HIPAA SELF STUDY TRAINING GUIDE

Similar documents
HIPAA OVERVIEW ETSU 1

HIPAA PRIVACY AND SECURITY AWARENESS

HIPAA COMPLIANCE INFORMATION. HIPAA Policy

Grand Rapids Medical Education Partners Mercy Health Saint Mary s Spectrum Health. Pam Jager, GRMEP Director of Education & Development

HIPAA-P06 Use and Disclosure of De-identified Data and Limited Data Sets

HIPAA Education Level One For Volunteers & Observers

HIPAA COMPLIANCE. What is HIPAA?

JEWISH FAMILY SERVICE NOTICE OF PRIVACY PRACTICES

HIPAA Employee Training Guide. Revision Date: April 11, 2015

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA): FACT SHEET FOR NEUROPSYCHOLOGISTS Division 40, American Psychological Association

State of Connecticut Department of Social Services HIPAA Policies and Procedures Manual

HIPAA Self-Study Module Patient Privacy at Unity Health Care, Inc HIPAA Hotline

Protecting Personal Health Information in Research: Understanding the HIPAA Privacy Rule

ACRONYMS: HIPAA: Health Insurance Portability and Accountability Act PHI: Protected Health Information

A Privacy and Information Security Guide for UCLA Workforce. HIPAA and California Privacy Laws

8.03 Health Insurance Portability and Accountability Act (HIPAA)

HIPAA Training for the MDAA Preceptorship Program. Health Insurance Portability and Accountability Act

Patient Privacy and HIPAA/HITECH

The HIPAA privacy rule established federal law to help protect the use and disclosure of patient information. The privacy rule prohibits a covered

Health Insurance Portability and Accountability Policy 1.8.4

This notice describes how psychological and medical information about you may be used and disclosed and how you can get access to this information.

ACKNOWLEDGMENT OF RECEIPT OF NOTICE OF PRIVACY PRACTICES

Health Information Privacy Refresher Training. March 2013

Schindler Elevator Corporation

Winthrop-University Hospital

Client Information Bariatric Surgery Support Group

HIPAA Privacy Summary for Fully-insured Employer Groups

We are required to provide this Notice to you by the Health Insurance Portability and Accountability Act ("HIPAA")

Department of Health and Human Services Policy ADMN 004, Attachment A

Gaston County HIPAA Manual

BUSINESS ASSOCIATE AGREEMENT HIPAA Protected Health Information

COURTNEE A. PELTON, PSY.D.

2014 Core Training 1

BUSINESS ASSOCIATE AGREEMENT BETWEEN LEWIS & CLARK COLLEGE AND ALLEGIANCE BENEFIT PLAN MANAGEMENT, INC. I. PREAMBLE

PRIVACY NOTICE. In certain situations, we may also disclose patient information to another provider or health plan for their health care operations.

Statement of Policy. Reason for Policy

Keweenaw Holistic Family Medicine Patient Registration Form

CREATIVE SOLUTIONS IN HEALTHCARE, INC. Privacy Policy

DATA USE AGREEMENT RECITALS

There are three sections to HIPAA the Privacy Rule, the Security Rule, and the Transaction Rule.

HIPAA and Privacy Policy Training

HIPAA NOTICE OF PRIVACY PRACTICES

HIPAA-Compliant Research Access to PHI

PATIENT RECORDS PRIVACY POLICIES AND PROCEDURES FOR HIPAA COMPLIANCE (4/03)

PEPPERDINE UNIVERSITY HIPAA Policies Procedures and Forms Manual

HIPAA Privacy Summary for Self-insured Employer Groups

HIPAA 101: Privacy and Security Basics

HIPAA and You The Basics

State of Nevada Public Employees Benefits Program. Master Plan Document for the HIPAA Privacy and Security Requirements for PEBP Health Benefits

How To Understand And Understand The Benefits Of A Health Insurance Risk Assessment

NOTICE OF PRIVACY PRACTICES Allergy Treatment Center of New Jersey, P.C. Effective Date: April 14, 2003

Compliance Program and HIPAA Training For First Tier, Downstream and Related Entities

