SlideShare a Scribd company logo

HIPAA Law Explained

Download as PPTX, PDF
S
Sachiko Hurst

HIPAA Part I the Law Test

EducationTechnologyBusiness
1 of 20
HIPAA THE LAW
What is HIPAA? HIPAA is the acronym for the Health Insurance Portability and Accountability Act of 1996. HIPAA is a federal law that requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health plans, and employers. It also addresses the security and privacy of health information.
What was Title I of HIPAA designed to protect? HIPAA Health Insurance Reform Title I of HIPAA was designed to protect health insurance coverage for workers (with pre-existing conditions) and their families when they change or lose their jobs.
What does Title II of HIPAA provide? HIPAA Administrative Simplification Title II of HIPAA provides for standards when sending electronic claims. This reduces the administrative burden on hospitals and physicians by not having to keep up with different requirements and standards for different insurance companies. As we move more toward sharing patient billing information electronically, we need to be sure that procedures are in place to ensure the security of systems and protect patient privacy.
What is HITECH? HITECH definition: The Health Information Technology for Economic and Clinical Health (HITECH) Act, enacted as part of the American Recovery and Reinvestment act of 2009, was signed into law on February 17, 2009, to promote the adoption and meaningful use of health information technology. Subtitle D of the HITECH act addresses the privacy and security concerns associated with the electronic transmission of health information, in part, through several provisions that strengthen the civil
HITECH – “Enhanced” Privacy and Security Before HITECH: 1. From $100 per incident up to $25,000/yr 2. And “Complaint Driven”
HITECH – “Enhanced” Privacy and Security After HITECH: 1. For “Willful Neglect”, from $50,000 per incident up to $1.5 million/yr and criminal penalties 2. And enforcement through state Attorneys General 3. And HHS hired “Big Five” CPA firms for compliance audits
Big Challenges from HITECH •HIPAA extended to business associates. •Accounting for disclosures required. •Notifications of data breaches of unprotected PHI required.
New in HITECH “Unprotected PHI” Breach of “Unprotected PHI” requires notification of Secretary of HHS and others HHS has determined that protection for PHI is provided by: •Secure destruction or •Encryption (HITECH defined encryption for the first time) •Provides “safe harbor” •Must be certified by NIST
Data Breach Notification Requires a “Risk Analysis” to determine if a disclosure is an actionable breach. •Criteria include an estimate of damage in financial and reputational dimensions. •Consider persistence of disclosure •Safe harbor for ePHI provided by encryption and/or secure destruction. All data breaches reported to Secretary, U.S. Dept. of Health and Human Services.
Aspects of HIPAA Privacy Standards • Finalized August 2002 • Enforcement April 14, 2003 Security Standards • Finalized February 20, 2003 • Enforcement April 21, 2005 Transactions and Code Set Standards • Enforcement October 16, 2003 HITECH • Enforcement February 10, 2010 for Business Associates, Penalties and Audit (other regulations pending)
Patient Rights • Receive a privacy notice The privacy notice describes how medical information about you may be used and disclosed and how you can get access to this information. • Access protected health information Patients have the right to access their PHI contained in their medical and billing records. They can review it and obtain a copy of it but not the original record. • Request an amendment to their health information Patients have a right to request an amendment to their medical record. As a provider we do not have to amend the record. We must have a process in place to accept the amendment request, accept or deny the amendment request and communicate with the patient about the amendment request.
More patient rights… • Receive an accounting for disclosure and access report Patients have the right to receive a list of anyone who has obtained access to their medical record and billing information with certain exclusions. As a provider, we are required to maintain a written log that documents where information is disclosed on each patient. The most common example of disclosed information is data reported to the Health Department. • Request we contact them by alternative means Patients have the right to ask that we do not leave messages on their answering machine or that we do not call them at their work number. • File a complaint Patients have the right to file a complaint with the UT Health Science Center and with the Secretary of DHHS. We are required to have a complaint process in place. The same process that is used for the Medicare compliance complaints will be used for HIPAA complaints. To file a complaint, use the complaint form
What are the penalties under HIPAA? There are severe civil and criminal penalties for noncompliance that range from fines to prison sentences. It should be noted that HIPAA is the only federal regulation that carries with it personal liability to individuals who violate the Act.
Under the HIPAA Security Rule, UTHSC must: Ensure the confidentiality, integrity, and availability of all electronic protected health information that UTHSC creates, receives, maintains, or transmits. 2) Protect against any reasonably anticipated threats or hazards to the security or integrity of such information. 3) Protect against any reasonably anticipated uses or disclosures of such information that are not permitted or required under the Privacy rule. 4) Ensure compliance with HIPAA by its workforce. 1)
How do I report a Security Privacy Violation?
How can I contact the HIPAA Privacy Officer or Security Officer?
Will anything happen to a person who files a complaint? There will be no retaliation for filing a complaint. It is against the law to cause problems for anyone who does file a complaint. Reported items will be investigated, and appropriate action will be taken. There will be no repercussions taken against an employee who reports an issue. You are encouraged to share information you believe is relevant for federal regulation compliance. You are not required to identify yourself. Confidentiality regarding the issues you raise will be provided.
Is there anonymity provided for complainants? Your concern might not be addressed unless you provide sufficient information about the facts of the situation. Telephone calls are not recorded, and no effort is made to determine the number or location from which you call. Please provide as much information as possible. When possible, please provide names of individuals who should be contacted during our investigation. If you would like information of the progress of the investigation, you will need to provide your name and telephone number.

