Safeguarding Medical Record Info Flashcards
SECNAVINST 5211.5
Department of the Navy Privacy Act Program
What does HIPAA stand for?
Health Insurance Portability and Accountability Act
OPNAV 5211/9
Record of Disclosure
Penalties for violation of Privacy Act
fine up to $5k
civil penalties
Penalties for violation of HIPAA
Disclosure: Fine $50k/ 1 year prison
False pretenses: Fine $100k/ 5 years prison
Sold: Fine $250,000/ 10 years prison
Requirements for Privacy Act Statement DD 2005
Advice required by the privacy act of 1974
Members must read and sign the form
If they refuse must explain on SF 600
Who is responsible for administering and supervising the execution of the Privacy Act for the Department of the Navy?
Chief of Naval Operations
Who acts as the Privacy Act principal coordinator for the SECNAV?
Chief of Naval Operations
Who is responsible for administering and supervising the execution of the Privacy Act Program within the Marine Corps?
Commandant of the Marine Corps
SECNAVINST 5211.5E
DON Privacy Program
IDCs are responsible for safeguarding the rights of others by:
- Permitting personnel to know what records are maintained
- Allows access to their records
- Permit amendment of such records when discrepancies are noted
- Prevents records obtained for one purpose from being utilized for another purpose without consent
- Requires the collection, maintenance, use or dissemination of records for necessary and lawful purposes only
- Ensures information is current and accurate for the intended use
- Ensures adequate safeguarding
- Ensures requests for action concerning records are acted upon promptly
Officials are authorized to respond to requests for:
Notification
Access
Amendment of records
What officials have the authority for releasing information from the medical record
- Officials having cognizance over the requested matter
- System managers
When considering release of information to the PUBLIC, what should you consider:
- private and confidential nature
- invasion of privacy
When considering release of information to the INDIVIDUAL, what should you consider:
It might be injurious to the physical and mental health of the member
Release to a representative of the individual is authorized upon…
written request
When considering release of information to other gov’t agencies, what should you consider?
need to know basis
What does HIPAA provide guidance on?
reasonable and appropriate safeguards for medical information
What’s the purposes of disclosure accounting for releasing of information?
-allow individuals to determine to whom their records have been disclosed
OPNAV 5211/9
Disclosure Accounting Form
What’s the procedures for informing persons of disclosure information?
Must be recorded on OPNAV 5211/9
When can individuals request amendments of their personal records?
when the records are inaccurate or irrelevant
The request for record amendment shall:
- Be in writing
- Contain sufficient information to identify and locate the record
- Must include a description of the information to be amended and the reason for the amendment
- Contain copies of available documentary evidence supporting the request
- Burden of proof rests with individual
The systems manager shall provide the individual requesting amendment to their record a written acknowledgment of the request within how many days?
10 working days
Only under exceptional circumstances should the amendment request take more than…
30 working days
Violation of the Privacy Act is punishable by…
- Fines up to $5k
- civil penalties
What is considered violation of the Privacy Act?
- Maintaining Unauthorized Records
- Wrongful Disclosure
- Wrongful Requesting or Obtaining Records
What is the punishment for wrongful disclosure of HIPAA?
Fine of $50,000 and up to one-year imprisonment, or both
What is the punishment for false pretenses of HIPAA?
Fine of not more than $100,000 and up to five years imprisonment, or both
What is the punishment for intent to sell, transfer, or use HIPAA?
Fine of not more than $250,000 and up to ten years imprisonment, or both
LIST the requirements of the Privacy Act Statement DD 2005
- provides patients the advice required by The Privacy Act of 1974
- Members during in-processing must read and sign
- If the individual declines to sign, an explanatory entry on a SF 600 will be made.
What is preprinted in part 2 of the Health Record?
Privacy Act Statement DD 2005
What is preprinted in part 3 of the Health Record?
OPNAV 5211/9, Disclosure Accounting Form
What’s the Privacy Act Program Instruction?
SECNAVINST 5211.5
Who’s responsible for administering and supervising the execution of the the Privacy Act for the Navy?
CNO
Who’s responsible for administering and supervising the execution of the the Privacy Act for the Marine Corps?
Commandant of the Marine Corps
Who has the authority for release of HREC information?
officials who have cognizance over the requested matter
system managers
What is maintaining unauthorized records?
maintain system of records without prior authorization
What is wrongful disclosure?
Knowingly make a disclosure to someone not entitled to access
What is wrongful requesting or obtaining of records?
requests or obtains a record of another individual under false pretenses
