This questionnaire is designed for the consumer to test their knowledge of electronic health records.



Similar documents
Protecting Patient Privacy It s Everyone s Responsibility

Electronic Medical Records: Legal and Ethical Implications for Patients

HIPAA TRAINING. A training course for Shiawassee County Community Mental Health Authority Employees

We are required to provide this Notice to you by the Health Insurance Portability and Accountability Act ("HIPAA")

Population Health Management Program Notice of Privacy Practices

Population Health Management Program Notice of Privacy Practices from Piedmont WellStar HealthPlans, Inc.

What Virginia s Free Clinics Need to Know About HIPAA and HITECH

ACKNOWLEDGMENT OF RECEIPT OF NOTICE OF PRIVACY PRACTICES

Population Health Management Program Notice of Privacy Practices from Evolent Health

GONZABA MEDICAL GROUP PATIENT REGISTRATION FORM

HIPAA Compliance Annual Mandatory Education

HIPAA and Mental Health Privacy:

NOTICE OF HEALTH INFORMATION PRIVACY PRACTICES (HIPAA)

NOTICE OF PRIVACY PRACTICES

PROTECTING PATIENT PRIVACY and INFORMATION SECURITY

NOTICE OF PRIVACY PRACTICES

HIPAA PRIVACY AND SECURITY AWARENESS

Notice of Privacy Practices. Human Resources Division Employees Benefits Section

HHS announces sweeping changes to the HIPAA Privacy and Security Rules in the final HIPAA Omnibus Rule

Patti Levin, LICSW, Psy.D. Clinical Psychologist

Chief Privacy Officer Christian Brothers Services 1205 Windham Parkway Romeoville, IL

Notice of Privacy Practices Walter L Cohen High School School-based Health Center. Effective as of August 6, 2004

HIPAA COMPLIANCE PLAN FOR 2013

SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

ELECTRONIC HEALTH RECORDS

HIPAA MANUAL. Most health plans and health care providers that are covered by the new Rule must comply with the new requirements by April 14, 2003.

NOTICE OF PRIVACY PRACTICES

HIPAA Happenings in Hospital Systems. Donna J Brock, RHIT System HIM Audit & Privacy Coordinator

Health Insurance Portability and Accountability Act (HIPAA)

NOTICE OF PRIVACY PRACTICE

HIPAA COMPLIANCE AND DATA PROTECTION Page 1

HIPAA Privacy Overview

Health Information Privacy Refresher Training. March 2013

Notice of Privacy Practices

The Basics of HIPAA Privacy and Security and HITECH

NOTICE OF PRIVACY PRACTICES

Notice of Privacy Practices

Annual Compliance Training. HITECH/HIPAA Refresher

VALPARAISO UNIVERSITY NOTICE OF PRIVACY PRACTICES. Health, Dental and Vision Benefits Health Care Reimbursement Account

HIPAA Security. 2 Security Standards: Administrative Safeguards. Security Topics

HIPAA Notice of Privacy Practices

The Family Counseling Center of Fulton County NOTICE OF PRIVACY PRACTICES

HEALTH INSURANCE PORTABILITY & ACCOUNTABILITY ACT OF 1996 HIPAA

OUR LADY OF THE LAKE, HOSPITAL INC. AND OUR LADY OF THE LAKE PHYSICIAN GROUP, LLC NOTICE OF PRIVACY PRACTICES

HIPAA Orientation. Health Insurance Portability and Accountability Act

Health Care Information Privacy The HIPAA Regulations What Has Changed and What You Need to Know

Privacy Notice Document (HIPAA)

BUSINESS ASSOCIATE AGREEMENT ( BAA )

Metropolitan Living, LLC 151 W. Burnsville Parkway, Suite 101 Burnsville, MN Ph: (952) Fax: (651)

Understanding. Your Medical Record

NOTICE OF PRIVACY PRACTICES

12/19/2014. HIPAA More Important Than You Realize. Administrative Simplification Privacy Rule Security Rule

Notice of Privacy Practices

UNITED CEREBRAL PALSY OF NORTHWEST MISSOURI NOTICE OF PRIVACY PRACTICES EFFECTIVE DATE: OCTOBER 22, 2014

Notice of Health Information Privacy Practices Radiology Associates of Norwood, Inc.