Recommended

Hipaa basics
Hipaa basicsHipaa basics
Hipaa basicsmlireton
 
HIPAA | HITECH
HIPAA | HITECHHIPAA | HITECH
HIPAA | HITECHrcabarloc
 
The real reason why physicians must comply with HIPAA. What the government do...
The real reason why physicians must comply with HIPAA. What the government do...The real reason why physicians must comply with HIPAA. What the government do...
The real reason why physicians must comply with HIPAA. What the government do...CureMD
 
Do You Know How to Handle a HIPAA Breach?
Do You Know How to Handle a HIPAA Breach?Do You Know How to Handle a HIPAA Breach?
Do You Know How to Handle a HIPAA Breach?Compliancy Group
 
HIPAA HITECH training 7-9-12
HIPAA HITECH training 7-9-12HIPAA HITECH training 7-9-12
HIPAA HITECH training 7-9-12O2 TESTING SERVICES
 
Hipaa journal com - HIPAA compliance guide
Hipaa journal com - HIPAA compliance guideHipaa journal com - HIPAA compliance guide
Hipaa journal com - HIPAA compliance guideFelipe Prado
 
Health Insurance Portability and Accountability Act (HIPPA) - Kloudlearn
Health Insurance Portability and Accountability Act (HIPPA) - KloudlearnHealth Insurance Portability and Accountability Act (HIPPA) - Kloudlearn
Health Insurance Portability and Accountability Act (HIPPA) - KloudlearnKloudLearn
 
The Basics of HIPAA
The Basics of HIPAA The Basics of HIPAA
The Basics of HIPAA DamianKnowles1
 

Recommended

Hipaa basics
Hipaa basicsHipaa basics
Hipaa basicsmlireton
 
HIPAA | HITECH
HIPAA | HITECHHIPAA | HITECH
HIPAA | HITECHrcabarloc
 
The real reason why physicians must comply with HIPAA. What the government do...
The real reason why physicians must comply with HIPAA. What the government do...The real reason why physicians must comply with HIPAA. What the government do...
The real reason why physicians must comply with HIPAA. What the government do...CureMD
 
Do You Know How to Handle a HIPAA Breach?
Do You Know How to Handle a HIPAA Breach?Do You Know How to Handle a HIPAA Breach?
Do You Know How to Handle a HIPAA Breach?Compliancy Group
 
