Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Do you really want to delete this prezi?
Neither you, nor the coeditors you shared it with will be able to recover it again.
Make your likes visible on Facebook?
Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.
Transcript of HIPAA
A mazing Prezis
A ll their
A ssociation dues
See how many you can get right!
Being careful to manage what is said (i.e. client names) in the waiting room or in a hallway
Having a detailed and formal complaint process
Tiering employee access to certain files
Corresponding with your supervisor over email about clients' personal health information
Keeping your fax machine in a monitored location
Hiring a privacy officer on staff
Hiring a training director to convey HIPAA procedures
Telling clients that a cell phone call may not necessarily be confidential
Discuss together in triads
Your supervisor is requesting that you email her the detailed notes of all of your counseling sessions. You've also noticed that your supervisor is careless with the way she manages her laptop - in fact, yesterday you watched a parent reading the screen while they waited for her to get paperwork from outside the office. How do you address the situation?
Your supervisor frequently tries to have conversations with you about students in public areas of the school, such as the front lobby, and even when parents are around. How do you address the situation?
You notice that a new client has signed up for an appointment with you and that their mailing address is one number different from another client's (concluding that they are neighbors). They are currently scheduled to have their sessions back-to-back on a Tuesday. What should you do?
You notice that your peer in your cohort has shared a story from their site on Facebook and mentions the client by name. Should you approach your peer, and if so, how?
Different Professional Codes?
What is HIPAA?
Health Insurance Portability and Accountability Act of 1996
Standards and practices to protect patients’ privacy
Protected Health Information (PHI)
Streamline healthcare across the country with regards to patient information storing/sharing
Comes in two primary parts: Privacy, and Security
In almost all situations overrides state law
But does HIPAA apply to me?
HIPAA applies to you if you are a "Covered Entity"
You are a covered entity if:
You work in mental health care
You're not already covered by FERPA
You handle any PHI
Don't kid yourself. It will apply to you.
HIPAA Also applies to your business associates
Outside billing services etc.
What is "Protected Health Information"(PHI)?
Any health information that is personally identifiable:
Name, Age, SS#, care provided
De-Identified data is not regulated
HIPAA Privacy Rule
HIPAA Security Rule
Whenever disclosures are necessary, only disclose as much information as is necessary to facilitate care.
To the individual themselves upon request
With regards to treatment, payment, or health care operations
Psychotherapy notes are afforded additional protection
With informal consent where the client is given the opportunity to Agree or Object
Public Interest (Continued on next slide)
Public Interest Disclosures
Required by law
Public health activities
Certain diseases are required by law to be reported
Most identifying information must be stripped
Serious imminent threat
Worker’s Comp/OSHA requests
Essential Government Functions
National Security is wedged in here
HIPAA Security Rule
Provisions for the safeguarding of PHI/EPHI
Administrative, Physical, and Technical Safeguards
Any policies you adopt must be extensively documented
Recent changes (HITECH 2009)
Burden is on you to prove health information wasn't misused
Includes provisions for reporting of breaches
Size of the breach/Risk assessment
Required reporting thresholds
HITECH Recently Revamped Penalties for HIPAA Violations
Penalties are tiered
Willful neglect (Corrected)
Willful neglect (Uncorrected)
Idaho State University fined $400,000 in 2012
After a rough start to counseling your client asks you for a referral and as a result asks you to sent your notes to the new counselor. Under HIPAA you are only obligated to send the parts of the notes that relate to the client's problems. Do you whitewash the remainder to cover up any fights or mistakes?
Education Records VS PHI
Knapp Ch. 7 & 8
Centers for medicare and medicaid services
Who has access to a person's PHI
How to keep that information safe