HIPAA is a federal law that protects individuals' privacy and security of personal health information. The law applies to students in all settings, including at school, clinical sites, and home. It outlines 7 patient rights regarding their health information and restricts sharing of personal information without permission. Students must protect privacy and confidentiality by only sharing protected health information with those who have a need to know in their role.
HIPAA applies to “PHI” (Protected Health Information).
PHI Information’s are those information that identifies who the health-related information belongs to. I.e. names, email addresses, phone numbers, medical record numbers, photos, driver’s license numbers, etc.
For an example if you have something that can identify a user together with health information of any kind (from an appointment, to a list of prescriptions, to test results, to a list of doctors) you have PHI that needs to be protected as per HIPAA regulations.
Leading your HIPAA Compliance Culture in 2016Lance King
http://hcsiinc.com
Breaches happen every day! Why not prevent having a breach turn into a 90 day audit? This presentation helps you develop your HIPAA Privacy and HIPAA Security program.
If interested in help, many companies are a hit and run operation. From day one and every quarter of the year, HCSI guides the compliance representative through the HIPAA process of preparing for an audit. The practice will have everything an auditor would need, resulting in the audit taking minutes instead of days.
Have you ever felt confused by HIPAA’s complex regulations? Even if you are well versed in the laws, there are still many headache inducing intricacies. In this webinar, an experienced HIPAA auditor will highlight the basics of HIPAA, its regulations, what you need to know about it, and how it may affect you, especially with a new wave of HHS audits looming. The webinar is designed for HIPAA novices and experts alike, and all questions are encouraged in this interactive session.
HIPAA applies to “PHI” (Protected Health Information).
PHI Information’s are those information that identifies who the health-related information belongs to. I.e. names, email addresses, phone numbers, medical record numbers, photos, driver’s license numbers, etc.
For an example if you have something that can identify a user together with health information of any kind (from an appointment, to a list of prescriptions, to test results, to a list of doctors) you have PHI that needs to be protected as per HIPAA regulations.
Leading your HIPAA Compliance Culture in 2016Lance King
http://hcsiinc.com
Breaches happen every day! Why not prevent having a breach turn into a 90 day audit? This presentation helps you develop your HIPAA Privacy and HIPAA Security program.
If interested in help, many companies are a hit and run operation. From day one and every quarter of the year, HCSI guides the compliance representative through the HIPAA process of preparing for an audit. The practice will have everything an auditor would need, resulting in the audit taking minutes instead of days.
Have you ever felt confused by HIPAA’s complex regulations? Even if you are well versed in the laws, there are still many headache inducing intricacies. In this webinar, an experienced HIPAA auditor will highlight the basics of HIPAA, its regulations, what you need to know about it, and how it may affect you, especially with a new wave of HHS audits looming. The webinar is designed for HIPAA novices and experts alike, and all questions are encouraged in this interactive session.
While this presentation offers a rudimentary understanding of HIPAA as it relates to PHRs, its primary objective is to highlight key aspects of PHR privacy policies provided by non-covered entities (Microsoft & Google) and argue that HIPAA, after significant amendments, should be extended to them.
The Health Insurance Portability and Accountability Act (HIPAA) was created primarily to modernize the flow of healthcare information, stipulate how Personally Identifiable Information maintained by the healthcare and healthcare insurance industries should be protected from fraud and theft, and address limitations on healthcare insurance coverage – such as portability and the coverage of individuals with pre-existing conditions.
https://www.hipaajournal.com/hipaa-training-requirements/
PowerPoint presentation from the Human Subjects Research Committee at the University of North Alabama,
in Florence, AL, concerning HIPAA policies and procedures.
While this presentation offers a rudimentary understanding of HIPAA as it relates to PHRs, its primary objective is to highlight key aspects of PHR privacy policies provided by non-covered entities (Microsoft & Google) and argue that HIPAA, after significant amendments, should be extended to them.
The Health Insurance Portability and Accountability Act (HIPAA) was created primarily to modernize the flow of healthcare information, stipulate how Personally Identifiable Information maintained by the healthcare and healthcare insurance industries should be protected from fraud and theft, and address limitations on healthcare insurance coverage – such as portability and the coverage of individuals with pre-existing conditions.
https://www.hipaajournal.com/hipaa-training-requirements/
PowerPoint presentation from the Human Subjects Research Committee at the University of North Alabama,
in Florence, AL, concerning HIPAA policies and procedures.
