Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Pharmacy Law > HIPAA > Flashcards

HIPAA Flashcards

You may prefer our related Brainscape-certified flashcards:
MBE flashcards MPRE flashcards Civil Procedure 1L flashcards
1
Q

What does HIPAA do?

A

Protects individually identifiable health information

  • sets limits on disclosures of PHI
  • institutes safeguards to secure PHI
  • hold people accountable for safeguarding PHI
  • gives patients control of their PHI
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

HIPAA allows info to be more easily…

A

exchanged among health care professionals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Direct vs. Indirect treatment

A

Direct - healthcare provider is directly treating patient
Indirect - health care provider delivers treatment to individual based on orders of another provider
*RPh does BOTH

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Hybrid Entity

A

business that has both covered and non-covered functions (ex. Walmart pharmacy/store)
*must ensure PHI remains within the pharmacy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Individual Identifiable health information

A

any info (recorded or oral) that includes demographic info relating to the health of an individual

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Protected Health Information (PHI)

A

identifiable health info that is transmitted by electronic media and is covered by HIPAA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

De-identification of PHI:

information about an individual that is de-identified…

A

means there is no reasonable way to identify the individual; NOT considered identifiable health information.
- removal of names, geographic subdivisions SMALLER than states, dates (except year), photos, etc.

  • if info is RE-identified then becomes pHI once again.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Minimum Necessary

A

a covered entitiy must make reasonable efforts to limit protected health info to the minimum amount need to accomplish intended purpose.

  • does NOT apply to pharmacists
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Safeguards

A

put in place to protect privacy of PHI from intentional/unintentional disclosures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Privacy Officer

A

NECESSARY

responsible for development/implementation of safeguards

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

HIPAA Employee Training

A
  • necessary for all workers
  • employers must keep training records
  • must be given training in reasonable timeframe
  • employees must be informed/trained about any changes
  • must punish employees who misuse PHI
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Patients rights to access their health records

EXCEPTIONS:

A
  • inmates

- psychotherapy notes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

When can you deny a patient their right to access their PHI?

A
  • danger to the patient
  • harm to another
  • give patient written reason for denial along with complaint procedures –> patient has right to review denial
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Right to an Accounting

A

individual has right to receive a list of all disclosures of PHI for up to past 6 years

  • must act on request within 60 days
  • first account is FREE
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Complaints

A
  • patient has right to file complaint
  • ANYONE can file a complaint
  • file in writing (paper or electronic)
  • file within 180 days of act
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Patient Retaliation

A

NOT ALLOWED

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Consent Forms vs. Authorization Forms

A

Consent Forms - voluntary

Authorization Forms - mandatory

18
Q

Can you look up a patients info if you are NOT actively treating them?

A

NO

19
Q

you MAY disclose patient PHI to others IF…

A
  • you have patients agreement
  • provide patient with opportunity to object
  • based on professional judgement, you infer that patient does not object
20
Q

If patient is not present, incapacitated, or in an emergency…

A

use your professional judgement to see if disclosure is best

21
Q

Who has the authority to act on behalf of a minor?

A

parent, guardian, loco parentis

22
Q

What do the police need to request access to PHI?

A

SUBPOENA

or a signed/written authorization from patient

23
Q

Notice of Privacy Practices

A
  • tells how you are going to use PHI
  • tells patient of their rights
  • patient can refuse to sign document –> can still treat/fill for patient (DOCUMENT refusal)

*EXCEPTION - inmates do NOT have right to notice of privacy

24
Q

How long must you keep written acknowledgements of Notice of Privacy Practies?

A

6 years

25
Q

Incidental Use/Disclosure

A

accidental

  • overheard talking about patient
  • you are NOT expected to guarantee a patient’s PHI from all potential risks
  • must provide reasonable safeguards
  • provide glass between counter and front of pharmacy, ask other patients to stand back while counseling
  • speak with lowered tone of voice
  • lock patient records/files
  • use computer security
26
Q

What was the purpose of HIPAA HITECH

A
  • increased fines to increase compliance with HIPAA
27
Q

If there is a breach in HIPAA you must notify…

A
  • patient

- department of health & human services

28
Q

define breach

A

use or disclosure of PHI in a manner not allowed by privacy rules

29
Q

You must notify a patient of a breach in HIPPA…

A

ALWAYS (even if there is harm or no harm to patient)

30
Q

If HIPAA is breached you must perform…

A

a Risk Assessment that includes:

  • nature/extent of PHI (types of identifiers)
  • who received access
  • potential that PHI was actually viewed/aquired
  • extent to which the risk was mitigated
  • unintentional acquisition or access (if someone looked up wrong patient)
  • inadvertent disclosure
31
Q

If the HIPAA breach affected less than 500 people…

A

must send notification in written form via 1st class mail or email if requested by patient.

32
Q

If the HIPAA breach affected more than 500 people…

A
  • must notify secretary of HHS within 60 days after the end of the calendar year from when the breach was discovered.
  • send individual notice
  • provide media notice to prominent media outlets
33
Q

What acts are examples of a HIPAA breach?

A
  • tech looks up wrong patient
  • give someone else’s med to another patient
  • fax patient info to another HCP
  • fax patient into to anyone else
34
Q

Historian Rule or 50-Year Old Rule

A

HIPAA protects PHI of people for 50 years following the date of their death.

35
Q

Categories of HIPAA Violations

A

Tier 1 - unaware of violation, typically could not have avoided
Tier 2 - violation that they should have been aware of
Tier 3 - willful neglect of HIPAA rules
Tier 4 - violation where no attempt has been made to correct the violation (have already been warned in past)

36
Q

Tier 1 Punishments

A

fines:
- $100/violation up to $50,000

jail
- up to 1 year

37
Q

Tier 2 Punishments

A

fines
- $1,000/violation up to $50,000

jail
- up to 5 years

38
Q

Tier 3 Punishments

A

fines
- $10,000/violation up to $50,000

jail
- up to 10 years

39
Q

Tier 4 Punishments

A

fines

- $50,000/violation up to 1.5 million/year

40
Q

Whistleblowers

A

people who report violations get a % of the fines paid by violator

41
Q

If Breach involves…

  • SS #
  • drivers license #
  • credit card info
A

can lose license for 3-5 yrs

Pharmacy Law (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions