HIPAA Understanding Your Responsibilities Under the Health Insurance Portability and Accountability Act Tacoma Fire Department
About Me • Deputy Chief of Administration • 21 years with Tacoma Fire Dept. • 15 years as FF/Paramedic • 7 years of in-hospital experience • HIPAA Privacy Officer since 2009 Tacoma Fire Department
Disclaimers and Ground Rules • I am not an attorney • I am not a “HIPAA Expert” • I am risk averse (i.e., conservative interpretation) • Please do not share your violations here – Opportunity for self-assessment Tacoma Fire Department
What is HIPAA? • Origins in insurance and billing • Key elements: – Protected Health Information – Covered Entities & Business Associates – Disclosure – Accountability Tacoma Fire Department
Key Elements of HIPAA • Protected Health Information (what) – Individually identifiable health information – Relates to the past, present, or future condition, care, or payment – Includes info in any form or medium that can reasonably be used to identify an individual Tacoma Fire Department
Key Elements of HIPAA • Protected Health Information (what) – Examples • Patient care documentation • Dispatch info • Call intake records • Verbal discussions • Digital images or videos Tacoma Fire Department
Key Elements of HIPAA • Covered Entities and Business Associates (who) – Covered entity (CE): • Healthcare provider who transmits any health information in electronic form in connection with a transaction covered by HIPAA (includes users of third-party billing) – Business Associate (BA): • Perform work for or with a CE utilizing PHI Tacoma Fire Department
Key Elements of HIPAA • Disclosure (where, when, why, and how) – General rules: • Requires patient authorization • Allowed for treatment, payment, and healthcare operations • “Minimum necessary” Tacoma Fire Department
Key Elements of HIPAA • Accountability (where, when, why, and how) – Record maintenance & security – Documented history of record access, use and disclosure Tacoma Fire Department
What’s New? • Enforcement • Business Associate Requirements • Breach Notification • Notice of Privacy Practices • Mental Health PHI Tacoma Fire Department
Common HIPAA Pitfalls • PHI Security – Unsecured – Secured (ePHI) • Admin., physical, and technical • Remote access/Cloud storage – Lessons learned • Case studies Tacoma Fire Department
HIPAA Resources • 45 CFR Parts 160, 162, & 164 • www.HHS.gov – OCR • RCW 70.02 • Discipline-specific organizations Tacoma Fire Department
Questions? Tacoma Fire Department
Recommend
More recommend