Chapter 4: Healthcare Laws

Advance Directives.

Written instructions about healthcare decisions in case a person is unable to make them.

Exploitation.

The act of using another person for one's own advantage.

Policies.

Written principles that provide goals for the employees and the facility.

Standard 1 (HIPAA):

Related to transactions and code sets; Included mandating universal coding systems.

Standard 2 (HIPAA):

Related to the Privacy Rule; All forms of patient information is to be protected.

Standard 3 (HIPAA):

Related to the Security Rule; Patient information that is electronically stored and transmitted is to be protected.

Treatment, payment, and healthcare operations (TPO).

(Privacy Rule permission) Treatment relates to when the covered entity discloses PHI when coordinating or managing healthcare.

Uses and disclosures with an opportunity to agree or object.

(Privacy Rule permission) The patient can give informal permission when asked outright or can be given an opportunity to agree or object.

Doctrine of Professional Discretion:

When a provider is treating a patient for emotional or mental conditions, the provider can exercise professional judgement to determine if the records should be released to the patient.

Disclosure/Authorization to Disclose Form:

Must be completed by the patient before PHI can be shared with another person.

Record Release Form:

A form that must be completed by the patient before PHI records can be transferred.

PHI treated with higher levels of confidentiality:

Psychotherapy notes, substance abuse, HIV content.

Administrative safeguards.

The security officer is responsible for creating and carrying out security policies & procedures.

Physical safeguards.

Facility, workstation, and device security must be implemented.

Technical safeguards.

Only authorized employees should have access to ePHI; Includes audits and encryption of data.

Food, Drug, and Cosmetic Act of 1938:

Replaced the Food and Drug Act (1906); Enforced by the US FDA (Food and Drug Administration), which is responsible for the safety, effectiveness, security, and quality of food, drugs, and cosmetics.

Controlled Substances Act:

Part of the Comprehensive Drug Abuse Prevention and Control Act of 1970; Contains 5 schedules of medications, arranged from greatest to least abuse potential.

Occupational Safety and Health Act of 1970 (OSH Act):

Enforced by the Occupational Safety and Health Administration (OSHA). OSHA sets workplace standards and conducts inspections to ensure employee safety.

Needlestick Safety and Prevention Act of 2000:

The goal of the act is to reduce the risk of healthcare workers exposure to bloodborne diseases.

Impact of the Needlestick Safety and Prevention Act:

Safer medical devices must be used, facilities must utilize a sharps injury log and sharps disposal containers, PPE must be worn if there is a risk of blood or body fluid exposure.

Patient Protection and Affordable Care Act:

Often referred to as the Affordable Care Act; Signed into law in 2010; The goal of the law was to provide Americans with affordable health insurance.

Health insurance reforms made by the Affordable Care Act:

Insurance coverage of preventative services and immunizations; People with preexisting health conditions cannot be dropped or charged more; Dependents can stay on their parent's insurance plan until 26; Large businesses must provide insurance to full time workers; The Physician's Payments Sunshine Act (PPSA).

The Physician Payments Sunshine Act (PPSA):

Increases the transparency between providers, teaching hospitals, and manufacturers of medical products.

The Clinical Laboratory Improvement Amendments (CLIA):

Established in 1998; Establishes quality standards and regulates laboratory testing.

Food and Drug Administration (CLIA):

Oversees the medical laboratory tests and categorizes them based on complexity.

Centers for Medicare and Medicaid Services (CLIA):

Inspects laboratories and issues certificates. Enforces compliance with regulations.

Centers for Disease Control and Prevention (CLIA):

Develops standards and laboratory practice guidelines. Develops professional information and resources mostly related to health and disease topics.

Certificate of Waiver (CLIA):

Allows the facility to perform CLIA-waived tests, which are simple and accurate with little risk for error if done correctly.

Certificate for Provider-Performed Microscopy Procedures (PPMP):

(CLIA) Allows the provider to perform only specific microscopy procedures and waived tests.

Good Samaritan Laws:

State laws that provide legal protection for those assisting an injured person during an emergency.

Reportable diseases.

Communicable diseases that have a significant public health impact, and must be reported by the provider to the state's public health department upon diagnosis.

Urgent reporting:

For diseases such as hepatitis A, food or water disease outbreaks, whooping cough, measles, plague, and tuberculosis. Reporting must be done immediately, usually by phone or fax.

Less urgent reporting:

For diseases such as STIs, hepatitis B-E, legionellosis, Lyme disease, mumps, bacterial meningitis, malaria, tetanus, chickenpox, and TSS. The provider usually has up to 3 days to file the report.

Highly confidential reporting:

For diseases such as AIDS and HIV infection. The provider may need to mail the paperwork to increase confidentiality.

The Federal Child Abuse Prevention and Treatment Act (CAPTA):

Updated by the CAPTA Reauthorization Act of 2010; Set the minimum federal standard for describing child abuse and neglect.

The Unborn Victims of Violence Act:

Signed into law by Congress in 2004; Considers babies in utero who are harmed or killed during certain acts to be victims, and charges could be brought forth.

The Older Americans Act:

Signed into law in 1965; The purpose of the act was to maintain the rights and dignity of the older person.

Vaccine Information Statement (VIS):

This document reviews the reasons for and the risks of the vaccine.

Vaccine Adverse Event Reporting System (VAERS):

A national surveillance program that monitors vaccine safety and collects information on unusual vaccine side effects.

The National Vaccine Injury Compensation Program (VICP):

Created by the National Childhood Vaccine Injury Act, which was passed in 1986; This program provides compensation for children injured by childhood vaccines.

Compliance Program/Corporate Compliance:

A program within businesses that detects and prevents violations of state and federal laws, often utilizing reporting mechanisms.

If the facility has a compliance reporting procedure:

A report can be filed through the compliance reporting mechanisms available to the employee.

If the facility does not have a compliance reporting procedure:

The employee may need to report the situation using the chain of command.

For employment or conflict-of-interest issues:

Some agencies require the employee to contact the human resources supervisor.

Identity theft.

Occurs when someone sells or uses another person's information for financial gain.

Conflict of interest.

Relates to any financial interest, personal or professional activity, or obligation that affects a person's objectivity when performing the job.

Fraud.

A deceitful action that causes another to give up something of value.

Employment-at-will:

The employer or the employee can end employment at any time any for any legal reason; Most medical assistant positions are considered this.

Wrongful termination.

The employer did not have just cause for firing an employee.

National Labor Relations Act:

Also called the Wagner act of 1935; It gave the right to most workers to join or organize a union.

Title VIII of the Civil Rights Act (Title VII):

1964; Prohibits employment discrimination based on color, race, gender, religion, or national origin.

Age Discrimination in Employment Act (ADEA):

1967; Protects applicants and employees 40 years and older from discrimination and includes hiring, promotion, termination, and compensation practices.

Rehabilitation Act:

1973; Prohibits discrimination in employment practices based on physical or mental disabilities. This act applies to federal/federally contracted employers.

Pregnancy Discrimination Act:

1978: Amended Title VII of the Civil Rights Act of 1964; This act prohibits sex discrimination based on pregnancy.

Title I and Title V of the Americans with Disabilities Act (ADA):

1990; Prohibits employment discrimination against qualified persons with disabilities.

Genetic Information Nondiscrimination Act (GINA):

2008; Prohibits employment discrimination based on the person's genetic information.

Civil Rights Act:

1991; Provides punitive damages in cases of intentional employment discrimination.

Federal Insurance Contributions Act (FICA):

1935; Created a payroll tax that requires a deduction from a person's paycheck.

Fair Labor Standards Act:

1938; Prohibits child labor and also provides overtime and a minimum wage.