Mi essay-- Created using PowToon -- Free sign up at http://www.powtoon.com/ -- Create animated videos and animated presentations for free. PowToon is a free tool that allows you to develop cool animated clips and animated presentations for your website, office meeting, sales pitch, nonprofit fundraiser, product launch, video resume, or anything else you could use an animated explainer video. PowToon's animation templates help you create animated presentations and animated explainer videos from scratch. Anyone can produce awesome animations quickly with PowToon, without the cost or hassle other professional animation services require.
Weighing less than three pounds and the size of a rolled towel, the Piggyback Rider® child carrier is the first and only child carrier backpack that allows you to comfortably carry a child up to 60 lbs on your back. With the ease of a standard backpack, the Piggyback Rider® carrier provides a shoulder mounted foot bar for your child to stand on, integrated grab handles for your child to hold, and a safety harness to secure your child.
There are 7 major tax changes coming in 2013. Almost every American taxpayer will be affected by at least one of these rules.
GoodApril provides a quick summary of each of these major tax changes for 2013, including tax criteria, relevant thresholds, and basic details behind each.
The seven rules covered include:
- The Increase in the Employee Portion of the Social Security tax (FICA)
- The New High Income Tax Bracket of 39.6%
- The New 3.8% Net Investment Income Medicare Surtax
- The Increase in the Capital Gains and Qualified Dividend Tax Rate
- The creation of the 0.9% Medicare Surtax
- The new Personal Exemption phaseout ("PEP")
- The new Itemized Deduction phaseout ("Pease")
Get your free Tax Checkup from http://www.goodapril.com
HIPAA Boot Camp: A Step-by-Step Guide to Achieving ComplianceConference Panel
Join our HIPAA Boot Camp Webinar for healthcare practitioners and employees to learn the essentials of HIPAA laws and requirements upon initial employment and practice in the healthcare industry. Discover how to navigate the implementation of HIPAA mandates for medical records privacy, ensuring compliance with federal regulations protecting Protected Health Information. Stay up-to-date with new HIPAA rules through regular training and updates, as mandated by HIPAA itself. Don't miss this opportunity to enhance your understanding of HIPAA and safeguard patient privacy. Register for our HIPAA Boot Camp Webinar today!
Register,
https://conferencepanel.com/conference/hipaa-boot-camp-the-basics-of-exactly-what-you-need-to-know
Presentation was given by Jim Anfield to Chicago Technology For Value-Based HealthCare (https://www.meetup.com/Chicago-Technology-For-Value-Based-Healthcare-Meetup/).
This presentation discusses how to comply with HIPAA and HITECH privacy laws. Learn key terms such as Protected Health Information, the Privacy Rule and the Security Rule as well as major changes brought by HIPAA and HITECH.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Hipaa.ppt2
1. HIPAA
Health Insurance Portability and Accountability Act
• Federal law passed by Congress in 1996
• Regulations promulgated by the Dept of Health
and Human Services
• Guidelines implemented in April, 2003
What part do students play in implementing HIPAA?
How does this law affect your student role?
Click ‘Slide Show’ and View Show’
Begin Program
1 of 70
2. HIPAA regulations were designed to:
1) protect individuals’ rights to privacy and
confidentiality
and
2) assure the security of electronic transfer of
personal information
The first, protecting privacy and confidentiality
rights, is the subject of this instructional program.
2 of 70
Click here to advance
3. Health information is used by multiple agents in the
course of a single episode with a health problem.
Below are some of the agencies and individuals who
may handle health information. You could, no doubt,
add several more.
• Admitting clerks • Transport techs
• Caregivers from the • Respiratory therapists
ED to the morgue • Billing clerks
• Physical therapists • Insurance agents/clerks
• Nutritionists • School teachers/nurses
• Lab personnel • Home health personnel
• Receptionists in • Medical records clerks
MD offices • Website managers
3 of 70
Click here to advance
4. HIPAA applies to us all--in all settings. That
means at school, at home, on the shuttle
buses, as well as the hospitals and clinics.
4 of 70
Click here to advance
5. Objectives
• After completing this program you will be able to:
– Discuss the general concepts of HIPAA guidelines
– Adapt HIPAA guidelines for the various settings in
which you might practice throughout the curriculum
– Discuss the seven patient/client rights regarding his/her
health information
– Differentiate individuals who have a ‘need to know’
from those who don’t. This determines those with
whom you can discuss protected health information
– Discuss application of HIPAA to the student role
– List legal, professional, and academic consequences of
violating HIPAA rules
5 of 70
Click here to advance
6. Why HIPAA??
• Genetic advancements - as more is known about our
genetic predisposition to diseases, HIPAA will ensure that,
for example, an individual is not denied insurance because
the company knows that she may eventually develop MS.
• Marketing - as information is more easily captured
concerning, for example, the prescriptions we purchase,
HIPAA is designed to prevent marketing of unsolicited
products or services based on harvested marketing data.
