![Page 1: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/1.jpg)
HIPAA Training – Part I Health Insurance Portability and Accountability Act
![Page 2: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/2.jpg)
THE LAW AND THE BASICS
![Page 3: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/3.jpg)
Our Goals
•Define what HIPAA is.•Learn simple ways to protect information.•Learn how to continually develop procedures.•Learn how to continually give training.•Discuss the following 3 items:• Regulations and Glossary of Terms• Forms & Records• Policies & Procedures
HIPAA
![Page 4: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/4.jpg)
The HIPAA Law
•Quite simple.•Gives a general policy outline.•Quite vague on procedures and specifics.•Up for interpretation.
HIPAA
![Page 5: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/5.jpg)
The HIPAA Law
•Attorneys interpret it and give you a scary outlook.•Medical professionals who have researched the law give you a much more comfortable outlook.
HIPAA
![Page 6: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/6.jpg)
The Basics
•Privacy•The more electronic the world gets, the easier it is to steal information.•Bank accounts•Credit cards
HIPAA
![Page 7: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/7.jpg)
The Basics
Privacy Act•Telemarketers•Personal identity thieves•Lost identity•Electronic billing
HIPAA
![Page 8: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/8.jpg)
The Government and Personal Information
•Freely talked about.•Freely passed around.•Freely entered and passed online.•Freely stolen.
HIPAA
![Page 9: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/9.jpg)
The Government and Personal Information
•HIPAA Privacy Act was created in 1996 to protect patients’ rights•Enforcement began in 2003•Heavier enforcement in April 2005 when HIPAA Security came in to affect
HIPAA
![Page 10: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/10.jpg)
Electronic Billing
45 daysvs.
28 days
HIPAA
![Page 11: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/11.jpg)
Electronic Billing
•Insurance Companies•Coding
• Dentists are already using CDT-5.• Physicians are currently using ICD-10.
![Page 12: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/12.jpg)
Electronic Billing
•Insurance Companies•Health Identification Numbers
• Used instead of Social Security Numbers.
![Page 13: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/13.jpg)
HIPAA Law
•One more scary thing…•You have to pay the fines—not the doctor.•$250,000 and/or 10 years in federal prison
HIPAA
![Page 14: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/14.jpg)
What Do You Have to Do to Protect Information and to Avoid the Fines?
• Understand and have answers to two basic questions.
• Continually have training.• Keep records.
HIPAA
![Page 15: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/15.jpg)
The Two Questions…
• Do I have the patient’s permission?• What have I done to protect the patient’s
privacy?
HIPAA
![Page 16: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/16.jpg)
Due Diligence
• Having an answer for each question.• You can’t be fined for doing due diligence.• They can have you change something,
but they can’t fine you.
HIPAA
![Page 17: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/17.jpg)
Due Diligence
• Can I call a person by their name?• Can I leave information on a patient’s
voicemail or answering machine?• Can they sign in on the sign-in sheet?
![Page 18: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/18.jpg)
Creating Diversion
• TV in the lobby.• Interesting magazines.• Good volume of music.
![Page 19: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/19.jpg)
The Seriousness of the Law
Why Would Anybody Steal Chart Information?• Personal Identity Theft• Money
HIPAA
![Page 20: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/20.jpg)
The Seriousness of the Law
Why is that important?• Unsupervised, outside service doing
business in this office• Cleaning Service• Repair Service• Charts
HIPAA
![Page 21: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/21.jpg)
The Seriousness of the Law
Penalties• $250,000 with the intent to sell, transfer or use
information for commercial advantage, malicious harm or personal gain. (CA Law - $250,000), and/or
• 10 years in federal prison for personal and financial gain.• The doctor will be charged $100 per chart up to
$25,000. (CA law - $2,500)• Knowing and willful
– $100,000 and 5 years in prison. (CA law - $25,000)
![Page 22: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/22.jpg)
The Seriousness of the Law
Penalties• If it is traced back to an employee causing the
breach, then the same fine applies to them.• If you are answering those two questions and
doing due diligence then you have nothing to worry about.
![Page 23: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/23.jpg)
Protected Health Information (PHI)
PHI - Any information that can identify the patient’s health information• Name, Address, • DL#, SS#• Telephone numbers• FAX numbers• E-mails• Medical records numbers• Health plan beneficiary numbers• Account numbers• Certificate/ license numbers
![Page 24: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/24.jpg)
Protected Health Information (PHI)
PHI - Any information that can identify the patient’s health information• Vehicle numbers• URLS• IP address• Finger, Voice, Teeth or Retina prints• Photographic Images
![Page 25: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/25.jpg)
Securing the PHI
Secure Information• Charts• Appointment Books• Message Pads
![Page 26: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/26.jpg)
Securing the PHI
Charts• HIPAA says that charts must be secured.• Close the office door after hours. Lock it. The
janitor doesn’t need to be in there.
![Page 27: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/27.jpg)
Securing the PHI
Charts• Turn charts over and away
from viewing the PHI.
![Page 28: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/28.jpg)
Securing the PHI
Appointment Books• Turn them over or close them after use.• Place them in a drawer after hours.
![Page 29: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/29.jpg)
Securing the PHI
Message Pads/Sticky Pads• Cover them • Don’t plaster the sticky notes all over a
viewable wall.• Shred all information to be discarded.
![Page 30: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/30.jpg)
Securing the PHI
Shredders• Shredding is mandatory.• Crosscut shredders are the best.• Can be done at the office. • Can be done by an outside service.
![Page 31: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/31.jpg)
Securing the PHI
Shredder Trucks• Use a truck that shreds at your office• Don’t use one that takes your charts away and
says they will shred it at their site
![Page 32: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/32.jpg)
How Long Do I Have To Keep Charts
• Seven years for adults• The Dental Association recommends 10
years.• 20 years for children.• If a minor leaves your practice before
they become an adult, then their childhood records need to be kept for 20 years after their last appointment.
![Page 33: HIPAA Training – Part I Health Insurance Portability and Accountability Act](https://reader035.vdocuments.us/reader035/viewer/2022062620/551a2691550346545e8b468b/html5/thumbnails/33.jpg)
How Long Do I Have To Keep Charts?
It is best to keep them at least
30 years, if not indefinitely.