2/14/14-HIPAA Flashcards
What does HIPAA stand for?
Health Insurance Portability and Accountability Act
What was the intent of HIPAA?
- to prevent loss of insurance when you change jobs
- to ensure the privacy of PHI (protected Health Information)
What did HIPAA start out as?
a portability law, and they realized privacy would be a big issue
What are the patient’s rights according to HIPAA?
GO BACK TO THIS CARD AND LISTEN, NOT COMPLETE!**
- the ability to make informed choices when seeking care
- The ability to find out how Personal Health Information is used.
- To limit the release of PHI to the minimum necessary
- They have the right to see their records
What are the two rules within HIPAA?
- Privacy rule: privacy of electronic health information (WHAT)
- Security Rule: Establishes the standards for the privacy of the electronic information (HOW)
Through HIPAA, what is protected?
anything to do with your health:
- Blood work
- Diagnoses
- EEGs
- EKGs
- Any and all test results
- Etc.
- Conversations between you and your doctor or nurses
- Billing information
- medical information in your health insurers computer system
- Medical information that identifies you cannot be unnecessarily shared
Through HIPAA, another thing that is protected is individually identifiable health information, describe what this is.
This is a subset of health information:
- Name
- Address
- Telephone number
- Medical Record #
- SSN
According to HIPAA, what are the employer’s responsibilities?
- notify patients about their privacy rights and how PHI is used.
- Adopt & IMPLEMENT privacy procedures
- Train employees in privacy procedures
- designate an individual to be responsible
**This happens mostly in the hospital or medical private practice (clinic)
Who has to follow HIPAA?
- doctors
- nurses
- hospitals
- clinics
- nursing homes
- Health insurers insurance
- HMO
- Medicare and Medicaid
**these are all considered covered entities
According to HIPAA, what are covered entities?
-a health care provider that conducts certain transactions in an electronic format or uses a clearing house
According to HIPAA, who are not covered entities?
- life insurance companies
- employers
- schools
- worker’s comp carriers that might have medical information about you
- State agencies & Law enforcement
According to HIPAA, what are covered transactions?
- electronic health care claims
- electronic remittance & payment advice
- checking the status of a claim
- referral certification & authorization
According to HIPAA, what are considered electronic forms?
- internet
- extranet
- leased lines
- dial-up lines
- private networks
- magnetic tape, disk, or CD media
According to HIPAA, what are the authorization rules?
- written authorization
- you must keep a copy
- patient must get a copy
- authorization may be revoked at any time
- date
- purpose of disclosure
- expiration date
- signature/date
- when faxing, the recipient must be at the fax machine at the other end. Call to ensure this
At the MRLSHC, what do we require in terms of confidentiality?
- we require a new authorization form each semester
- signed RELEASE FORM to send information
- signed RELEASE FORM to receive information
- information exchange release form
- school site visit release form
**Only department secretaries, chair, and clinic coordinator may remove faxes from the machine
