logging in or signing up HIPPA revised tlc321 Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 57 Category: Education License: All Rights Reserved Like it (0) Dislike it (0) Added: January 05, 2011 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript HIPAA: Privacy/Info Security : HIPAA: Privacy/Info Security Jeff Jones HIPAA Privacy Officer HIPAA Information Security Officer KY RegionWhat you should know…: Protected Health Information(PHI) Disclosure & Use Authorization Form Minimum Necessary Patient Notice Privacy Officer Security Awareness Security Training Information Security Officer Security Mistakes Penalties What you should know… Discussion TopicsWhat Does HIPAA Do?: What Does HIPAA Do? Imposes new restrictions on the use and disclosure of PHI Gives patients greater access to their medical records Gives patients greater protection of their medical recordsWhat is PHI?: What is PHI? Protected Health Information: Individually Identifiable Health Information (IIHI) relating to the past, present or future health condition of the individual and is transmitted or maintained in any form (electronically, orally or on paper). Examples: Name, address, dates of service, date of birth, social security number, etc.What is Disclosure & Use?: What is Disclosure & Use? Use : Shared, examined, applied or analyzed within an entity that holds the information. Disclosure : Released, transferred, or made accessible to anyone outside the entity holding the information.When can PHI be Used/Disclosed?: When can PHI be Used/Disclosed? PHI can be use or disclosed for: T reatment, P ayment, Healthcare O perations With authorization from the individual Disclosure to the patient Incidental usesWhen is Authorization Required?: When is Authorization Required? Generally speaking, for uses other than: T reatment P ayment Hospital O perationsWhat is an Authorization Form?: What is an Authorization Form? An authorization is a written document, signed by the patient, that specifically allows the covered entity to disclose PHI with patient’s permission.When is Authorization Not Required?: When is Authorization Not Required? To maintain a patient directory To inform family members of patient location, general condition, or death Public health activities Coroners, medical examiners, funeral directors, organ donations To avert a serious threat to health and safetyWhat is “Minimum Necessary”?: What is “Minimum Necessary”? Make sure the least amount of health information is shared to accomplish the task Identify those who regularly access PHI and the types of PHI necessary for proper TPO of the patientWhat is the Notice of Privacy Practices?: What is the Notice of Privacy Practices ? The Patient Notice is a required document that outlines the common uses of PHI. Must contain patient’s rights and the covered entity’s legal duties Must be made available in print Must be displayed at the site of service and posted on a web siteSecurity Awareness What is it?: Security Awareness What is it? Recognizing what types of security issues may arise in the workplace, and Knowing what actions to take in the event of a security breach.Security Awareness/Training: Security Awareness/Training The HIPAA Security Rule requires that everyone in the workforce is trained Members of the workforce include volunteers!!!What’s a person to do?: What’s a person to do? Always Report Anything Unusual Notify your supervisor if you suspect a security incident Never share your user ID or password with anyoneTop 10 Workplace Security Mistakes: Top 10 Workplace Security MistakesTop 10 Workplace Security Mistakes: Top 10 Workplace Security Mistakes 1. Hidden under the keyboard – Keeping a computer password on a yellow post-it noteTop 10 Workplace Security Mistakes: Top 10 Workplace Security Mistakes 1. Hidden under the keyboard – Keeping a computer password on a yellow post-it note 2. I’ll do it my way – Not listening to or following security proceduresTop 10 Workplace Security Mistakes: Top 10 Workplace Security Mistakes 1. Hidden under the keyboard – Keeping a computer password on a yellow post-it note 2. I’ll do it my way – Not listening to or following security procedures 3. On, gone, not locked – Walking away from the computer, leaving it unlocked or not turned offTop 10 Workplace Security Mistakes: Top 10 Workplace Security Mistakes 1. Hidden under the keyboard – Keeping a computer password on a yellow post-it note 2. I’ll do it my way – Not listening to or following security procedures 3. On, gone, not locked – Walking away from the computer, leaving it unlocked or not turned off 4. Gee, what’s in this attachment – Unknown email attachments can cripple by carrying virusesTop 10 Workplace Security Mistakes: Top 10 Workplace Security Mistakes 1. Hidden under the keyboard – Keeping a computer password on a yellow post-it note 2. I’ll do it my way – Not listening to or following security procedures 3. On, gone, not locked – Walking away from the computer, leaving it unlocked or not turned off 4. Gee, what’s in this attachment – Unknown email attachments can cripple by carrying viruses 5. Weak passwords – Passwords based on information easily accessible to othersTop 10 Workplace Security Mistakes: Top 10 Workplace Security Mistakes 6. Loose lips – Talking in public about things you shouldn’tTop 10 Workplace Security Mistakes: Top 10 Workplace Security Mistakes 6. Loose lips – Talking in public about things you shouldn’t 7. Laptops with legs – Laptops left unsecured and unattended are vulnerable to theftTop 10 Workplace Security Mistakes: Top 10 Workplace Security Mistakes 6. Loose lips – Talking in public about things you shouldn’t 7. Laptops with legs – Laptops left unsecured and unattended are vulnerable to theft 8. Law enforcement – Managers and supervisors need to ensure ongoing complianceTop 10 Workplace Security Mistakes: Top 10 Workplace Security Mistakes 6. Loose lips – Talking in public about things you shouldn’t 7. Laptops with legs – Laptops left unsecured and unattended are vulnerable to theft 8. Law enforcement – Managers and supervisors need to ensure ongoing compliance 9. The threat within – Statistically, most security breaches originate inside the organizationTop 10 Workplace Security Mistakes: Top 10 Workplace Security Mistakes 6. Loose lips – Talking in public about things you shouldn’t 7. Laptops with legs – Laptops left unsecured and unattended are vulnerable to theft 8. Law enforcement – Managers and supervisors need to ensure ongoing compliance 9. The threat within – Statistically, most security breaches originate inside the organization 10. Update now – Security updates don’t do any good unless they are loaded on your computerHow do we comply?: How do we comply? HIPAA requires that we assign a “Privacy Officer” and “Information Security Officer” This person will be responsible for overseeing all privacy policies and procedures. This person will be the contact person for receiving complaints Institute a training program for VolunteersWhat if we don’t comply?: What if we don’t comply? Civil penalties from $100 to $25,000 Criminal penalties up to $250,000 and 10 years in prisonSummary: Remember: It’s all about protecting patient’s right to privacy and security Put yourself in the patient’s place Summary You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
HIPPA revised tlc321 Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 57 Category: Education License: All Rights Reserved Like it (0) Dislike it (0) Added: January 05, 2011 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript HIPAA: Privacy/Info Security : HIPAA: Privacy/Info Security Jeff Jones HIPAA Privacy Officer HIPAA Information Security Officer KY RegionWhat you should know…: Protected Health Information(PHI) Disclosure & Use Authorization Form Minimum Necessary Patient Notice Privacy Officer Security Awareness Security Training Information Security Officer Security Mistakes Penalties What you should know… Discussion TopicsWhat Does HIPAA Do?: What Does HIPAA Do? Imposes new restrictions on the use and disclosure of PHI Gives patients greater access to their medical records Gives patients greater protection of their medical recordsWhat is PHI?: What is PHI? Protected Health Information: Individually Identifiable Health Information (IIHI) relating to the past, present or future health condition of the individual and is transmitted or maintained in any form (electronically, orally or on paper). Examples: Name, address, dates of service, date of birth, social security number, etc.What is Disclosure & Use?: What is Disclosure & Use? Use : Shared, examined, applied or analyzed within an entity that holds the information. Disclosure : Released, transferred, or made accessible to anyone outside the entity holding the information.When can PHI be Used/Disclosed?: When can PHI be Used/Disclosed? PHI can be use or disclosed for: T reatment, P ayment, Healthcare O perations With authorization from the individual Disclosure to the patient Incidental usesWhen is Authorization Required?: When is Authorization Required? Generally speaking, for uses other than: T reatment P ayment Hospital O perationsWhat is an Authorization Form?: What is an Authorization Form? An authorization is a written document, signed by the patient, that specifically allows the covered entity to disclose PHI with patient’s permission.When is Authorization Not Required?: When is Authorization Not Required? To maintain a patient directory To inform family members of patient location, general condition, or death Public health activities Coroners, medical examiners, funeral directors, organ donations To avert a serious threat to health and safetyWhat is “Minimum Necessary”?: What is “Minimum Necessary”? Make sure the least amount of health information is shared to accomplish the task Identify those who regularly access PHI and the types of PHI necessary for proper TPO of the patientWhat is the Notice of Privacy Practices?: What is the Notice of Privacy Practices ? The Patient Notice is a required document that outlines the common uses of PHI. Must contain patient’s rights and the covered entity’s legal duties Must be made available in print Must be displayed at the site of service and posted on a web siteSecurity Awareness What is it?: Security Awareness What is it? Recognizing what types of security issues may arise in the workplace, and Knowing what actions to take in the event of a security breach.Security Awareness/Training: Security Awareness/Training The HIPAA Security Rule requires that everyone in the workforce is trained Members of the workforce include volunteers!!!What’s a person to do?: What’s a person to do? Always Report Anything Unusual Notify your supervisor if you suspect a security incident Never share your user ID or password with anyoneTop 10 Workplace Security Mistakes: Top 10 Workplace Security MistakesTop 10 Workplace Security Mistakes: Top 10 Workplace Security Mistakes 1. Hidden under the keyboard – Keeping a computer password on a yellow post-it noteTop 10 Workplace Security Mistakes: Top 10 Workplace Security Mistakes 1. Hidden under the keyboard – Keeping a computer password on a yellow post-it note 2. I’ll do it my way – Not listening to or following security proceduresTop 10 Workplace Security Mistakes: Top 10 Workplace Security Mistakes 1. Hidden under the keyboard – Keeping a computer password on a yellow post-it note 2. I’ll do it my way – Not listening to or following security procedures 3. On, gone, not locked – Walking away from the computer, leaving it unlocked or not turned offTop 10 Workplace Security Mistakes: Top 10 Workplace Security Mistakes 1. Hidden under the keyboard – Keeping a computer password on a yellow post-it note 2. I’ll do it my way – Not listening to or following security procedures 3. On, gone, not locked – Walking away from the computer, leaving it unlocked or not turned off 4. Gee, what’s in this attachment – Unknown email attachments can cripple by carrying virusesTop 10 Workplace Security Mistakes: Top 10 Workplace Security Mistakes 1. Hidden under the keyboard – Keeping a computer password on a yellow post-it note 2. I’ll do it my way – Not listening to or following security procedures 3. On, gone, not locked – Walking away from the computer, leaving it unlocked or not turned off 4. Gee, what’s in this attachment – Unknown email attachments can cripple by carrying viruses 5. Weak passwords – Passwords based on information easily accessible to othersTop 10 Workplace Security Mistakes: Top 10 Workplace Security Mistakes 6. Loose lips – Talking in public about things you shouldn’tTop 10 Workplace Security Mistakes: Top 10 Workplace Security Mistakes 6. Loose lips – Talking in public about things you shouldn’t 7. Laptops with legs – Laptops left unsecured and unattended are vulnerable to theftTop 10 Workplace Security Mistakes: Top 10 Workplace Security Mistakes 6. Loose lips – Talking in public about things you shouldn’t 7. Laptops with legs – Laptops left unsecured and unattended are vulnerable to theft 8. Law enforcement – Managers and supervisors need to ensure ongoing complianceTop 10 Workplace Security Mistakes: Top 10 Workplace Security Mistakes 6. Loose lips – Talking in public about things you shouldn’t 7. Laptops with legs – Laptops left unsecured and unattended are vulnerable to theft 8. Law enforcement – Managers and supervisors need to ensure ongoing compliance 9. The threat within – Statistically, most security breaches originate inside the organizationTop 10 Workplace Security Mistakes: Top 10 Workplace Security Mistakes 6. Loose lips – Talking in public about things you shouldn’t 7. Laptops with legs – Laptops left unsecured and unattended are vulnerable to theft 8. Law enforcement – Managers and supervisors need to ensure ongoing compliance 9. The threat within – Statistically, most security breaches originate inside the organization 10. Update now – Security updates don’t do any good unless they are loaded on your computerHow do we comply?: How do we comply? HIPAA requires that we assign a “Privacy Officer” and “Information Security Officer” This person will be responsible for overseeing all privacy policies and procedures. This person will be the contact person for receiving complaints Institute a training program for VolunteersWhat if we don’t comply?: What if we don’t comply? Civil penalties from $100 to $25,000 Criminal penalties up to $250,000 and 10 years in prisonSummary: Remember: It’s all about protecting patient’s right to privacy and security Put yourself in the patient’s place Summary