HIPAA HITECH training 7-9-12
HIPAA HITECH training 7-9-12HIPAA HITECH training 7-9-12
HIPAA HITECH training 7-9-12O2 TESTING SERVICES
 
Hipaa journal com - HIPAA compliance guide
Hipaa journal com - HIPAA compliance guideHipaa journal com - HIPAA compliance guide
Hipaa journal com - HIPAA compliance guideFelipe Prado
 
Health Insurance Portability and Accountability Act (HIPPA) - Kloudlearn
Health Insurance Portability and Accountability Act (HIPPA) - KloudlearnHealth Insurance Portability and Accountability Act (HIPPA) - Kloudlearn
Health Insurance Portability and Accountability Act (HIPPA) - KloudlearnKloudLearn
 
The Basics of HIPAA
The Basics of HIPAA The Basics of HIPAA
The Basics of HIPAA DamianKnowles1
 
HIPAA Compliance
HIPAA ComplianceHIPAA Compliance
HIPAA ComplianceManny Oliverez
 
Prevent training
Prevent trainingPrevent training
Prevent trainingadt121205
 
HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for DevelopersTrueVault
 
HIPPA Compliance
HIPPA ComplianceHIPPA Compliance
HIPPA Compliancedixibee
 
HIPAA Complaince
HIPAA ComplainceHIPAA Complaince
HIPAA ComplainceFarhatParveen10
 
The Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceThe Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceJim Anfield
 
Hippa training for healthcare employees
Hippa training for healthcare employeesHippa training for healthcare employees
Hippa training for healthcare employeesaminahallen
 
Health insurance portability and act(hipaa)2
Health insurance portability and act(hipaa)2Health insurance portability and act(hipaa)2
Health insurance portability and act(hipaa)29535814851
 
Implications of hipaa non compliance
Implications of hipaa non complianceImplications of hipaa non compliance
Implications of hipaa non complianceAegify Inc.
 
HIPAA
HIPAAHIPAA
HIPAAbelziebub
 
Hipaa
HipaaHipaa
Hipaateammayco
 
Hipaa slideshow
Hipaa slideshowHipaa slideshow
Hipaa slideshowheronimus92
 
Hippa Powerpoint
Hippa PowerpointHippa Powerpoint
Hippa Powerpointkvanrandall
 
Hipaa Goes Hitech
Hipaa Goes HitechHipaa Goes Hitech
Hipaa Goes HitechCandy Matheny
 
Annual HIPAA Training
Annual HIPAA TrainingAnnual HIPAA Training
Annual HIPAA TrainingCynthia Holland
 
UNA HIPAA Training 8-13
UNA HIPAA Training 8-13UNA HIPAA Training 8-13
UNA HIPAA Training 8-13University of North Alabama - Academic Affairs
 
Hipaa basics.pp2
Hipaa basics.pp2Hipaa basics.pp2
Hipaa basics.pp2martykoepke
 
Hipaa 1
Hipaa 1Hipaa 1
Hipaa 1Christopher Clark
 
Hipaa
HipaaHipaa
Hipaabelziebub
 
Hipaa
HipaaHipaa
Hipaabxdesiree
 
HIPAA Compliance For Small Practices
HIPAA Compliance For Small PracticesHIPAA Compliance For Small Practices
HIPAA Compliance For Small PracticesNisos Health
 
Knowing confidentiality
Knowing confidentialityKnowing confidentiality
Knowing confidentialityjessie66
 

More Related Content

What's hot

Prevent training
Prevent trainingPrevent training
Prevent trainingadt121205
 
HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for DevelopersTrueVault
 
HIPPA Compliance
HIPPA ComplianceHIPPA Compliance
HIPPA Compliancedixibee
 
The Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceThe Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceJim Anfield
 
Hippa training for healthcare employees
Hippa training for healthcare employeesHippa training for healthcare employees
Hippa training for healthcare employeesaminahallen
 
Health insurance portability and act(hipaa)2
Health insurance portability and act(hipaa)2Health insurance portability and act(hipaa)2
Health insurance portability and act(hipaa)29535814851
 
Implications of hipaa non compliance
Implications of hipaa non complianceImplications of hipaa non compliance
Implications of hipaa non complianceAegify Inc.
 