HEALTH INSURANCE PORTABILITY & ACCOUNTABILITY ACT OF 1996 HIPAA

Releasing Information

BUSINESS ASSOCIATE AGREEMENT

HIPAA Happenings in Hospital Systems. Donna J Brock, RHIT System HIM Audit & Privacy Coordinator

INTRODUCTION. The HIPAA Privacy Rule and Electronic Health Information Exchange in a Networked Environment

The Health and Benefit Trust Fund of the International Union of Operating Engineers Local Union No A-94B, AFL-CIO. Notice of Privacy Practices

HIPAA Privacy & Security Training for Clinicians

HIPAA MANUAL. Most health plans and health care providers that are covered by the new Rule must comply with the new requirements by April 14, 2003.

U.S. Department of Health and Human Services. U.S. Department of Education

HIPAA PRIVACY POLICIES AND PROCEDURES

PHI- Protected Health Information

HIPAA. Privacy and Security Frequently Asked Questions for Employers. Gallagher Benefit Services, Inc.

HIPAA PRIVACY AND SECURITY TRAINING P I E D M O N T COMMUNITY H EA LT H P L A N

Malpractice Issues for the Radiologic Technologist

Kiran Mishra, Ph.D. Licensed Clinical Psychologist. Sugar Land, TX (832) TEXAS NOTICE FORM

HIPAA TRAINING. A training course for Shiawassee County Community Mental Health Authority Employees

Health Insurance Portability & Accountability Act (HIPAA) Compliance Application

HIPAA POLICY REGARDING DE-IDENTIFICATION OF PROTECTED HEALTH INFORMATION AND USE OF LIMITED DATA SETS

UNDERSTANDING THE HIPAA/HITECH BREACH NOTIFICATION RULE 2/25/14

SDC-League Health Fund

Transcription:

HIPAA SELF STUDY TRAINING GUIDE I have received the LifeWays HIPAA SELF STUDY TRAINING GUIDE. I understand that I will be accountable for the information contained in the guide. If I have questions I may contact LifeWays or my employer for clarification. I also understand that this training acknowledgement will be maintained evidence of my participation in the HIPAA training program. Instructions: Upon completion of the training module forward this training confirmation page and the pre and post tests to your employer to maintain evidence of completion. Name (please print): My signature below indicates that I: Completed the HIPAA Training, including the Pre and Post Tests, on / /. Understand that if I have any questions regarding the training subject matter I may contact LifeWays or my employer for clarification. Have achieved functional competency in the training subject matter. Employee Signature: Date: 1

INSTRUCTIONS 1. Complete the Pre-Test. How well do you think you did? 2. To find out, read the training module thoroughly. 3. Complete the Post-Test. Do you think you did better this time around? 4. To find out, compare your answers with those on the Answer Key. 5. Finally, complete the Training Acknowledgement Sheet (Page 1) and forward along with the Pre and Post-Tests to your employer to maintain evidence of receiving the training. 2

Please insert the most appropriate answer. HIPPA Training Module Pre-Test # Question Answer 1 What is HIPAA? a. A large portly mammal b. Health Insurance Portability & Accountability Act 2 What is/are the objective(s) of HIPAA? a. assure health insurance portability b. protect the privacy of PHI c. simplify the administration of financial & administrative transactions d. A, B & C 3 The describes how the consumer s PHI may be used or disclosed. a. Notice of Privacy Practice b. clinical authorization c. confidentiality statement 4 What is PHI? a. Personal Health Information b. A sorority house in Ann Arbor 5 According to HIPAA is LifeWays a covered entity? a. yes b. no 6 According to HIPAA must a record be maintained of all health information disclosures? a. yes b. no 7 Substance abuse information must be specifically requested and the release of this information is subject to stricter standards including that a subpoena alone is not sufficient and a release requires special rules be followed. a. true b. false 8 Consumers DO NOT have the right to inspect, copy, or amend PHI. a. true b. false 9 HIPAA is a Federal Statute that establishes national standards for claims billing. a. true b. false 10 LifeWays DOES NOT have to make a good faith attempt to obtain written acknowledgement from consumers that they have received a copy of the Notice of Privacy Practices consumers. a. true b. false 11. According to HIPAA, PHI includes ONLY information that relates to the present or future mental health conditions, NOT physical health issues or historical information. a. true b. false 12. It is O.K. to discuss a consumer s unusual presenting problem during a luncheon in a small private café with your co-worker as long as no other customers are present. a. yes b. no 13. Below write down 3 things that you can do to protect our consumers privacy. 1. 2. 3. 14. Below write down 4 sources of PHI you have on-site. 1. 2. 3. 4. 15. Is YOUR PHI also covered by HIPAA? a. yes b. no How well did you do? Please read the following Training Module and find out. 3