Equal Pay Act (EPA):

1963; Protects against gender-based wage discrimination. Requires equal pay for both males and females who are performing the same job at the same organization.

Employee Retirement Income Security Act (ERISA):

1974; Sets minimum standards for pension and health plans in private industry and protects individuals in these plans.

Family Medical Leave Act (FMLA):

1991; Provides unpaid leave time for maternity, adoption, or caring for ill family members.

Americans with Disabilities Act (ADA):

Prohibits discrimination against people with disabilities in everyday activities, including getting healthcare.

Incident report.

An internal document that needs to be completed whenever an unexpected event occurs.

Abuse.

An action that purposely harms another person.

Breach.

Disclosure of protected health information without a reason or permission, which compromises the security or privacy of the information.

Claims Clearinghouse.

An organization that accepts the claim data from the provider, reformats the data to meet the specifications outlined by the insurance plan, and submits the claim.

Coding System.

A system designed to use characters (i.e., numbers and letters) to represent something, such as a medical procedure or a disease.

Communicable Diseases.

Diseases spread from person to person by either direct contact or indirect contact.

Dependent Adults.

People between the ages of 18 and 64 who have a mental or physical impairment that prevents them from doing normal activities or from protecting themselves.

Discrimination.

Unfair treatment of another person based on the person's age, gender, ethnicity, sexual orientation, disability, marital status, or other selective factors.

Egress.

Leaving a place; exit route.

Electronic Health Record (EHR):

An electronic record that conforms to nationally recognized standards and contains health-related information about a specific patient. It can be created, managed, and consulted by authorized clinicians and staff from more than one healthcare organization.

Electronic Transaction.

The electronic exchange of information between two agencies to accomplish financial or administrative healthcare activities.

Harassment.

Continued, unwanted, and annoying actions done to another person.

Neglect.

Failure to provide proper attention or care to another person.

Precedence.

The top priority.

Privilieged Communication.

Communication that cannot be disclosed without authorization of the person involved; includes provider-patient and lawyer-client communications.

Retaliation.

Getting back at others for something they did to you.

Retribution.

Punishment inflicted on someone as vengeance for a wrong or criminal act; the act of taking revenge.

Whistleblower.

A person (usually an employee) who reports a violation of the law within an organization. The person reports the information to the public or a person in authority.

Procedures.

Step-by-step instructions for completing a task.

State Preemption.

If the state law is stricter than the federal law, it takes precedence.

Invasion of Privacy.

Disclosure of private facts without the consent of the individual.

Confidentiality.

A legally protected right of patients; Healthcare professionals have the duty not to disclose personal information unless authorized by the patient.

HIPAA.

Health Insurance Portability and Accountability Act of 1996; Protects the privacy and confidentiality of patients.

HHS.

U.S. Department of Health and Human Services; The agency responsible for developing the specific requirements of HIPAA.

Standard 4 (HIPAA):

Related to unique identifiers; Each national provider (NPI), health plan (HPI), and employer (EIN) has a unique identification number.

Covered entities.

Healthcare providers, health plans, and healthcare clearinghouses that transmit protected health information electronically.

Protected Health Information (PHI):

Individually identifiable health information stored or transmitted by covered entities or business associates. Includes verbal, paper, or electronic information.

Business associate.

A person or business that provides a service to a covered entity that involves access to PHI.

Permission.

A reason for releasing or disclosing patient information under HIPAA.

De-identify:

To remove all direct patient identifiers from the PHI.

Limited Data Set:

PHI that has had all of the direct patient identifiers removed, leaving only health information; Written authorization is not required to release this information.

Incidental use and disclosure.

(Privacy Rule permission) Written authorization is not required for incidental disclosure, but reasonable precaution should be taken to avoid patient information being seen or heard by others.

Public interest and benefit activities.

(Privacy Rule permission) PHI can be released when required by law, law enforcement, and public health activities.

Still learning (64)

You've started learning these terms. Keep it up!