WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.
-
Upload
terry-brokenshire -
Category
Documents
-
view
215 -
download
0
Transcript of WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.
![Page 1: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/1.jpg)
WELCOME to
The University of Toledo
Lynn Hutt Compliance/Privacy Officer
![Page 2: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/2.jpg)
Topics
o Complianceo HIPAA
o Privacyo Security
o Family Educational Rights and Privacy Act - FERPA
o Public Recordso Obama Administration - 2010
![Page 3: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/3.jpg)
Who is the Compliance Officer?
Lynn Hutt
![Page 4: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/4.jpg)
Health Insurance Portability and Accountability Act (HIPAA)o Privacy – covers certain
health information in any form. Written, spoken, electronic or any other form.
o Security – covers information that is stored or transmitted electronically. Internet, computer networks.
![Page 5: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/5.jpg)
What is HIPAA?
o Law created to improve access to health insurance, protect the privacy of health information and promote standardization of electronic health-care related records to improve and safeguard their use.
o Not: Hospitals In Pain, Aguish, and Agony
![Page 6: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/6.jpg)
Patient privacy is everyone’s concern.
It’s a basic part of patient care.
![Page 7: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/7.jpg)
What can happen if you don’t follow the Privacy Rule?
o There may be a fine for each violation of the rule. Total fines can go up to $1.5 million per year.
o A person can be fined or sent to prison.
o “Fifteen fired, eight disciplined for looking at medical records of octuplet mother.” FoxNews.com March 2009
o “CVS Pays $2.25 Million to Settle HIPAA Privacy Case” HHS.gov Feb 2009
o “Staff nurse faces jail time for copying medical record with intent to do malicious harm. Possible 10 years in prison, fine of $250,000. The nursing board is seeking to revoke her license.” Renal and Urology News Oct. 2008
![Page 8: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/8.jpg)
A Closer look at PHI
o Pay attention to information that gives details about who a person is:
o Nameo Social Security Number, Account Number, MRNo All or part of an addresso Phone or fax numbero Drivers License number, license plateo Date of Birtho Admission or discharge dateo Tattoo's
When combined with health information these could be considered PHI. Health Information is protected if it could be used to identify somebody.
![Page 9: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/9.jpg)
Examples of PHI:
o Medical recordo Prescription label o An x-rayo Doctor’s notes about a
patiento A letter giving patient
test resultso Facesheeto Waste material that
contains personal information- patient label
o Information sent from one place to another- computer, fax, phone or mail.
o Computer monitors that can be seen by the public
o Information that you say ALOUD.
o Facebook, pictures of patients.
To name a few!!!
![Page 10: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/10.jpg)
HIPAA Rule: Minimum Necessary
o Only access PHI you need to do your job.
o Any time you share PHI with others provide only the information the other person or organization needs.
![Page 11: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/11.jpg)
General rules for disclosing and using PHI
o You may disclose or use PHI for health-care purposes.
Treat a patient
Get payment for health-care servicesContinuity of CareQuality AssessmentFraud and Compliance programsCompetency activities –accreditationFederal/State AgenciesSuspected abuse or neglectOrgan donation
![Page 12: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/12.jpg)
Permitted disclosures
o T-Treatmento P-Paymento O-Health care operations
In all instances, strict regulations apply.
![Page 13: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/13.jpg)
Incidental disclosures of PHI
o When PHI is seen or heard by someone who does not need to know.
o Even though UTMC has taken appropriate steps to limit the information shared or keep the information private.
Example-nurses stations or two patients in the same room
![Page 14: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/14.jpg)
Getting authorization to disclose information
o Authorization to disclose PHI must be obtained when
o Provided to insurer or other business for marketing
o Information is communicated to an employer (pre-employment physical)
![Page 15: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/15.jpg)
Some Do’s and Don’ts when talking about patients
DO’s
o Speak quietly when possible
o Avoid using patient names in hallways and public areas
o Share information needed to treat the patient
o Use a private space to discuss patient information
DON’Ts
o Share PHI with people who don’t need to know it to do their job
o Share PHI you are not authorized to disclose
o Let privacy issues keep you from treating the patient properly
![Page 16: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/16.jpg)
Safeguard guidelines
o Shut and lock doors when leavingo PHI should be not visible or audibleo Computer monitors should be turned away
from the direction of public viewo Copy only the minimum necessaryo Securely dispose of all PHI o Home offices subject as wello Record storage areas must be secure
![Page 17: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/17.jpg)
Safeguard guidelines cont.
o Printers and Fax Machines must be secure
o Unauthorized personnel may not be left alone without supervision
o Policies apply to any Portable Device or LAPTOP
o Visitors must be accompaniedo EVERYONE is responsible for PHIo DO NOT SHARE YOUR LOG-IN OR
PASSWORDS!
![Page 18: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/18.jpg)
Protect printed PHI
o Where is printed PHI?o Patient charto Wrist tago Prescription bottleo Lab reporto X-rayo Log sheets/patient listso Patient mailing listo Faxes
o ALWAYS use a shred bin for printed PHI!
![Page 19: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/19.jpg)
Patient rights
o They have themo They know themo Respect them
![Page 20: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/20.jpg)
Your responsibility
o Know policies and practice appropriate procedures within your unit
o If unsure, ASK
![Page 21: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/21.jpg)
FERPA
o The Family Educational Rights and Privacy Act of 1974
o Protects students educational/treatment records.
![Page 22: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/22.jpg)
Public records
o The University of Toledo’s operational functions are considered public records.
o Emailso Reportso Contracts
![Page 23: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/23.jpg)
President Obama legislative changes to HIPAA
o Health Care Reformo American Recovery & Reinvestment
Act of 2009 (ARRA)
o New requirements will include:
o Notification of HIPAA breacheso Application of HIPAA to BA’so Restrictions requested by patientso Electronic Health Recordso Increased penalties and enforcement
o HITECH Act
![Page 24: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/24.jpg)
How do I report….
o Report concerns in these steps:o First to your professoro Advisor or Dean of Collegeo Student Academic Affairso Compliance/Privacy Officer, x 6933
![Page 25: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/25.jpg)
What are my rights….
o Non-retaliation policyo Qui tam provisions (“whistleblower” )
![Page 26: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/26.jpg)
Quiz questions
o Who’s the Compliance/Privacy Officer?o Name 3 safeguards for PHI?o What does HIPAA stand for?o Name 3 examples of PHI.o Can you be held personally responsible
for a HIPAA violation?o What is minimum necessary?o If you are unsure, what should you do?o PHI used for TPO are permitted
disclosures, what does TPO stand for?
![Page 27: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/27.jpg)
COMPLIANCE
It’s YOUR Responsibility.
![Page 28: WELCOME to The University of Toledo Lynn Hutt Compliance/Privacy Officer.](https://reader035.fdocuments.in/reader035/viewer/2022062712/56649c985503460f94954c6c/html5/thumbnails/28.jpg)
Questions?