Notice of Privacy Practices

JEWISH FAMILY SERVICE NOTICE OF PRIVACY PRACTICES

HIPAA in an Omnibus World. Presented by

HIPAA Compliance and the Protection of Patient Health Information

Cooper Dental Group Notice of Privacy Practices

HIGHMARK BLUE CROSS BLUE SHIELD DELAWARE NOTICE OF PRIVACY PRACTICES PART I NOTICE OF PRIVACY PRACTICES (HIPAA)

PATIENT RECORDS PRIVACY POLICIES AND PROCEDURES FOR HIPAA COMPLIANCE (4/03)

NOTICE OF PRIVACY PRACTICES effective April 14, 2003

HIPAA PRIVACY POLICIES & PROCEDURES. Department of Behavioral Health and Developmental Services DBHHDS GENERAL AWARENESS TRAINING

Fraud, Waste, and Abuse

DERMATOLOGY ASSOCIATES, LLC 50 Sewall Street Portland, Maine (207) NOTICE OF PRIVACY PRACTICES

How To Write A Community Based Care Coordination Program Agreement

Transcription:

GA e Secure. Private. Accessible. GA Secure. Private. Accessible. Test ehealthinfo Your Knowledge! This questionnaire is designed for the consumer to test their knowledge of electronic health records. I. Please indicate your response to each of the following items by circling T (True) or F (False): 1. I know what the term electronic health record means. T F 2. I understand the benefits of electronic health records. T F 3. I know what the term security means as it applies to electronic health records. T F 4. I know what the term privacy means as it applies to electronic health records. T F 5. There is no difference between the terms security and privacy as they apply to electronic health records. T F 6. If there were no privacy standards, we would not need security standards. T F 7. I know how much access my health insurance company has to my electronic health record. T F 8. I can prevent access to my electronic health record. T F 9. I know what is meant by need to know access. T F 10. Records containing substance abuse and mental health information are handled with greater security measures. T F 11. I can get copies of my electronic health records on a CD or a flash drive. T F 12. Unauthorized access to my electronic health record is punishable by law. T F 13. I have the right to opt-out of having my medical records kept in electronic record format. T F 14. Electronic health records are never invaded by viruses. T F 15. I can get my electronic health record corrected if I find a mistake in it. T F 16. If my doctor s electricity goes out or the computer goes down, he/she still has access to my records. T F 17. I know who currently has access to my electronic health records. T F 18. I can access my electronic health record from my home computer. T F 19. The government has access to my electronic health records. T F 20. All doctors and hospitals use the same type of electronic health record system. T F 21. My records will eventually be used to determine my insurance rates. T F 22. I know where to get detailed information about my health privacy rights. T F 23. I know how to file a complaint about a privacy violation. T F

II. Select appropriate answer by circling the corresponding letter. 1. The HIPAA Privacy regulations provide the consumer with the right to: a. Take their record wherever they want b. View a parent s record c. Edit their own record d. Request a copy of their sibling s record 2. Examples of security safeguards include: a. Passwords b. Badges c. User names d. All of the above Answer Key I. T (True) or F (False): Answers to some of the items may vary. See the Reference Page at the end of this key for resources used for the answers. 1. Electronic Health Record An electronic record of health-related information on an individual that conforms to nationally recognized interoperability standards and that can be created, managed, and consulted by authorized clinicians and staff across more than one health care organization. 2. Benefits of Electronic Health Records Some of the many benefits include: Electronic health records can follow you to whatever provider you may be seeing. As a result, those providers are able to review files that are complete and up to date. Notes about your care are easier to read when they are input from a keyboard versus written by hand, so errors can be avoided. The use of electronic health records lets you know that you are being cared for by a provider who uses technology for your benefit. 3. Security The means to control access and protect information from disclosure. 4. Privacy The right of a person to control the disclosure of personal information. 5. (F) False See 3 and 4 above 6. (T) True Without implementing security measures, it is nearly impossible to uphold privacy, and without privacy standards, there would be no need for security measures. 7. Insurance companies have no greater access to electronic information than to information stored on paper. Information that identifies you, as well as your diagnosis, procedures, medications, supplies used, and charges are examples of information needed by insurance companies.