• Technology - as information is quickly and sometimes
loosely moved around networks, HIPAA standards will
hold violators accountable for accidental or intentional
‘interception’ of protected health information (PHI).
6 of 70
Click here to advance
7. Why HIPAA?
• An Atlanta truck driver lost his job in early 1998 after his
employer learned from his insurance company that he had
sought treatment for a drinking problem.
• The late tennis star Arthur Ashe’s positive HIV status was
disclosed by a healthcare worker and published by a
newspaper without his permission.
• Tammy Wynette’s medical records were sold to National
Enquirer by a hospital employee for $2,610.
7 of 70
Click here to advance
8. When and How Often do I need to be
Certified?
• The law requires that we comply with the regulations
and adhere to agency guidelines.
• The ‘certificate of compliance’ you will receive upon
the completion of this program will be sufficient
until new or updated policies are developed by the
Dept. of Health and Human Services.
• Be aware that individual agencies may have unique
HIPAA policies, and it is your responsibility to know
and implement those policies.
8 of 70
Click here to advance
9. What Objectives do the Privacy
Regulations Accomplish for Patients?
• Give patients more control over their health information.
• Set boundaries on the use and disclosure of health records.
• Establish appropriate safeguards for all people who participate
in or are associated with the provision of healthcare to ensure
that they honor patients’ rights to privacy of their PHI.
• Hold violators accountable through civil and criminal
penalties.
• Strike a balance when public responsibility requires disclosure
of some forms of data--for example, to protect public health.
9 of 70
Click here to advance
10. With HIPAA we now have new terms
and abbreviations to learn!!
• Protected Health Information (PHI) or Protected Medical Information
(PMI) This is any data about the patient that would tend to identify the
individual: name, hospital #, SSN, diagnosis, lab results, past or current
photos, etc, etc.
• Privacy Officer (PO) Each facility will have an employee who is
responsible for implementing and enforcing this law. Some may have one
over a multi-facility network (Seton) others one at each site (St. David’s
Partnership). As a nursing student this individual (after your instructor or
preceptor) could be your point of information regarding HIPAA.
• Covered Entity (CE) This includes any health plan, healthcare provider,
agency that processes claims, and any company that subcontracts with
them are covered by this law.
10 of 70
Click here to advance
11. And more new terms and
abbreviations to learn!!
• Release/Disclosure These are terms used in describing the
release of PHI to other CEs for TPO, treatment. payment, or
health care operations.
• Accounting of Disclosure (AOD) The patient has the right to
have an AODs for his PHI or PMI.
• Directory This is CE’s census or list of patients used by
volunteers and operators to direct visitors.
Different agencies may have other terms they use to
communicate HIPAA policies. You will need to keep alert
to these instances to comply with the spirit of the law.
11 of 70
Click here to advance
12. The next few slides will present the
basic principles of HIPAA as it applies
to the student role:
• The seven rights in the HIPAA privacy guidelines
• Using equipment--computers, printers, fax, and similar
machines to transmit patient data
• Identifying patients/clients PHI in school papers
• Discarding or destroying papers containing patient PHI
• Communicating privacy questions/concerns in the agency
• Describing the consequences of violating HIPAA guidelines
12 of 70
Click here to advance
13. What are the Seven Patient Rights Regarding
Privacy of PHI (Protected Health Information)
Individuals have the right to:
• Receive notice of an agency’s privacy practices.
• Know that an agency will use its PHI ONLY for
treatment, payment, operations (TPO), certain
other permitted uses and uses as required by law
• Consent to and control the use and disclosure of
their PHI.
13 of 70
Click here to advance
14. Seven Rights…continued
• Access their protected health information (PHI),
except for psychotherapy notes (they might be
charged for copies)
• Request amendment or addendum to their PHI
(not always granted)
• Receive accountings of disclosures
• File privacy complaints to agency officer
14 of 70
Click here to advance
15. HIPAA Restricts Sharing PHI
Personal information cannot be released to individuals
or companies interested in marketing ventures, without
the patient’s written permission. For example:
– Names of patients on antihypertensive drugs cannot be
released to a company marketing nutritional products to
lower blood pressure.
– Names and addresses of pregnant women cannot be
provided to infant formula companies.
– Contact information of previous patients cannot be used
to raise money for a hospital building campaign.
15 of 70
Click here to advance
16. How do students assure patients’ rights
to privacy and confidentiality?
16 of 70
Click here to advance
17. Who has Access to PHI?
The ‘Need-to-Know’ Principle
PHI should be shared with as few individuals as
needed to ensure patient care and then only to the
extent demanded by the individual’s role.
