What does HIPAA stand for?
Health Insurance Portability and Accountability Act
What is HIPAA(book version)?
An act that contains regulations often referred to as the privacy rule and it protects a patient’s personal health information from being used or shared without their written consent.
What is HIPAA(webquest)?
A legislation by the United States that provides data privacy and security provisions for safeguarding medical info.
Who does HIPAA protect?
Patients in a healthcare setting.
What is the amount that someone pays for accidentally, or unknowingly, violating the Privacy Rule?
$100 per violation.
What happens if someone neglects HIPAA rules and does nothing to fix it?
A $50,000 fine.
What is the maximum penalty for violating the privacy rule?
$1.5 million
What type of patient information is exposed on site?
Diagnosis, treatment, medicines, names, dates, personal information, medical history, family history, procedures, room number, floor number, and location.
What kind of patient information can be shared?
None unless it is important for the case or unless it is concealed in a way that no one can guess who it is.
Why was HIPAA created?
To bring a balance between improving flow of information and protection of patient privacy.
When was HIPAA signed into law?
1996
Which presidential administration signed HIPAA into law?
Clinton Administration
What was the original intention of signing HIPAA into law?
Helping more Americans gain health insurance coverage and ensuring that employees would not lose health insurance if they changed jobs.
What did the HIPAA act allow the Department of Health and Human Services to set standards for?
The safeguarding of identifiable health information and increasing the efficiency and effectiveness of the healthcare industry as a whole.
How far back do confidentiality dates go back to?
The Hippocratic Oath
What are the five basic rules of HIPAA?
The privacy rule, the security rule, the transaction rule, the identifiers rule, and the enforcement rule
What does the privacy rule do?
Protects the personal health information and the medical records of individuals
What does the security rule do?
Defines and regulates the standards, methods, and procedures related to the protection of electronic PHI on storage, accessibility, and transmission.
What does the transaction rule do?
Regulates data transmission specifications that govern how data is electronically transferred from one computer to another. The rule defines the types of electronic transactions subject to HIPAA, and specifies the exact format for each transaction record.
What does the identifiers rule do?
Requires all healthcare entities, including individuals, employers, health plans and healthcare providers, to have a unique 10-digit national provider identifier number.
What does the enforcement rule do?
Establishes guidelines for investigations into HIPAA compliance violations.
What does PHI stand for?
Personal health information
How long can PHI be held for after you die?
50 years
What is PHI?
Personally identifiable information found in medical records and conversations between doctors and nurses regarding patient treatment.
Where can PHI be found in?
Medical documentation/forms, records of communication, blood tests, prescriptions, billing info, MRI/X-RAY results, and doctor/clinical appointments.
What does PHI include?
Billing info and any information that can be used to identify an individual in a health insurance company's records.
How much has the office for civil rights settled or imposed in a civil money penalty in 101 cases?
135,328, 482.00
How many HIPAA complaints has there been since the privacy rule compliance date in April 2003?
270,242
What is the percentage of complaints that have ended in a financial settlement since the compliance date of the privacy rule?
0.04%
Which state has the highest amount of HIPAA breaches?
California
What is the "need to know" principle?
The "minimum necessary standard" states that protected health information should not be used of disclosed when it is not necessary to satisfy a particular purpose or carry out a function.
How many patient rights are there?
7
What is the first patient right?
Receive a copy of an agency’s privacy practices.
What is the second patient right?
Know that an agency will use its PHI ONLY for treatment, payment, operations, and certain other permitted uses as required by law.
What is the third patient right?
Control the use and disclosure of their PHI.
What is the fourth patient right?
Have access to a copy of their PHI.
What is the fifth patient right?
Request amendment or addendum to their PHI.
What is the sixth patient right?
Receive records of disclosures (times when PHI was given out).
What is the seventh patient right?
File a privacy complaints to an agency officer.
Can personal health information be sent over email?
Only if it is encrypted and 100% neccesary.
What is reportable patient information?
Births, deaths, adverse reactions to meds or vaccines, child abuse, elder abuse, crimes/violence, communicable diseases, and error by other physicians.
If patient confidentiality must be breached, what must be released to law enforcement?
As little information as possible after notifying the patient.