Introducing
Your new presentation assistant.
Refine, enhance, and tailor your content, source relevant images, and edit visuals quicker than ever before.
Trending searches
Start
Health Information Technology for Economical and Clinical Health
Updated the standards for HIPAA privacy and security provisions
It’s common sense
Ways in which you can ensure a patient’s information is protected
All Huntsville Pediatric and Adult Medicine Associate employees must be trained on HIPAA policies and specific procedures which may affect the work you do. The rules apply to you when you look at, use, or share protected health information.
Protected Health Information (PHI) is:
Notice of Privacy Practice allows PHI to be used and disclosed for purposes of TPO
HIPAA stands for the Health Information Portability and Accountability Act
A federal law that specifies administrative simplification provisions that:
Privacy and Security Training explains:
In order for Huntsville Pediatric and Adult Medicine Associates to use or disclose PHI:
Good security standards follow the “90/10” Rule:
The correct answer is A.
Information can only be used as needed for your job
A. You may not discuss any patient information with anyone unless required for your job
Double check !!
Verify that you are giving documents to the correct patient.
Check printers, copiers and faxes when you are done using them.
Don't leave hard copies of
PHI laying on your desk
Question and Answer
My co-worker’s husband notified me that my co-worker was recently admitted to the Emergency Department and won’t be coming into work tomorrow. My co-worker and I have a great relationship, and I’d like to know how she’s doing. May I access her records to check on her condition?
A. It is okay as we are friends, so I’m sure she wouldn’t mind me looking at her records.
B. I already have approval to access patient clinical systems, so no one will know I accessed it.
C. It is not necessary for my job, so I would be violating the patient’s privacy by accessing her records. I should contact her husband to check on her condition
Privacy breach occurs when information is:
I do not work with patients or have access to medical records, however I see patients pass by my desk in the clinic. Can I talk about the patients with my coworkers, family and friends even if it has nothing to do with my job?
A. You may not discuss any patient information with anyone unless required for your job
B. You may only talk about the patient with coworkers
C. You may only talk about the patient with your family and friends
As an employee of HPAM, you are responsible to follow policies and procedures to protect the privacy and security of all protected Health information.
I called a patient’s phone number and left a voice mail for Mr. John Smith to contact UCSF regarding his scheduled thyroid surgery. Was this a privacy breach?
A. No, the patient provided his phone number
B. Potentially, I stated his name and medical procedure
C. No, I did not state the medical reason for the surgery
Is the Facebook post below a privacy breach?
A. Yes
B. No
Profile
Name: Jane Doe
Lives In: San Francisco, CA
Works At: Patient Coordinator at the Helen Diller Family
Comprehensive Cancer Center UCSF Medical Center
September 4, 2013 at 3:12PM:
Jane writes: “OMG, I was just face to face with someone REALLY famous in my clinic today… so sad though, she was just diagnosed with stage 3 breast cancer. :(“
Profile
Name: Jane Doe
Lives In: San Francisco, CA
Works At: Patient Coordinator at the Helen Diller Family
Comprehensive Cancer Center UCSF Medical Center
September 4, 2013 at 3:12PM:
Jane writes: “OMG, I was just face to face with someone REALLY famous in my clinic today… so sad though, she was just diagnosed with stage 3 breast cancer. :(“
The correct answer is A.
Even though Jane tried to de-identify the information by omitting the celebrity’s name, it is still PHI.
Remember: PHI = Health Information + one or more of the 18 PHI identifiers
Health information: celebrity’s diagnosis (breast cancer)
Identifier: Date of service
Someone may have seen a celebrity walk to the medical center practice on 9/4/13, or saw a celebrity’s name on the practice’s 9/4/13 schedule; IF SO…
This post reveals to that the celebrity has breast cancer
Best Practice: Do not share on social media any details of a patient situation you experienced at work.
The correct answer is B.
Patient name in conjunction with any medical information constitutes PHI. You do not know who will hear the message; the patient may not have told his family, friend or roommate. It is best practice to leave the minimum amount of information needed: your name, phone number, and that you are from UCSF. Never leave PHI on an answering machine. Ask your supervisor for the voicemail procedure in your area.
B. Potentially, I stated his name and medical procedure.
You are very upset because a young patient of yours has just coded and was not able to be resuscitated. You want to share this experience and your thoughts and feelings with your family and friends on Facebook. What must you consider before doing this?
A. Posting this on Facebook is OK as long as you do not identify the patient by name, or identify the hospital, and you are limiting the recipients to your friends and family.
B. You cannot post anything on Facebook that could possibly lead to identification of the patient.
The correct answer is B.
Facebook is considered a public domain, and anything you post there is considered public information.
Posting clinical details is a violation of your patients right to privacy and confidentiality without authorization.
Your Facebook profile may identify your place of work and your occupation. When linked with your posting, this provides additional details that may identify the patient.
Information you obtain from your patient/provider relationship is confidential.
B. You cannot post anything on Facebook that could possibly lead to identification of the patient.
The correct answer is C.
It is not part of your job – your access to your co-worker’s record would be for personal reasons. Therefore, accessing the record will be a violation of your co-workers privacy. Furthermore, your access to the record will automatically be recorded and is tracked. There could be serious consequences to your employment.
C. It is not necessary for my job, so I would be violating the patient’s privacy by accessing her records. I should contact her husband to check on her condition.
Finish