HIPPA flashcards

What does HIPAA stand for?

Health Insurance Portability and Accountability Act (of 1996)

HIPAA is a…

federal law, since 1996, requiring sensitive info about a patient’s identity and health to be protected from being disclosed w/o the patients consent or knowledge.

Punishments for violating HIPAA

Heavy fines and Imprisonment

HIPAA ensures that patients have the following rights:

-To see and copy their health record

-To update their health record

-To request correction of any mistakes

-To get a list of the disclosures a healthcare institution has made independent of disclosures for the purposes of treatment, payment, and healthcare operations

-To request a restriction on certain uses or disclosures

-To choose how to receive health information

PHI stands for

Protected Health Information.

HIPAA’s Authorization Rule requires…

a signed authorization from the patient before a HCP or institution may release PHI for purposes other than treatment, payment, or healthcare operations.

There are two categories of disclosures that are allowed without authorization:

permitted and incidental disclosures

Permitted Disclosure Example

Public health activities, such as tracking and controlling infections, disease outbreas, and dangerous problems with drugs and medical equipment

Permitted Disclosure Example

Law enforcement and judicial proceedings, such as medical records relevant to the investigation and prosecution of a crime or required reporting of child abuse or domestic violence

PHI of deceased people is…

a permitted disclosure as it is needed to facilitate organ donation or to assist coroners, medical examiners, and funeral direactors

Incidental Disclosure Examples

Use of sign-in sheets or calling out names in waiting rooms

Incidental Disclosure Examples

Minimal information exposed by placing patient charts appropriately outside exam rooms, using whiteboards, or displaying x-ray light boards.

Incidental Disclosure Examples

The possibility of confidential conversations being overheard, provided surroundings are appropriate for the conversation and voices are kept down.

What are some examples of PHI?

any data that would identify the

individual, name, hospital number, social security number, lab results, past or current photos, date of birth, email

What does PO stand for?

Privacy Officer

What does a Privacy Officer do?

an employee who is responsible for implementing and enforcing HIPAA. This person could be your point of information regarding HIPAA other than your instructor

What does CE stand for?

Covered Entity

What is a covered entitiy?

any health plan, healthcare providers, agency that processes claims, and any company that subcontracts with them are covered by HIPAA.

Strategies to Protect HIPAA (Nevers)

 NEVER disclose passwords or share login information

 NEVER leave portable devices or documents unattended

 NEVER leave documents openly exposed

 NEVER access client records out of curiosity

 NEVER access your own records

 NEVER dispose of PHI with regular trash or in recycle bin

 NEVER text patient information

 NEVER post pictures of patients or their information/condition on social

media or to any other website

 NEVER take a picture or make copies of client information

Strategies to Protect HIPAA (ALWAYS)

 ALWAYS be mindful of who is in the patient’s room

 ALWAYS recognize that nursing students are not exempt from HIPAA

 ALWAYS consider HIPAA as a team effort

 ALWAYS position HIPAA as a benefit, not a box-checking exercise

 ALWAYS educate yourself on best practices

HIPAA Applies to Education

 Applies to any student who, during their educational process, is involved in a

patient’s care and/or has access to PHI (within the clinical environment, as well

as associated activities outside the clinical environment).

 In the course of education, a patient’s PHI (including photos/images) must not

be disclosed or used in any other way without the patient’s authorization/consent

 “Reasonable Effort” must be made to ensure that only de-identifying PHI is

used for education.

Serious break of HIPAA rules can result in…

removing a student from thd course/progam