In-Training SessionIn-Training Session

The Health Insurance Portability and Accountability Act (The Health Insurance Portability and Accountability Act (HIPAAHIPAA) ) legally requires health providers and staff to protect all patient legally requires health providers and staff to protect all patient information.information. This information includes data that is written, verbal, or electronic

(Gaudio, 2007; Johnson & Weinstock, 2012).

Patient health information (Patient health information (PHIPHI) cannot be shared unless ) cannot be shared unless informed informed consent consent is given by patients ( Gaudio, 2007; Johnson & Weinstock, is given by patients ( Gaudio, 2007; Johnson & Weinstock, 2012).2012). PHI may be shared without consent in these three situations only:

For Medical Treatment

To Third-party payers for payment of health services

Health entities involved in providing healthcare services

PHI should ONLY BE SHARED with physicians, other health providers, third-party payers, and those entities specified in HIPAA guidelines (Johnson & Weinstock, 2012).

DO NOT SHARE PHI with other third parties without patients’ consent (Johnson & Weinstock (2012). BE DISCREET when exchanging PHI.

Discuss patient information in a secure location. If unavoidable, use a low voice so others may not

overhear conversation. Turn computer screens out of view from public

display. Turn over patients chart or documents when pausing

during a task.

Fines have to be PAID (Johnson & Weinstock, 2012).

Patients have the legal right to sue for violation of privacy as well for punitive damages

Patients also possess the right to file a complaint to the federal health agencies. Leads to investigations and more fines.

Of course, you face the possibility of UNEMPLOYMENT.

Health providers and staff are LEGALLY AND MORALLY responsible for protecting patients’ privacy.

Physicians and their staff UNINTENTIONALLY breach patients’ privacy on a daily basis (Johnson & Weinstock, 2012). Opportunities for privacy happens at every level of patient

care.

Consequently, breaching patient privacy and confidentiality can be quite easy and costly.

What Can You Do to Better Protect and Safeguard PHI?

Take daily extra precautions when handling PHI to keep confidentiality.

Avoid speaking openly where others could hear Move to a secure location Take phone calls in private areas Redesign office décor

Never use patient names or mention diagnoses Avoid office talk regarding patients

Do not use patients full name on fax coversheets

Make sure to log out a patient’s electronic health record and lock computer screen before leaving room (Johnson & Weinstock, 2012).

Turn over patient documents. Shred patient information not being used or unimportant. Look for ways you can reduce privacy and confidentiality

breaches within your workspace. Report incidents of breaches to manager or privacy officer (Vogt,

2005). If unsure about HIPAA policies, ask manager or privacy officer. Never Assume.

Do not access patient information unless related to work task (Vogt, 2005).

BE PROACTIVE, PROACTIVE, PROACTIVE!!!!!

If you notice or see any activity that could lead to privacy and confidentiality breaches: Speak up Discuss it with a Manager or privacy officer (Vogt, 2005).

Do not ignore—it affects us all!!!!

Gaudio, T. (2007). Clooney case puts patient privacy under microscope. NJBIZ, 20(45), pp. 1-1, 4. Retrieved from ProQuest. http://search.proquest.com/docview/228557375?accountid=32521

Johnson, L. J. & Weinstock, F. J. (2012). Correct patient privacy and confidentiality violations. Medical Economics, 89(8), pp. 37-38. Retrieved from ProQuest. http://search.proquest.com/docview/1021130855?accountid=32521

Vogt, N. (2005). Simplifying HIPAA for staff is one way to ensure good decisions are made about patient privacy. Journal of Health Care Compliance, 7(5), pp.75-76. Retrieved from ProQuest. http://search.proquest.com/docview/227930415?accountid=32521

Gaudio, T. (2007). Clooney case puts patient privacy under microscope. NJBIZ, 20(45), pp. 1-1, 4. Retrieved from ProQuest. http://search.proquest.com/docview/228557375?accountid=32521

Johnson, L. J. & Weinstock, F. J. (2012). Correct patient privacy and confidentiality violations. Medical Economics, 89(8), pp. 37-38. Retrieved from ProQuest. http://search.proquest.com/docview/1021130855?accountid=32521

Vogt, N. (2005). Simplifying HIPAA for staff is one way to ensure good decisions are made about patient privacy. Journal of Health Care Compliance, 7(5), pp.75-76. Retrieved from ProQuest. http://search.proquest.com/docview/227930415?accountid=32521