Add to collection(s) Add to saved
  1. Science
  2. Health Science

POP QUIZ!!

advertisement 
POP QUIZ!!
• What does CMS stand for?
• What does HIPAA stand for?
• Which is a record of all of your visits with one
doctor, EMR or EHR?
• Documents in a medical file are considered
what kind of documents?
• In a patient’s chart, if something is
SUBJECTIVE, what does that mean?
POP QUIZ!!
• What does CMS stand for?
– Centers for Medicare and Medicaid Services
• What does HIPAA stand for?
– Health Insurance Portability and Accountability Act
• Which is a record of all of your visits with one
doctor, EMR or EHR?
– Electronic MEDICAL Record
• Documents in a medical file are considered what
kind of documents?
– Legal documents
• In a patient’s chart, if something is SUBJECTIVE,
what does that mean?
– It’s in their own words.
HIPAA, HITECH, and Medical Records
2
Lecture 2
2.3 Covered Entities and Business
Associates
2-12
• Electronic data interchange (EDI)—system-tosystem exchange of data in a standardized
format
• The electronic exchange of health care
information is called a transaction
2.3 Covered Entities and Business
Associates (Continued)
• Health care organizations that must obey HIPAA
regulations are called covered entities (CEs)
– Transmit information electronically
• Clearinghouse—company that helps providers
handle electronic transactions and manage EMR
systems
• Business Associates (BA)—organizations that
work for covered entities but are not themselves
CEs
– Law firms; outside medical billers, coders, and
transcriptionists; accountants; collection agencies
2-13
2.4 HIPAA Privacy Rule
2-14
• HIPAA Privacy Rule—law regulating the use and
disclosure of patients’ protected health
information (PHI)
• Protected health information (PHI)—individually
identifiable health information that is transmitted
or maintained by electronic media
• Both use and disclosure of PHI are necessary and
permitted for patients’ treatment, payment, and
health care operations (TPO)
2.4 HIPAA Privacy Rule (Continued)
2-15
• Minimum necessary standard—taking
reasonable safeguards to protect PHI from
incidental disclosure
• Designated record set (DRS)—CE’s records that
contain PHI
• Notice of Privacy Practices (NPP)—description of
a CE’s principles and procedures related to the
protection of patients’ health information
• For use or disclosure other than for TPO, a CE
must have the patient sign an authorization
2.4 HIPAA Privacy Rule (Continued)
• Health information can be released for
reasons other than TPO in some cases
– Subpoena—order of a court for a party to appear
and testify
– Subpoena duces tecum—order of a court
directing a party to appear, testify, and bring
specified documents or items
– De-identified health information—medical data
from which individual identifiers have been
removed
2-16
2.5 HIPAA Security Rule
2-17
• The HIPAA Security Rule requires CEs to
establish safeguards to protect PHI
– Encryption—method of converting a message into
encoded text
– Password—confidential authentication
information (the key)
2.6 HITECH Breach Notification Rule
2-18
• HITECH Act requires CEs to notify affected
individuals following the discovery of a breach
of unsecured health information
• Breach—impermissible use or disclosure of
PHI that could pose significant risk to the
affected person
• Breach notification—document notifying an
individual of a breach
2.7 HIPAA Electronic Health Care
Transactions and Code Sets
2-19
• HIPAA Electronic Health Care Transactions and
Code Sets (TCS)—rule governing the electronic
exchange of health information
– Under HIPAA, a code set is any group of codes used
for encoding data elements
• HIPAA National Identifier—identification systems
for employers, health care providers, health
plans, and patients
– National Provider Identifier (NPI)—unique ten-digit
identifier assigned to each provider
2.8 Fraud and Abuse Regulations
2-20
• HIPAA created the Health Care Fraud and Abuse
Control Program to uncover and prosecute fraud
and abuse
• The HHS Office of the Inspector General (OIG)
has the task of detecting health care fraud and
abuse and enforcing all the related laws
– Has the authority to investigate suspected fraud cases
and to audit the records of physicians and payers
– Audit—formal examination of a physician’s records
2.8 Fraud and Abuse Regulations
(Continued)
• Qui tam—cases in which a relator accuses
another party of fraud or abuse against the
federal government
• Relator—person who makes an accusation of
fraud or abuse
2-21
Related documents
Understanding HIPAA Compliance
Understanding HIPAA Compliance
HIPAA & State Confidentiality Provisions for PHI (40k doc)
HIPAA & State Confidentiality Provisions for PHI (40k doc)
Risk Assessment
Risk Assessment
“You have the Right”
“You have the Right”
HIPAA Factsheet
HIPAA Factsheet
BAA Model Response Letter (Modify information as indicated in the
BAA Model Response Letter (Modify information as indicated in the
Presentation Slides
Presentation Slides
Emergency Department FAQs
Emergency Department FAQs
Module 9-Confidentiality & HIPAA
Module 9-Confidentiality & HIPAA
HIPAA Gap Assessment/Risk Analysis
HIPAA Gap Assessment/Risk Analysis
Mandatory Electronic Prescribing
Mandatory Electronic Prescribing
HIPAA Compliance - Practice Greenhealth
HIPAA Compliance - Practice Greenhealth
Practicing in Harmony with HIPAA
Practicing in Harmony with HIPAA
HIPAA Breach Notification Rules for Physicians
HIPAA Breach Notification Rules for Physicians
Confidentiality of Medical Information Version 3
Confidentiality of Medical Information Version 3
Module 4 - HHS HIPAA Training for State Attorneys General
Module 4 - HHS HIPAA Training for State Attorneys General
See - National CLE Conference
See - National CLE Conference
Discussion of Select Federal and State Health Privacy Laws
Discussion of Select Federal and State Health Privacy Laws
Understanding Healthcare Legislation & Terminology
Understanding Healthcare Legislation & Terminology
File
File
HIPAA Update PowerPoint Presentation—Kearney 2003
HIPAA Update PowerPoint Presentation—Kearney 2003
Download
advertisement