HIPAA Training Module What Is HIPAA? Health Insurance Portability and Accountability Act. HIPAA is a federal statute that establishes national standards for medical privacy and the security of individual s health information. Why Is HIPAA Necessary? HIPAA was passed by Congress in response to growing concerns that technological advances and the increasingly complex manner in which health care services were delivered and coordinated were resulting in, or could result in, risks to the privacy of an individual s health information maintained by healthcare providers, health plans, and their various business associates. State statutes existed, however, few provided comprehensive, reliable standards and even fewer made it clear as to what patients rights were to access information in their own medical records. What Is The Objective Of HIPAA? HIPAA s objective extends Federal oversight to: Assure health insurance portability Protect the privacy and security of individuals health information Simplify the administration of healthcare financial and administrative transactions What Are The Privacy Rule Requirements? Designate a Privacy Official Mandatory employee education on privacy policies and practices Implementation of administrative, technical, and physical safeguards to ensure privacy Policies and procedures for the protection of health information and individuals rights Complaint processes that accept and record consumer complaints about the entity s information practices What Is A Notice of Privacy Practices? The Notice of Privacy Practices describes how the consumer s clinical information may be used or disclosed and how they may get access to that information. The Notice of Privacy Practices must be given to each consumer and must be posted at our buildings. LifeWays must make a good faith attempt to obtain written acknowledgement that the consumer has received a copy of the Notice of Privacy Practices, or document the reason why an acknowledgement was not obtained. What Is Protected Health Information (PHI)? Protected Health Information (PHI): includes 18 categories of individually identifiable health information, which is created or received by a covered entity, transmitted or maintained in any form or medium, including paper records. Such information relates to the past, present, or future physical health, mental health or condition of an individual. PHI either identifies or could be used to identify the individual. Any individually identifiable health information transmitted or maintained by a covered entity used or disclosed for treatment, payment, or operations. It also includes all electronic, written, or verbal consumer information. Examples of PHI: Name of consumer, relative, etc. Geographic information Zip Code Date of birth, admission, discharge 4

Telephone number Fax number Email address Social Security Number Medical Record number Health Plan number Account Plan number Certificate or License number Any full-face photo image or comparable image Vehicle ID / Serial number Any device ID number Web Universe Resource Locators (URL) Internet Protocol Address numbers Any Biometric ID Any other unique ID or characteristic or code What Is A Covered Entity? A Covered Entity is a health care provider, health care clearinghouse or health plan, who transmits PHI electronically or otherwise in connection with a transaction in connection with a transaction. What Is A Business Associate? A Business Associate is a person or entity that performs certain functions or activities on behalf of an entity or provides certain services to an entity that involves the use or disclosure of PHI. What Does Disclosure Mean? Disclosure means the release, transfer, provision of access to or divulging of information in any other manner outside of your employment. Why Do I Need To Know This Information? All reasonable efforts must be made not to disclose more than the minimum necessary information needed to accomplish the intended purpose. Staff access to PHI is based upon specific job duties and roles. What Are Some Things I Can Do To Protect Our Consumers Privacy? Treat all information as if it were about you or your family Do not discuss confidential consumer information in hallways, restrooms, etc. Do not discuss consumer information with your family, friends, or other consumers not directly involved in the consumer s treatment Do not leave files, schedules, or computer screens containing consumer information in plain view Shred PHI before discarding Access only those systems you are officially authorized to access Do not share passwords Access only information you need to do your job Do not allow others to read over your shoulder Do not allow visitors or consumers in staff areas, dictating rooms, file storage areas, etc. Do not hold telephone conversations or conduct dictation in areas where confidential information can be heard Call out only the consumer s first name in a waiting room 5