Hippa Powerpoint
Hippa PowerpointHippa Powerpoint
Hippa Powerpointkvanrandall
 
Hipaa basics.pp2
Hipaa basics.pp2Hipaa basics.pp2
Hipaa basics.pp2martykoepke
 

What's hot (20)

HIPAA Compliance
HIPAA ComplianceHIPAA Compliance
HIPAA Compliance
 
Prevent training
Prevent trainingPrevent training
Prevent training
 
HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for Developers
 
HIPPA Compliance
HIPPA ComplianceHIPPA Compliance
HIPPA Compliance
 
HIPAA Complaince
HIPAA ComplainceHIPAA Complaince
HIPAA Complaince
 
The Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceThe Startup Path to HIPAA Compliance
The Startup Path to HIPAA Compliance
 
Hippa training for healthcare employees
Hippa training for healthcare employeesHippa training for healthcare employees
Hippa training for healthcare employees
 
Health insurance portability and act(hipaa)2
Health insurance portability and act(hipaa)2Health insurance portability and act(hipaa)2
Health insurance portability and act(hipaa)2
 
Implications of hipaa non compliance
Implications of hipaa non complianceImplications of hipaa non compliance
Implications of hipaa non compliance
 
HIPAA
HIPAAHIPAA
HIPAA
 
Hipaa
HipaaHipaa
Hipaa
 
Hipaa slideshow
Hipaa slideshowHipaa slideshow
Hipaa slideshow
 
Hippa Powerpoint
Hippa PowerpointHippa Powerpoint
Hippa Powerpoint
 
Hipaa Goes Hitech
Hipaa Goes HitechHipaa Goes Hitech
Hipaa Goes Hitech
 
Annual HIPAA Training
Annual HIPAA TrainingAnnual HIPAA Training
Annual HIPAA Training
 
UNA HIPAA Training 8-13
UNA HIPAA Training 8-13UNA HIPAA Training 8-13
UNA HIPAA Training 8-13
 
Hipaa basics.pp2
Hipaa basics.pp2Hipaa basics.pp2
Hipaa basics.pp2
 
Hipaa 1
Hipaa 1Hipaa 1
Hipaa 1
 
Hipaa
HipaaHipaa
Hipaa
 
Hipaa
HipaaHipaa
Hipaa
 

Similar to HIPAA Law Explained

HIPAA Compliance For Small Practices
HIPAA Compliance For Small PracticesHIPAA Compliance For Small Practices
HIPAA Compliance For Small PracticesNisos Health
 
Knowing confidentiality
Knowing confidentialityKnowing confidentiality
Knowing confidentialityjessie66
 
Health Insurance and Portability and Accountability Act
Health Insurance and Portability and Accountability ActHealth Insurance and Portability and Accountability Act
Health Insurance and Portability and Accountability Actসারন দাস
 
Hitech changes-to-hipaa
Hitech changes-to-hipaaHitech changes-to-hipaa
Hitech changes-to-hipaageeksikh
 
HIPAA , REGULATORY AFFAIRS , M.PHARM ...
HIPAA , REGULATORY AFFAIRS , M.PHARM ...HIPAA , REGULATORY AFFAIRS , M.PHARM ...
HIPAA , REGULATORY AFFAIRS , M.PHARM ...susmitaghosh93
 
Chapter 10 Privacy and Security of Health RecordsLearnin.docx
Chapter 10 Privacy and Security of Health RecordsLearnin.docxChapter 10 Privacy and Security of Health RecordsLearnin.docx
Chapter 10 Privacy and Security of Health RecordsLearnin.docxcravennichole326
 
