Professional Documents
Culture Documents
Basics:
Privacy
The History of HIPAA
As health care providers, we have always
been called upon to maintain the privacy
and confidentiality of a patient’s health
information.
2
HIPAA Basics 2
The History of HIPAA
With the advent of computers and other electronic
technology, we are now able to maintain electronic
files that allows us more flexibility in
communicating information between offices,
hospitals, and clinics, as well as cutting down on
the space requirements for storage. In addition, we
are better able to track and analyze data that helps
us to be more effective in providing care as well as
in controlling costs.
4
HIPAA Basics 4
The History of HIPAA
5
HIPAA Basics 5
Failure to Comply
Every health care organization is expected to
develop policies and procedures to guide practices
within their facility. Every person who provides care
or assistance to patients in that facility is expected
to understand and comply with HIPAA regulations.
6
HIPAA Basics 6
HIPAA Goal
The goal of the privacy program is to protect
confidential information from improper use or
disclosure.
7
HIPAA Basics 7
Administrative Requirements
Every agency must:
Appoint a Privacy Officer.
8
HIPAA Basics 8
YOUR Responsibility
You must respect confidential information about
patients and use information only to perform your
role as student nurse in that agency.
9
HIPAA Basics 9
HIPAA Patient Rights
HIPAA guarantees several rights to patients:
Right to privacy
Right to confidential use of their health information for
their treatment, billing process, and other health care
operations (such as quality improvement)
Right to access and amend their health information upon
request
Right to provide specific authorization for use of their
health information other than for treatment, billing and
other health care operations
Right to have their name withheld from our patient
directories
Right to request that information is not given out
concerning their care to specific individuals including the
right to ‘opt out’ of our patient directory (name not listed
as being present in our facility other than for treatment,
billing, and other health care operations)
Right to request that individuals are not told of their
presence in our facilities
10
HIPAA Basics 10
HIPAA Patient Rights
Every patient should receive a
document called a Notice and be
asked to sign an Authorization.
11
HIPAA Basics 11
HIPAA Patient Rights
12
HIPAA Basics 12
HIPAA Patient Rights
True or False?
14
HIPAA Basics 14
Answer
ANSWER: FALSE
15
HIPAA Basics 15
Unauthorized Disclosures
Some of the biggest threats to patient privacy is
unintentional disclosure of information:
Discussing a case where other patients or visitors
patients.
16
HIPAAaBasics
Leaving computer unattended after logging in to 16
Unauthorized Disclosures
It is essential that everyone who provides care
and services to patients be aware of what is
going on in their surroundings to ensure that
confidential information is only shared with those
who need to know, and at the minimum level
necessary to enable them to carry out duties and
responsibilities safely, effectively, and efficiently.
17
HIPAA Basics 17
Review Question
One of the privileges of working in health care is that we
have access to our family and friends’ health information
so we can find out when they have an illness.
True or False?
18
HIPAA Basics 18
Answer
ANSWER: FALSE
19
HIPAA Basics 19
Verify Identity
20
HIPAA Basics 20
Security Rules
Privacy rules identify what information is protected and
define when and how that information may be used
or disclosed.
Security rules apply to PHI that is sent electronically
from one location to another. Security rules identify
steps to take to secure PHI that is in electronic
format. They also apply to PHI that may be used or
stored by the facility.
There are four key parts which work together to protect
PHI. These are:
4. Physical Security: hands-on access to computer These define the
hardware, systems, areas, and buildings. basic level of
5. Technical Security: the process to identify the
security that
access and type of information individuals may must be in place
access and view on a computer. to comply with
HIPAA
6. Technical Security Mechanisms: processes that
automatically monitor systems activity and report
suspicious activity.
7. Administrative Procedures: policies and procedures
that define steps the facility will take to address the 21
HIPAA Basics 21
above.
Electronic Communication
Part of ensuring the privacy rules is to
understand how information is stored,
transmitted, and accessed by staff.
22
HIPAA Basics 22
Case Scenario
Dr. Williams asks Sue, a nurse, to bring up his patient’s lab
results on the computer screen. Dr. Williams looks around and
does not see any other staff or visitors in the area. He asks Sue
to turn the monitor so he can see the chart. There is no other
person around the desk when the screen is turned towards him.
When Dr. Williams is finished, Sue turns the screen back around
facing away from public view.
23
HIPAA Basics 23
Case Answer
ANSWER: False
They took the time to examine their surroundings and made certain
that no unauthorized individuals were near. Turning the screen
and then returning it to a secure position is an acceptable practice.
24
HIPAA Basics 24
Paper Communication
You will find during your clinical experiences that there is a lot
of paper that contains confidential patient information. Make
sure you keep this paper out of the public view.
25
HIPAA Basics 25
Case Question
Julie is a nurse entering notes into a patient chart at the nurse’s
station where visitors come to ask questions. Jeff, another nurse,
steps out of a patient’s room and asks Julie for help. Julie leaves
the chart open on the desk, then goes to assist Jeff in the
patient’s room.
Q: Leaving the chart open on the desk when the nurse leaves the
area is OK because she will be right back and trying to find her
place would take too much time.
True or False?
26
HIPAA Basics 26
Case Answer
ANSWER: False
27
HIPAA Basics 27
Verbal Communication
Nursing is never practiced in isolation. It is a collaborative team
operation. As a result, there are many times when you will need
to discuss patient information with colleagues.
28
HIPAA Basics 28
Case Scenario
Jennifer, a nurse, and Tom, a physical therapist, are
eating lunch together in the cafeteria. They begin
discussing a patient that they are both treating. The
cafeteria is crowded and others around them can hear
them referring to the patient’s name and other
confidential information.
True or False?
29
HIPAA Basics 29
Case Answer
ANSWER: True
30
HIPAA Basics 30
Case and Question
An adult daughter of an elderly patient is present in the room
when his doctor enters to speak with the patient about test
results. The patient introduces his daughter to the doctor, and
then asks the doctor if the test results are back. The doctor
begins to explain the results to the patient.
True or False?
31
HIPAA Basics 31
Case Answer
ANSWER: False
Since the patient asked about the results with his daughter in the
room, the doctor can assume that it is appropriate to share the
results at that time.
32
HIPAA Basics 32
Case Question
In a Radiology waiting room, an x-ray technologist calls the next
patient by name saying “Jane Smith, we are ready for your to get
your sonogram now.”
True or
False?
33
HIPAA Basics 33
Case Answer
ANSWER: True
34
HIPAA Basics 34
Non-Retaliation Policy
35
HIPAA Basics 35
Complaints
If you feel there has been a privacy
violation, inform your instructor who
will immediately assist you in
contacting the Privacy Officer.
36
HIPAA Basics 36
Summary
All health information that
specifically identifies an individual
is considered confidential.
Protecting the privacy of patient
information is everyone’s
responsibility.
Even though you are a student
nurse, you are an active part of
this program. Use patient
information only to perform your
responsibilities as assigned.
Be aware! Don’t intentionally or
unintentionally disclose patient
information. Help others to do the
same.
If you suspect any privacy
violations or concerns, notify your
instructor who will immediately
assist you in contacting the
Privacy Office.
37
HIPAA Basics 37
Thank You!
We are
HIPAA
compliant...
Are You?
38
HIPAA Basics 38