What Is An Authorization? An Authorization is an agreement between the covered entity and the consumer and or guardian to use specific PHI for specific purposes. The authorization must specifically describe the PHI being collected, who is collecting the information, to whom it will be released, why it is being released it, how long the authorization is in effect, and it must be signed and dated by the consumer and or guardian. What Are The Guidelines For Disclosures Of PHI? A summary of Section 330.1748 of Public Act 258 (Michigan Mental Health Code) will be maintained in each consumer's medical record. A record shall be maintained of all information disclosures, including: - The information released - To whom it was released - The purpose for the release - The subsection of Section 330.1748, or other law, under which the disclosure was made Information disclosed from another source to the agency shall not be released. Any release requires the informed written consent of the consumer, parent, or guardian. The consent must include the following: 1. The information released 2. To whom it was released 3. The purpose for the release 4. The subsection of Section 330.1748, or other law, under which the disclosure was made 5. Name of the consumer about whom information is to be released 6. Content to be released 7. To whom the information is to be released 8. The purpose for the release 9. The date the release is signed 10. The circumstances under which the release expires 11. Information about how to revoke the release 12. The signature of the legally authorized person who can consent Information may also be released under the following circumstances: 1. Upon order(s) or subpoenas of a court of record, or subpoenas of the legislature, unless the information is made privileged by some provision of law. Substance abuse information must be specifically requested and release is subject to stricter standards including that subpoena alone is not sufficient and release requires special rules be followed. 2. To a prosecuting attorney as necessary to prepare for a proceeding governed by the Mental Health Code. Substance abuse information is protected from release by law. 3. To an attorney for the recipient, when the recipient, guardian, or parent with legal and physical custody of a minor, has given consent. 4. To a representative of Michigan Protection and Advocacy Services, pursuant to section 330.1748 of the Mental Health Code. 5. To DHS, within 14 days after receipt of a written request from them, pursuant to Section 330.1748(a) of the Mental Heath Code. 6. When necessary to comply with another provision of the law [i.e. the Child Protection Act]. 7. To the Department of Community Health when the information is necessary for the office to discharge a responsibility placed upon it by law. 6

8. To the Office of the Auditor General when the information is necessary for that office to conduct its constitutional responsibilities. 9. The entire medical and clinical record shall be released to other behavioral health practitioners, health services or public agencies if authorized by the consumer/guardian, provided that in the judgment of the holder of the record the disclosure would not be detrimental to the consumer or others. 10. Information may be disclosed at the discretion of the holder of the record to apply for benefits, only if the benefits shall accrue to the state or shall be subject to collection for liability for mental health service. 11. Information may be disclosed as necessary for outside evaluation, accreditation, or statistical compilation, provided that the consumer who is the subject of the information cannot be identified. 12. If there is a compelling need for disclosure based upon a substantial o probability of harm to the recipient or other individuals, information may o be released to a provider of mental health or other health services or a o public agency, at the discretion of the holder of the record. What Rights Do Consumers Have Under The HIPAA Privacy Regulations? The right to inspect and copy PHI The right to amend PHI The right to receive confidential communications The right to request restrictions on certain uses and disclosure The right to obtain a photocopy of their PHI What Are The Penalties Under HIPAA? Simple disclosure, disclosure under false pretenses, and disclosure with intent to sell or use may result in fines and imprisonment. Who Are The LifeWays Privacy Officials? Where Do I Call If I Have Any Questions Regarding HIPAA? Where Do I Report Complaints? Personnel Related Issues Your Employer Data Integrity Issues LifeWays Information Technology Consumer Privacy Issues and Complaints LifeWays Customer Services 7

