chapter 8 Flashcards
health insurance portability and accountability act (HIPAA)
a federal law passed in 1996 to protect privacy and other health care rights for patients. the act helps workers keep continuous health insurance coverage for themselves and their dependents when they change jobs, and protects confidential medical information from unauthorized disclosure and/or use. it was also intended to help curb the rising cost of health care fraud and abuse
privacy
freedom from unauthorized intrusion
covered entities
health care providers and clearing houses that transmit HIPAA transactions electronically, and must comply with HIPAA standards and rules
covered transactions
electronic exchanges of information between two covered- entity business partners using HIPAA- mandated transaction standards
designated record set
records maintained by or for a HIPAA- covered entity
notice of privacy practices (NPP)
a written document detailing a health care provider’s privacy practices
protected health information (PHI)
information that contains one or more patient identifiers
de- identity
to remove from health care transactions all information that identifies patients
state preemption
if a state’s privacy laws are stricter then HIPAA privacy standards, the state laws take precedence
treatment, payment, and health care operations (TPO)
a HIPAA term for qualified providers, disclosure of PHI to obtain reimbursement, and activities and transactions among entities. treatment means that a health care provider can provide care; payment means that a provider can disclose PHI to be reimbursed; health care operations refers to HIPAA- approved activities and transactions
standard
a general requirement under HIPAA
rule
a document that includes the HIPAA standards or requirements
transaction
transmission of information between two parties for financial or administrative activities
code set
under HIPAA, terms that provide for uniformity and simplification of health care billing and record keeping
electronic transmission
the sending of information from one network- connected computer to another
electronic data interchange (EDI)
the use of uniform electronic network protocols to transfer business information between organizations via computer networks
permission
a reason under HIPAA for disclosing patient information
limited data set
protected health information from which certain patient identifiers have been removed
security
policies and procedures that protect PHI from unauthorized access
firewalls
hardware, software, or both designed to prevent unauthorized persons from accessing electronic information
encryption
the scrambling or encoding of information before sending it electronically
verification
the requirement under HIPAA to verify any request as legitimate before protected health information is released
minimum necessary
term referring to the limited mount of patient information that may be disclosed, depending on circumstances