For example, the nursing assistant ‘needs to know’
only the facts concerning the patient’s current
admission.
As a nursing student, you will discuss PHI only as it
applies to your education or your patient’s care.
17 of 70
Click here to advance
18. Protecting your patient’s PHI
• Take all reasonable steps to make sure that
individuals without the ‘need to know’ do not
overhear conversations about PHI.
• DO NOT conduct discussion about PHI in
elevators or cafeterias.
• Do not let others see your computer screen while
you are working. Be sure to log out when done
with any computer file.
18 of 70
Click here to advance
19. Protecting your patient’s PHI
When preparing care plans or other course required
documents take extra care to:
• identify the patient/client by initials only
• use other demographic data only to the extent necessary
to identify the patient and his/her needs to the instructor.
• protect the computer screen, PDA, clip board, or notes
from other individuals who don’t have a ‘need to know’
• protect your printer output from others who don’t have a
‘need to know’
• protect your floppy/zip/CD-ROM/PDA from loss
• consider using Webspace to save your documents
19 of 70
Click here to advance
20. Protecting your patient’s PHI
In the student role you are NOT to photoduplicate or
fax patient documents in the process of working with
your patient’s PHI. As an employee of an agency
you must use the agencies’ security procedures to
transmit PHI.
20 of 70
Click here to advance
21. Destroying PHI/PMI
DO NOT put notes
with PHI/PMI in the
trash or paper
recycle cans.
A paper shredder is
available in the
Learning Center for
these materials.
21 of 70
Click here to advance
22. Consequences of HIPAA Violations
In addition to federal laws, failure to comply with
HIPAA also violates
• Nursing’s Code of Ethics
• Texas Board of Nurse Examiners Standards of
Practice
• School of Nursing’s academic and scholarly
policies
22 of 70
Click here to advance
23. Potential Consequences of
HIPAA Violations
Legal consequences
• Civil or criminal penalties
• Fines plus imprisonment
Professional consequences:
• Disciplinary action by the Board of Nurse Examiners
Academic consequences:
• Reprimands
• Loss of points toward grade or failure of course
• Dismissal from School of Nursing
23 of 70
Click here to advance
24. Application of HIPAA to Common
Situations Facing Nursing Students
24 of 70
Click here to advance
25. Resisting the Need to Share PHI—Honoring
the Patient’s right to Privacy
Johnny, an active 4 year old, breaks his arm
after falling from a climbing form at his
daycare. As the nursing student caring for him
after the casting, you know that he is HIV
positive. Your daughter attends the same
daycare. You alert some of the other moms at
that center.
What’s wrong with this scenario?
Who in this setting has a ‘need to know’ the
HIV status of this child?
Formulate your answer
Next
then click the button
25 of 70
26. Sharing this information with the other parents is a
violation of the HIPAA statute--ensuring the
child’s/family’s right to privacy and confidentiality.
The other parents did not ‘need to know’ this
information. Really, nobody has the ‘need to know.’
A good action on your part as a registered nurse (or
student nurse) would be to look into the day care’s
first aid policies and help them develop policies that
observe universal precautions in the care of all
children and staff. This should be done even if you
didn’t know that one of the children were HIV
positive
Next Scenario
26 of 70
27. Found PHI
While working a 3-11 shift in the city/county health
clinic, you see some patient data in the trash can. What
should you do?
Click on the best response
• Remove it and take it to the document shredder.
• Report it to the Agency’s HIPAA officer.
• Call the toll-free number and make an anonymous violation repo
• Report it to your instructor or preceptor.
Next Scenario
27 of 70
28. No, this is not the best response. You will want to protect
the PHI better than this.
Try Again
28 of 70
29. Well…this is an option, but maybe over-kill at this stage.
You should either tell your instructor or preceptor (tell the
head nurse or unit manager only if your instructor or
preceptor are not available). They will see that the
individual responsible gets further education.
Try Again
29 of 70
30. Yes, this is the best option. You should either tell your
instructor or preceptor (tell the head nurse or unit manager
only if your instructor or preceptor are not available).
They will see that the individual responsible gets further
education.
Next Scenario
30 of 70
31. No, this is not the best response. You’re thinking in the
correct direction, but you don’t want to stick your hand
into any hospital trash can. You will want to tie up this bag,
label it, and get someone to take it to a shredder. As a
nursing student your best action would be to discuss with
your instructor or preceptor.
Try Again
31 of 70
32. No, this is not the best response. This is NOT a good way
to win friends for you or the School! Unless you are
finding consistent HIPAA violations that after reporting
are not being corrected, let the agency have a shot at re-
educating its staff OR STUDENTS.