Please insert the most appropriate answer. LIFEWAYS HIPAA SELF STUDY TRAINING GUIDE HIPPA Training Module Post-Test # Question Answer 1 What is HIPAA? a. A large portly mammal b. Health Insurance Portability & Accountability Act 2 What is/are the objective(s) of HIPAA? a. assure health insurance portability b. protect the privacy of PHI c. simplify the administration of financial & administrative transactions d. A, B & C 3 The describes how the consumer s PHI may be used or disclosed. a. Notice of Privacy Practice b. clinical authorization c. confidentiality statement 4 What is PHI? a. Personal Health Information b. A sorority house in Ann Arbor 5 According to HIPAA is LifeWays a covered entity? a. yes b. no 6 According to HIPAA must a record be maintained of all health information disclosures? a. yes b. no 7 Substance abuse information must be specifically requested and the release of this information is subject to stricter standards including that a subpoena alone is not sufficient and a release requires special rules be followed. a. true b. false 8 Consumers DO NOT have the right to inspect, copy, or amend PHI. a. true b. false 9 HIPAA is a Federal Statute that establishes national standards for claims billing. a. true b. false 10 LifeWays DOES NOT have to make a good faith attempt to obtain written acknowledgement from consumers that they have received a copy of the Notice of Privacy Practices consumers. a. true b. false 11. According to HIPAA, PHI includes ONLY information that relates to the present or future mental health conditions, NOT physical health issues or historical information. a. true b. false 12. It is O.K. to discuss a consumer s unusual presenting problem during a luncheon in a small private café with your co-worker as long as no other customers are present. a. yes b. no 13. Below write down 3 things that you can do to protect our consumers privacy. 1. 2. 3. 14. Below write down 4 sources of PHI LifeWays has on-site. 1. 2. 3. 4. 15. Is YOUR PHI also covered by HIPAA? a. yes b. no When you have finished the Post -Test please check your answers with those on the following answer key. How well did you do? If you have questions, please contact LifeWays or your employer. 8

# HIPAA Training Module ANSWER KEY 1 What is HIPAA? a. A large portly mammal b. Health Insurance Portability & Accountability Act B Answer 2 What is/are the objective(s) of HIPAA? a. assure health insurance portability b. protect the privacy of PHI c. simplify the administration of financial & administrative transactions d. A, B & C 3 The describes how the consumer s PHI may be used or disclosed. D A a. Notice of Privacy Practice b. clinical authorization c. confidentiality statement 4 What is PHI? a. Personal Health Information b. A sorority house in Ann Arbor A 5 According to HIPAA is LifeWays a covered entity? a. yes b. no A 6 According to HIPAA must a record be maintained of all health information disclosures? a. yes b. no A 7 Substance abuse information must be specifically requested and the release of this information is subject to stricter standards including that a subpoena alone is not sufficient and a release requires special rules be followed. a. true b. false A 8 Consumers DO NOT have the right to inspect, copy, or amend PHI. a. true b. false B 9 HIPAA is a Federal Statute that establishes national standards for claims billing, too. a. true b. false B 10 LifeWays DOES NOT have to make a good faith attempt to obtain written acknowledgement from consumers that they have received a copy of the Notice of Privacy Practices consumers. a. true b. false 11. According to HIPAA, PHI includes ONLY information that relates to the present or future mental health conditions, NOT physical health issues or historical information. a. true b. false 12. It is O.K. to discuss a consumer s unusual presenting problem during a luncheon in a small private café with your co-worker as long as no other customers are present. a. yes b. no B B B 13. Below write down 3 things that you can do to protect our consumers privacy. Treat all information as if it were about you or your family. Do not discuss confidential consumer information in hallways, restrooms, etc. Do not discuss consumer information with your family, friends, or other consumers not directly involved in the consumer s treatment. Do not leave files, schedules, or computer screens containing consumer information in plain view. Shred PHI before discarding. Access only those systems you are officially authorized to access. Do not share passwords. Access only information you need to do your job. Do not allow others to read over your shoulder. Do not allow visitors or consumers in staff areas, dictating rooms, file storage areas, etc. Do not hold telephone conversations or conduct dictation in areas where confidential information can be heard. Call out only the consumer s name in a waiting room 14. Below write down 4 sources of PHI LifeWays has on-site. Name of consumer, relative, etc.; Geographic information; Zip Code; Date of birth, admission, discharge; Telephone number; Fax number; Email address; Social Security Number; Medical Record number; Health Plan number; Account Plan number; Certificate or License number; Any fullface photo image or comparable image; Vehicle ID / Serial number; Any device ID number; Web Universe Resource Locators (URL); Internet Protocol Address numbers; Any Biometric ID; Any other unique ID or characteristic or code; Anything that may identify a consumer. 15. Is YOUR PHI also covered by HIPAA? a. yes b. no A 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information