HIPAA Panel Discussion
HIPAA Panel Discussion HIPAA Panel Discussion
HIPAA Panel Discussion Dan Wellisch
 
health insurance portability and accountability act.pptx
health insurance portability and accountability act.pptxhealth insurance portability and accountability act.pptx
health insurance portability and accountability act.pptxamartya2087
 
HIPPA---Chantel Artis Spencer
HIPPA---Chantel Artis SpencerHIPPA---Chantel Artis Spencer
HIPPA---Chantel Artis Spencershay1234
 
Confidentiality Issues Arising Under the ADA, FMLA, HIPAA
Confidentiality Issues Arising Under the ADA, FMLA, HIPAAConfidentiality Issues Arising Under the ADA, FMLA, HIPAA
Confidentiality Issues Arising Under the ADA, FMLA, HIPAAParsons Behle & Latimer
 
Health Insurance Portability & Accountability Act (HIPAA).pptx
Health Insurance Portability & Accountability Act (HIPAA).pptxHealth Insurance Portability & Accountability Act (HIPAA).pptx
Health Insurance Portability & Accountability Act (HIPAA).pptxHariomjaiswal14
 
Mha 690 ppt hipaa for healthcare professionals
Mha 690 ppt hipaa for healthcare professionalsMha 690 ppt hipaa for healthcare professionals
Mha 690 ppt hipaa for healthcare professionalslee5lee
 
Privacy-Security-Training-Session-Template-4.6.21.pptx
Privacy-Security-Training-Session-Template-4.6.21.pptxPrivacy-Security-Training-Session-Template-4.6.21.pptx
Privacy-Security-Training-Session-Template-4.6.21.pptxMohammadBashir26
 
Presentation hippa
Presentation hippaPresentation hippa
Presentation hippamaggie_Platt
 
HIPAA INSERVICE 2017
HIPAA INSERVICE 2017 HIPAA INSERVICE 2017
HIPAA INSERVICE 2017 Meg Oser
 

Similar to HIPAA Law Explained (20)

HIPAA Compliance For Small Practices
HIPAA Compliance For Small PracticesHIPAA Compliance For Small Practices
HIPAA Compliance For Small Practices
 
Knowing confidentiality
Knowing confidentialityKnowing confidentiality
Knowing confidentiality
 
Health Insurance and Portability and Accountability Act
Health Insurance and Portability and Accountability ActHealth Insurance and Portability and Accountability Act
Health Insurance and Portability and Accountability Act
 
Hitech changes-to-hipaa
Hitech changes-to-hipaaHitech changes-to-hipaa
Hitech changes-to-hipaa
 
Hipaa for business associates simple
Hipaa for business associates simpleHipaa for business associates simple
Hipaa for business associates simple
 
Hippa training v2
Hippa training v2Hippa training v2
Hippa training v2
 
HIPAA , REGULATORY AFFAIRS , M.PHARM ...
HIPAA , REGULATORY AFFAIRS , M.PHARM ...HIPAA , REGULATORY AFFAIRS , M.PHARM ...
HIPAA , REGULATORY AFFAIRS , M.PHARM ...
 
Hipaa inservice
Hipaa inserviceHipaa inservice
Hipaa inservice
 
Chapter 10 Privacy and Security of Health RecordsLearnin.docx
Chapter 10 Privacy and Security of Health RecordsLearnin.docxChapter 10 Privacy and Security of Health RecordsLearnin.docx
Chapter 10 Privacy and Security of Health RecordsLearnin.docx
 
HIPAA Panel Discussion
HIPAA Panel Discussion HIPAA Panel Discussion
HIPAA Panel Discussion
 
health insurance portability and accountability act.pptx
health insurance portability and accountability act.pptxhealth insurance portability and accountability act.pptx
health insurance portability and accountability act.pptx
 
HIPPA---Chantel Artis Spencer
HIPPA---Chantel Artis SpencerHIPPA---Chantel Artis Spencer
HIPPA---Chantel Artis Spencer
 
Confidentiality Issues Arising Under the ADA, FMLA, HIPAA
Confidentiality Issues Arising Under the ADA, FMLA, HIPAAConfidentiality Issues Arising Under the ADA, FMLA, HIPAA
Confidentiality Issues Arising Under the ADA, FMLA, HIPAA
 
HITECH-Changes-to-HIPAA
HITECH-Changes-to-HIPAAHITECH-Changes-to-HIPAA
HITECH-Changes-to-HIPAA
 
Health Insurance Portability & Accountability Act (HIPAA).pptx
Health Insurance Portability & Accountability Act (HIPAA).pptxHealth Insurance Portability & Accountability Act (HIPAA).pptx
Health Insurance Portability & Accountability Act (HIPAA).pptx
 
HIPAA
HIPAAHIPAA
HIPAA
 
Mha 690 ppt hipaa for healthcare professionals
Mha 690 ppt hipaa for healthcare professionalsMha 690 ppt hipaa for healthcare professionals
Mha 690 ppt hipaa for healthcare professionals
 
Privacy-Security-Training-Session-Template-4.6.21.pptx
Privacy-Security-Training-Session-Template-4.6.21.pptxPrivacy-Security-Training-Session-Template-4.6.21.pptx
Privacy-Security-Training-Session-Template-4.6.21.pptx
 
Presentation hippa
Presentation hippaPresentation hippa
Presentation hippa
 
HIPAA INSERVICE 2017
HIPAA INSERVICE 2017 HIPAA INSERVICE 2017
HIPAA INSERVICE 2017
 

Recently uploaded

Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceSamikshaHamane
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Celine George
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designMIPLM
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONHumphrey A Beña
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxMaryGraceBautista27
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptxmary850239
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17Celine George
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)lakshayb543
 
Grade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptxGrade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptxChelloAnnAsuncion2
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersSabitha Banu
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxAnupkumar Sharma
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfSpandanaRallapalli
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomnelietumpap1
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4MiaBumagat1
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parentsnavabharathschool99
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 

Recently uploaded (20)

Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in Pharmacovigilance
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
 
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptxFINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-design
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptx
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
 
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptxYOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
 
Grade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptxGrade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptx
 
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptxYOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdf
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choom
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parents
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 

HIPAA Law Explained

  • 2.
  • 3. What is HIPAA? HIPAA is the acronym for the Health Insurance Portability and Accountability Act of 1996. HIPAA is a federal law that requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health plans, and employers. It also addresses the security and privacy of health information.
  • 4. What was Title I of HIPAA designed to protect? HIPAA Health Insurance Reform Title I of HIPAA was designed to protect health insurance coverage for workers (with pre-existing conditions) and their families when they change or lose their jobs.
  • 5. What does Title II of HIPAA provide? HIPAA Administrative Simplification Title II of HIPAA provides for standards when sending electronic claims. This reduces the administrative burden on hospitals and physicians by not having to keep up with different requirements and standards for different insurance companies. As we move more toward sharing patient billing information electronically, we need to be sure that procedures are in place to ensure the security of systems and protect patient privacy.
  • 6. What is HITECH? HITECH definition: The Health Information Technology for Economic and Clinical Health (HITECH) Act, enacted as part of the American Recovery and Reinvestment act of 2009, was signed into law on February 17, 2009, to promote the adoption and meaningful use of health information technology. Subtitle D of the HITECH act addresses the privacy and security concerns associated with the electronic transmission of health information, in part, through several provisions that strengthen the civil
  • 7. HITECH – “Enhanced” Privacy and Security Before HITECH: 1. From $100 per incident up to $25,000/yr 2. And “Complaint Driven”
  • 8. HITECH – “Enhanced” Privacy and Security After HITECH: 1. For “Willful Neglect”, from $50,000 per incident up to $1.5 million/yr and criminal penalties 2. And enforcement through state Attorneys General 3. And HHS hired “Big Five” CPA firms for compliance audits
  • 9. Big Challenges from HITECH •HIPAA extended to business associates. •Accounting for disclosures required. •Notifications of data breaches of unprotected PHI required.
  • 10. New in HITECH “Unprotected PHI” Breach of “Unprotected PHI” requires notification of Secretary of HHS and others HHS has determined that protection for PHI is provided by: •Secure destruction or •Encryption (HITECH defined encryption for the first time) •Provides “safe harbor” •Must be certified by NIST
  • 11. Data Breach Notification Requires a “Risk Analysis” to determine if a disclosure is an actionable breach. •Criteria include an estimate of damage in financial and reputational dimensions. •Consider persistence of disclosure •Safe harbor for ePHI provided by encryption and/or secure destruction. All data breaches reported to Secretary, U.S. Dept. of Health and Human Services.
  • 12. Aspects of HIPAA Privacy Standards • Finalized August 2002 • Enforcement April 14, 2003 Security Standards • Finalized February 20, 2003 • Enforcement April 21, 2005 Transactions and Code Set Standards • Enforcement October 16, 2003 HITECH • Enforcement February 10, 2010 for Business Associates, Penalties and Audit (other regulations pending)
  • 13. Patient Rights • Receive a privacy notice The privacy notice describes how medical information about you may be used and disclosed and how you can get access to this information. • Access protected health information Patients have the right to access their PHI contained in their medical and billing records. They can review it and obtain a copy of it but not the original record. • Request an amendment to their health information Patients have a right to request an amendment to their medical record. As a provider we do not have to amend the record. We must have a process in place to accept the amendment request, accept or deny the amendment request and communicate with the patient about the amendment request.
  • 14. More patient rights… • Receive an accounting for disclosure and access report Patients have the right to receive a list of anyone who has obtained access to their medical record and billing information with certain exclusions. As a provider, we are required to maintain a written log that documents where information is disclosed on each patient. The most common example of disclosed information is data reported to the Health Department. • Request we contact them by alternative means Patients have the right to ask that we do not leave messages on their answering machine or that we do not call them at their work number. • File a complaint Patients have the right to file a complaint with the UT Health Science Center and with the Secretary of DHHS. We are required to have a complaint process in place. The same process that is used for the Medicare compliance complaints will be used for HIPAA complaints. To file a complaint, use the complaint form
  • 15. What are the penalties under HIPAA? There are severe civil and criminal penalties for noncompliance that range from fines to prison sentences. It should be noted that HIPAA is the only federal regulation that carries with it personal liability to individuals who violate the Act.
  • 16. Under the HIPAA Security Rule, UTHSC must: Ensure the confidentiality, integrity, and availability of all electronic protected health information that UTHSC creates, receives, maintains, or transmits. 2) Protect against any reasonably anticipated threats or hazards to the security or integrity of such information. 3) Protect against any reasonably anticipated uses or disclosures of such information that are not permitted or required under the Privacy rule. 4) Ensure compliance with HIPAA by its workforce. 1)
  • 17. How do I report a Security Privacy Violation?
  • 18. How can I contact the HIPAA Privacy Officer or Security Officer?
  • 19. Will anything happen to a person who files a complaint? There will be no retaliation for filing a complaint. It is against the law to cause problems for anyone who does file a complaint. Reported items will be investigated, and appropriate action will be taken. There will be no repercussions taken against an employee who reports an issue. You are encouraged to share information you believe is relevant for federal regulation compliance. You are not required to identify yourself. Confidentiality regarding the issues you raise will be provided.
  • 20. Is there anonymity provided for complainants? Your concern might not be addressed unless you provide sufficient information about the facts of the situation. Telephone calls are not recorded, and no effort is made to determine the number or location from which you call. Please provide as much information as possible. When possible, please provide names of individuals who should be contacted during our investigation. If you would like information of the progress of the investigation, you will need to provide your name and telephone number.