Try Again
32 of 70
33. Your Best Friend
You work on the neuro unit at the public hospital. You
were able to convince your best friend to move to Austin
and work with you. In the cafeteria, she begins telling
you about this handsome guy that was just admitted to
her unit after a bad car wreck. She continues to tell you
some of the gory details including ‘driving while
intoxicated’ (DWI). What should you do?
Click on the best response
• Remind her of HIPAA and tell her that you shouldn’t discuss
• Ask her how old he is.
• Tell her to get his phone number from the chart.
• Call the agencies/networks privacy official.
• Report her to her head nurse
33 of 70 Next Scenario
34. No, this is not the best response. Did you say she was your
best friend? Unless she is consistently violating a
patient’s rights to protect his/her PHI, you will want to
help each other when you slip.
Try Again
34 of 70
35. Really now!!! I am going to get the Agency’s HIPAA
Officer after the both of you!
Try Again
35 of 70
36. Yes, this is a good option. Help her recall her
responsibilities to the patient’s right to
confidentiality and privacy.
Next Scenario
36 of 70
37. Patient’s Question
While assisting Mrs. Johnson with her bath, she tells you
that she would like remove her name from the patient
data that the volunteers have at the reception desk. Is this
a reasonable request? What would you do with this
request? Click on the best response
• Not reasonable; this information must be at the info desk for
• Reasonable; report it to the head nurse or the floor/agency pr
• Not reasonable; help her understand that it is a protected by t
• Reasonable; call the volunteer office and have her removed f
37 of 70 Next Scenario
38. Yes, this is the correct response. Recall that HIPAA
gives patients/clients the right (right #3) to control the
use and disclosure of their PHI. It is within her rights
to have her name removed from the list. Furthermore,
most agencies have special forms for this.
Next Scenario
38 of 70
39. Correct, BUT report it and let the right person take
care of the details. Most agencies will have special
forms for this. The best response is ‘B’
Try Again
39 of 70
40. No, this is a reasonable request. Recall that HIPAA gives
patients the right (right #3) to direct use and disclosure of
their PHI. It is within her rights to have her name
removed from the list. Most agencies will have special
forms for this.
Try Again
40 of 70
41. Consulting Physician Calls
You are the nursing student caring for Mr. Sanchez. His
physician has called in several consultants to assist with
his care. One of the physicians, Dr Han, a neurologist,
calls to get some information about Mr. Sanchez. Can
you release information to her? Click on the best response
• No, she is going to have to come in to be identified.
• Her request would need to be forwarded to the unit manager.
• No, she should be instructed to contact Mr. Sanchez’ primary
• After obtaining sufficient info to know that it is Dr. Han, you
41 of 70 Next Scenario
42. No, this is not the correct response. After instituting
reasonable safeguards that it is Dr. Han, you should give
her the information that she requests. Recall that PHI
can be shared with other caregivers for TPO (treatment,
payment, & agency operation) without getting additional
approval from the patient.
Try Again
42 of 70
43. Yes, this is the correct response. It is not a violation of
HIPAA if you institute reasonable assurances to protect
the security of the patient information and then disclose
to another person who has a ‘need to know.’ Recall
that PHI can be shared with other caregivers for TPO
(treatment, payment, & agency operation) without
getting additional approval from the patient.
Next Scenario
43 of 70
44. Patient’s Spouse Wants to Read the Chart
Your patient, Ms Johnson, has confided in you that she and her
husband have been having marital problems. One day while she is
at x-ray, her husband asks to see the chart. You think that she
might not want him to see it, but you’re not exactly sure how to
handle the situation. What would you as the nursing student do?
Click on the best response
• Let him see it.
• Refer the request to your instructor or preceptor.
• Tell him no, that the chart belongs to his wife.
• Delay him, saying that there is nothing in her chart of interes
44 of 70 Next Scenario
45. No, this is not the correct response. You recall that the
patient has the right to decide how her PHI can be
disclosed. As a student, any question about HIPAA or
how to deal with patients or their families should be
referred to your faculty or preceptor.
Try Again
45 of 70
46. Well…you’re right, but as a student you might want to
consult with your instructor or preceptor before dealing
with the patient’s husband.
Try Again
46 of 70
47. Yes, this is the correct response. It is always the best
policy that as a student you refer your questions to your
instructor or preceptor. In emergencies, if they aren’t
available, speak to the head nurse or unit manager.
Next Scenario
47 of 70
48. A FINAL REVIEW
Answer the following true-false questions
To Start
48 of 70
49. Patients have a right to see their chart?
Select your answer
True False
49 of 70
60. No, that’s not right. