Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Transcript of HIPAA
What is HIPAA?
Health Insurance Portability and Accountability Act , effective 2003, protects privacy of health information
UGARC is responsible to protect all service and health information of individuals we support
Penalties for HIPAA breaches include fine for both agency and person, and could result in jail time for both deliberate and inadvertent breaches.
What is considered Personal Health Information (PHI)?
Individual's medical diagnosis (including disability)
How services will be paid for (medicaid eligibility)
Information that identifies the individual in conjunction with services/diagnosis or which creates a vulnerability.
Health Information Portability and Accountability Act
When sharing PHI, how much do I share?
Minimum Necessary Standard:
Tell as little as the person needs to know to
effectively provide service. This should not impede the free flow of information to ensure comprehensive treatment.
When do I need special consent? How do I get it?
What are the steps needed to protect PHI?
Discussion-Do not discuss PHI in public places where you can be overheard.
Fax- use cover sheet, ensure an authorized person is there to receive.
Must be password protected.
Never share password.
Face screen away from public view.
Log off when not on computer.
Do not send PHI unless it's encrypted.
Do not store pictures on cellphones.
Do not use public wi-fi
Do not send PHI with texts
Printer/copier-Stay with copy job. Don't leave anything in printer.
Check that authorization forms are
in place as needed
Ensure that Disclosure forms are used as needed.
Immediately report any breaches
When can I disclose PHI without consent?
Shred all PHI
What do I do when someone asks me for PHI?
Authorization form needed get consent from individual/legal guardian to release PHI to new services, marketing/publicity
Ensure that they fully understand what they are signing.
How do I report a HIPAA breach?
Business hours: 331-4300 ext 275
Off hours:QM hotline number:
When can PHI be shared?
For Payment (billing)
For Health Operations (quality management and oversight)
Tell them UGARC has a HIPAA policy.
Requests need to be made in writing.
Form must be reviewed by supervisor/Privacy officer.
Authorization form needs to be filled out.
Still need disclosure form, except for
Public health and safety