8. (F) False Those organizations that are required to abide by the Health Insurance Portability and Accountability Act (HIPAA) are called Covered Entities. The Covered Entity has the responsibility to prevent unauthorized access to your electronic health information. 9. Need to Know Access A minimum necessary standard reflected in the HIPAA regulations. This standard covers entities to evaluate their practices and enhance protections as needed to limit unnecessary or inappropriate access to protected health information. 10. Unlike paper records, systems that maintain electronic health data often give providers the ability to conceal individual data items. Since the features of each electronic system differ, your health care provider will be able to discuss the options available to them. Federal and state laws provide for some additional protection for HIV (R.S. 40:1300.14) and genetic test results (R.S.40:1299.6), psychiatric, and substance abuse records (42 C.F.R) in some cases providers must obtain your authorization to release this information. However, there are circumstances that allow health care providers to release this information without your authorization. You may request that your health care provider restrict access to any of your health information. However, providers are not required to agree to a request for restriction and in some cases are required to release information. 11. You can request a copy of your health information on CD or a flash drive. The provider will make the determination in which media the copy will be produced, normally a paper copy. 12. (T) True HIPAA provides for both civil and criminal penalties. While the penalties are clear-cut, provisions were made for the Secretary of Health and Human Services to have some leeway in determining if there were extenuating circumstances not taken into account under the letter of the law. 13. (F) False The conversion from a paper to [electronic] format is considered a normal function of daily business operations. You always have the right to change from a provider that is using electronic records to one who does not. 14. (F) False The HIPAA standards require covered entities to safeguard protected health information (Medical Records.) These safeguards reduce the risk of viruses and other threats to electronic information. However, just as paper records are vulnerable to disasters, such as fires and floods; electronic records can also be vulnerable to viruses and other forms of attack if the proper safeguards are not in place. All electronic systems, not just electronic health care systems, are vulnerable to threats such as: systems can be taken down or vandalized, information can be stolen, and data can be misused. 15. (T) True You have the right to request a change to information in your medical record. The provider does not have to change the information. If a mistake in your medical record is found, contact the health care provider in writing and request the information be corrected. It is important to provide information to support why the information should be corrected. Your health care provider will review the information submitted and determine if the information should be corrected. Most electronic systems provide features to amend information. Amendments allow for the original incorrect information and the corrected information to be seen. 16. (F) False There is no power unless they have a backup generator. Physicians are able to print out a paper chart, though, so that if that occurred before the power failure, the physician will still have access to your records.

17. (F) False As a patient you have access to your own health information. You may also give others authorization to access it. However, there are circumstances where your permission to access health information is not required. The HIPAA Privacy Rule requires that access to your health information be limited to the minimum amount a person needs to perform their job. 18. It depends. Because the features of each electronic health information system are different, the amount of information available to you will differ with each health care provider. Some providers may be able to offer you individual test results or summaries of your health care data from your home or office computer, while other providers may not be able to provide any electronic access. Speak to your health care provider about the information available to you electronically. 19. (F) False The HIPAA Privacy Rule does not create such a government database or require a physician or any other covered entity to send medical information to the Federal government for a government database or similar operation. 20. (F) False Each health care provider can choose the system that works best for them. Physicians in the same office or multi-hospital system are more likely to use the same system. 21. Providers generate claims for payment based on the care they give you. Those claims are among various factors that drive the cost of health insurance. Insurance companies can request additional information about your care to validate the claims they receive. Their right to access that information is no different whether your health information is kept in paper charts or in an electronic health record system. 22. There are various sources including the following summaries from the United States Department of Health and Human Services: (1) Privacy and Your Health and (2) Your Health Information Privacy Rights. 23. You have several options available to you: (a) File a complaint with the health organization s privacy official, (b) file a complaint directly with the Department of Health and Human Services, Office of Civil Rights, (c) file a complaint with a state government agency, or (d) consult an attorney. II. Multiple Choice (the correct answer is bolded) 1. The HIPAA Privacy regulations provide the consumer with the right to: a. Take their record wherever they want b. View a parent s record c. Edit their own record d. Request a copy of their sibling s record 2. Examples of security safeguards include: a. Passwords b. Badges c. User names d. All of the above

References The following sources were used in compiling the Consumer Engagement Questionnaire items and in developing the answers for those items. 1. Health Information Security and Privacy Collaborative (HISPC) Glossary of Terms 2. Louisiana Health Information Security and Privacy Web site: www.ehrtoday.org 3. AHIMA Quiz and Article The Link between Privacy and Security by Jill Burrington-Brown, April 2008 4. University of Miami Miller School of Medicine Web site: http://privacy.med.miami.edu

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information