3. In Jacksonville FL
An employee’s teenage girl was
left unattended in a hospital and
she looked up patient’s phone
numbers and phoned them to
tell them they had tested
positive for HIV. One of them
attempted suicide.
4. In Rapid City SID
A medical student “stole” the
records of a mental health patient to
do a research paper. He then threw
them away in the dumpster of a fast
food restaurant. A person found
them and gave them to a newspaper
reporter
5. In Miami FL
Hundreds of JMH employees
browsed through the records
when Italian designer Gianni
Versace was transferred to this
facility, even though few of them
were actually involved in the
case.
6. What is HIPAA?
H…health
I…insurance
P…portability
A…accountability
A…Act
7. HIPAA…Definition
A US law designed to provide privacy
standards to protect patients' medical
records and other health information
provided to health plans, doctors,
hospitals and other health care
providers.
(http://www.medterms.com/script/main/art.asp?
articlekey=31785)
8. HIPAA
The
Health Insurance Portability and Accountability
(HIPAA) was passed on August 21, 1996
The final version of the HIPAA Privacy
regulations were issued in December 2000,
and went into effect on April 14, 2001
(http://www.hipaaps.com/main/background.html)
9. What is health insurance
accountability?
A patient’s health information is to
be kept private and secure. Only
people who MUST have information
about the client to provide care or to
process client’s records should
know his/her private health
information
10. What information must you
protect?
• Information you create or receive in the course of
providing treatment or obtaining payment for
services or while engaged in teaching and research
activities, including:
Information related to the past, present or future
physical and/or mental health or condition of an
individual
Information in ANY medium − whether spoken,
written or electronically stored − including videos,
photographs and x-rays
11. Protected Health Information (PHI)
A person who passes a computer screen
or a fax machine, the individual cleaning
your hospital room or any other person
talking in an elevator SHOULD NOT learn
anything about a patient’s health
information because it is private. It must
be protected – and it is called Protected
Health Information (PHI).
12. Protected Health Information (PHI)
HIPAA defines PHI as individually identifiable health information
including:
Name, geographic information (address,
city, zip code, etc), birth date, admission
date, discharge date, date of death,
phone/fax/cell number, email address, SS #,
account #, insurance #, license #, vehicle ID,
URL, IP address, photograph, and/or any
unique identifier.
13. "WRONGFUL DISCLOSURE OF
INDIVIDUALLY IDENTIFIABLE HEALTH
INFORMATION”
"SEC. 1177. (a) OFFENSE.--A person who
knowingly and in violation of this part—
uses or causes to be used a unique health
identifier;
obtains individually identifiable health
information relating to an individual; or
discloses individually identifiable health
information to another person,
shall be punished…
14. PENALTIES
be fined not more than $50,000, imprisoned not
more than 1 year, or both;
if the offense is committed under false
pretenses, be fined not more than $100,000,
imprisoned not more than 5 years, or both; and
if the offense is committed with intent to sell,
transfer, or use individually identifiable health
information for commercial advantage, personal
gain, or malicious harm, be fined not more than
$250,000, imprisoned not more than 10 years, or
both
http://aspe.hhs.gov/admnsimp/pl104191.htm#1176
15. Definition
falsepretense - (law) an offense
involving intent to defraud and
false representation and
obtaining property as a result of
that misrepresentation.
16. HIPAA Privacy Rule & Preemption
If a state or federal law or regulation
grants the client greater access to their
PHI, then it will preempt HIPAA
If a state or federal law or regulation gives
the client health information greater
protections from disclosure then it will
preempt HIPAA
17. Ways to Protect Privacy
Refrainfrom talking about
your patients/clients in public
places: cafeteria, elevator, by
the water cooler, in lounges,
waiting rooms or parking lot.
18. Ways to Protect Privacy
Make sure no one can see your computer
screen while you are working
Never share your access code
Log off when you leave your work
area/computer
Change your password and notify your
supervisor if your password becomes
known by anyone else
19. Ways to Protect Privacy
Never leave information on voice-mail or
emails…you don’t know who has access
to those messages
Leave only your name and number on
your client’s answering machine when
you ask him/her to call you back
Make sure you are in a private area when
you listen to or read your messages
20. Ways to Protect Privacy
Make sure no one around you can overhear
your conversation, especially in an office or
waiting room
Never leave documents unattended:
– Store, file, shred or destroy according to
your agency/school policy
21. Ways to Protect Privacy
Make sure fax numbers are correct and
use a cover sheet with a confidentiality
statement.
Give your supervisor forms or materials
with client information you find in places
such as:
– a classroom or lounge, cafeteria, floor or
wastebasket.
22. Ways to Protect Privacy
If you happen to see a client in a public
place, be careful when greeting him/her.
They may not want others to know they
have been a client
If a client comes to your office with
another person, s/he may not want that
person to hear his/her private information,
so ask the person to wait outside
23. Question
1. A staff person whom you supervise clinically
finds you in the staff break room and starts
describing a counseling session s/he had with a
client today so that s/he can ask for your advice.
How would you handle the situation?
A. Let the staff person describe the details so
that you can provide him/her with guidance.
B. Politely remind him/her that you are in a
public area and ask him/her to accompany you to
your office so that you can discuss this in
private
C. Ask him/her to get authorization from the
client before s/he discusses it further.
24. Question
Areyou willing to risk being
fined, losing your job, your
license, or going to jail because
you don’t follow the legal, the
ethical, the RIGHT thing to do?
25. THANK YOU
Questions?
carlos@carlosFmartinez.com