Chapter 2 Flashcards
centers for medicare and medicaid services (CMS)
federal agency in the department of health and human services that runs medicare, medicaid clinical laboratories and other gov. health care programs: responsible for enforcing all HIPAA standards other than the privacy and security standers
Electronic data interchange (EDI)
computers-to -computers exchange of routine business information using publicly available electronic standers
Health information Technology for economic and clinical health (HTECH) act
provisions in the american recovery and reinvestment act of 2009 that extends and reinforce HIPAA and contain new breach.
Covered entity
under HIPPA health care plans, clearinghouse or provider who transmits and health information in electronic forms in connection with HIPPA transaction
Clearinhouse
companies that processes electronic health information and executes electronic transaction such as insurance verification and claim submission for providers
Business Associate
person or organization that requires access to PHI to perform a function or activity on behalf of a covered entity but is not part of its workforce
HIPAA Privacy rules
law that regulates the use and disclosure of patients protected health information
Protected health information (PHI)
individually identifiable health information transmitted or maintained by electronic media or in any other form or medium
Nice of privacy practices (NPP)
HIPAA- mandated document standing the privacy policies and procedures of a covered entity
Acknowledgment of receipt of notice or privacy practices
form accompanying a covered entity notices of privacy practices. covered entities must make a good faith to have patients signs it.
Release of information (ROI)
process following by employees of covered entities when releasing patients information.
Treatment payment and health care operations (PTO)
under HIPAA three conditions under which patients protected health information may be released without their consent
HIPAA security rules
law that requirers covered entities to establish administrative physical and technical safeguards to protect the confidentiality integrity and availability of health information
Electronic protected health information (ePHI)
PHI that is created received maintained or transmitted in electronic formrmation into an unreadable format before it is distributed
Breach
under the HIPAA privacy rules impermissible use or disclosure that compromises the security or privacy of PHI that could pose a significant risk of financial repetitional or other harm to the affected person
