2. Learn more about:
◦ Privacy rights
◦ Health Information Portability & Accountability Act
(HIPAA)
◦ Protected Health Information (PHI)
◦ When it is acceptable to use patient information
◦ Patient rights
◦ How to protect patient confidentiality and privacy
3. Amendment I – Privacy of beliefs
Amendment II – Privacy of the home
Amendment IV – Privacy of the person and
possessions
Amendment IX – More general protection for
privacy
Source: The Right of Privacy
4. Enacted in 1996
HIPAA is a Federal law that…
◦ Protects the privacy and security of patient information
◦ Provides for electronic and physical security of health
and patient medical information
◦ Simplifies billing and other transactions
Under HIPAA, releasing health information to
inappropriate parties or failing to properly
protect PHI is illegal
Organizations may be fined and violators
imprisoned
5. PHI:
◦ Can be written, electronic, or spoken/heard
◦ May include financial information
◦ Is anything that can be used to identify a patient
Medical information is PHI if it can be
connected to a specific patient
PHI can be shared through use and disclosure
6. A breach of PHI is the unauthorized use,
disclosure or acquisition of unsecured PHI
Breaches include:
◦ Employees accessing medical records without a
job-related purpose,
◦ Improper disposal of PHI
◦ Posting of PHI on social media site
◦ Faxing of PHI to incorrect number or mailing to
incorrect address
◦ Contacting friends or family member when patient
is recognized
◦ Losing an unencrypted jump drive
7. Government requests
Treatment
Payment
Healthcare operations
Research with IRB approval
Patient authorized
Source: HIPAA Training
8. To control the sharing of PHI, patients have the
right to:
◦ Receive a copy of privacy practices
◦ Review and copy their medical record
◦ Make amendments to their medical record
◦ Receive a list of certain disclosures
◦ Request confidential communication
◦ File a complaint with the Department of Health and
Human Services
9. To ensure patient privacy and confidentiality
are protected:
◦ Properly dispose of any document that contains PHI
◦ Verify fax number before sending PHI
◦ Ensure privacy before having discussions regarding
confidential health information
◦ Safeguard medical records
◦ Respect employee privacy rights
◦ Do not discuss or share any PHI
Source: The Right of Privacy
10. It is everyone’s responsibility to ensure the
privacy of patients and their health information
are protected!