORIDA-HIPAA PRIVACY NOTICE FORM
Jeff M. Bauman, Psy.D. P.A. and Associates FLORIDA-HIPAA PRIVACY NOTICE FORM Notice of Psychologists Policies and Practices to Protect the Privacy of Your Health Information THIS NOTICE DESCRIBES HOW PSYCHOLOGICAL
More informationDATA BREACHES: HOW TO AVOID THEM AND WHAT TO DO IF IT HAPPENS. Emory IRB Webinar January 8, 2015
DATA BREACHES: HOW TO AVOID THEM AND WHAT TO DO IF IT HAPPENS Emory IRB Webinar January 8, 2015 ACKNOWLEDGMENTS Thanks to Kris West for the information provided for this webinar DEFINITIONS Protected Health
More informationClinical Solutions. 2 Hour CEU
1 2 Hour CEU 2 Course Objectives The purpose of this program is to provide nurses with information about the Health Insurance Portability and Accountability Act (HIPAA), especially as it relates to protected
More informationMetropolitan Living, LLC 151 W. Burnsville Parkway, Suite 101 Burnsville, MN 55337 Ph: (952) 564-3030 Fax: (651) 925-0031
The Health Insurance Portability and Accountability Act (HIPAA) and Client Privacy Statement This notice describes how your medical information may be used and disclosed and how you can get access to this
More informationTable of Contents INTRODUCTION AND PURPOSE 1
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 ( HIPAA ) COMPLIANCE PROGRAM Adopted December 2008: Revised February 2009, May, 2012, and August 2013 Table of Contents INTRODUCTION AND PURPOSE
More informationAVE MARIA UNIVERSITY HIPAA PRIVACY NOTICE
AVE MARIA UNIVERSITY HIPAA PRIVACY NOTICE This Notice of Privacy Practices describes the legal obligations of Ave Maria University, Inc. (the plan ) and your legal rights regarding your protected health
More informationWelcome to the University of Utah Health Sciences HIPAA Privacy and Security Training Program
Welcome to the University of Utah Health Sciences HIPAA Privacy and Security Training Program You cannot have Privacy without Security. Requirements of All UUHS Workforce Members ALL University of Utah
More informationHIPAA Compliance Policies and Procedures. Privacy Standards:
Privacy Standards: Policy Name: Protected Health Information Policy #: 1-01 Reference: 45 CFR 164 Performance Physical Therapy will not use or disclose protected health information without the consent
More informationHIPAA 101. March 18, 2015 Webinar
HIPAA 101 March 18, 2015 Webinar Agenda Acronyms to Know HIPAA Basics What is HIPAA and to whom does it apply? What is protected by HIPAA? Privacy Rule Security Rule HITECH Basics Breaches and Responses
More informationHITECH ACT UPDATE HIPAA BREACH NOTIFICATION RULE WEB CAST. David G. Schoolcraft Ogden Murphy Wallace, PLLC dschoolcraft@omwlaw.com
HITECH ACT UPDATE HIPAA BREACH NOTIFICATION RULE WEB CAST David G. Schoolcraft Ogden Murphy Wallace, PLLC dschoolcraft@omwlaw.com Presenters David Schoolcraft, Member, Ogden Murphy Wallace, PLLC Taya Briley,
More informationPrivacy and Security For Managers
Privacy and Security For Managers This self directed learning module contains information all CHS Teammates are expected to know in order to protect our patients, our guests, and ourselves. Target Audience:
More informationHIPAA and You The Basics
HIPAA and You The Basics The Purpose of HIPAA Privacy Rules 1. Provide strong federal protections for privacy rights Ensure individual trust in the privacy and security of his or her health information
More informationINFORMATION SECURITY & HIPAA COMPLIANCE MPCA
INFORMATION SECURITY & HIPAA COMPLIANCE MPCA Annual Conference August 5, 201 Agenda 1 HIPAA 2 The New Healthcare Paradigm Internal Compliance 4 Conclusion 2 1 HIPAA 1 Earning Their Trust 4 HIPAA 5 Health
More informationNOTICE OF PRIVACY PRACTICES
NOTICE OF PRIVACY PRACTICES Health Insurance Portability and Accountability Act of 1996 (HIPAA) and Drug Abuse Prevention, Treatment, and Rehabilitation ACT THE CENTER FOR HEALTH CARE SERVICES 3031 IH
More informationMedical Privacy Version 2015.12.10 - Standard. Business Associate Agreement. 1. Definitions
Medical Privacy Version 2015.12.10 - Standard Business Associate Agreement This Business Associate Agreement (the Agreement ) shall apply to the extent that the Lux Scientiae HIPAA Customer signee is a
More informationNOTICE OF HEALTH INFORMATION PRIVACY PRACTICES (HIPAA)
NOTICE OF HEALTH INFORMATION PRIVACY PRACTICES (HIPAA) THIS NOTICE OF PRIVACY PRACTICES DESCRIBES HOW HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.
More informationGuadalupe Regional Medical Center
Guadalupe Regional Medical Center Health Insurance Portability & Accountability Act (HIPAA) By Debby Hernandez, Compliance/HIPAA Officer HIPAA Privacy & Security Training Module 1 This module will address
More informationHIPAA 101: Privacy and Security Basics
HIPAA 101: Privacy and Security Basics Purpose This document provides important information about Kaiser Permanente policies and state and federal laws for protecting the privacy and security of individually
More informationDEPARTMENTAL POLICY. Northwestern Memorial Hospital
Northwestern Memorial Hospital DEPARTMENTAL POLICY Subject: DEPARTMENTAL ADMINISTRATION Title: 1 of 11 Revision of: NEW Effective Date: 01/09/03 I. PURPOSE: This policy defines general behavioral guidelines
More informationInformation Security It s Everyone s Responsibility
Information Security It s Everyone s Responsibility Developed By The University of Texas at Dallas (ISO) Purpose of Training As an employee, you are often the first line of defense protecting valuable
More informationDETAILED NOTICE OF PRIVACY AND SECURITY PRACTICES OF THE Trustees of the Stevens Institute of Technology Health & Welfare Plan
DETAILED NOTICE OF PRIVACY AND SECURITY PRACTICES OF THE Trustees of the Stevens Institute of Technology Health & Welfare Plan THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED
More informationHeather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com
Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com HIPAA Privacy Rule Sets standards for confidentiality and privacy of individually
More informationNotice of Health Information Privacy Practices Radiology Associates of Norwood, Inc.
Notice of Health Information Privacy Practices THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW THIS NOTICE
More informationTrust 9/10/2015. Why Does Privacy and Security Matter? Who Must Comply with HIPAA Rules? HIPAA Breaches, Security Risk Analysis, and Audits
HIPAA Breaches, Security Risk Analysis, and Audits Derrick Hill Senior Health IT Advisor Kentucky REC Why Does Privacy and Security Matter? Trust Who Must Comply with HIPAA Rules? Covered Entities (CE)
More informationFLORIDA MEDICAL CLINIC, P.A. NOTICE OF PRIVACY PRACTICES
FLORIDA MEDICAL CLINIC, P.A. NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW
More informationBy the end of this course you will demonstrate:
1 By the end of this course you will demonstrate: 1. that HIPAA privacy rules protect privacy and security of confidential information. 2. your responsibility for use and protection of protected health
More information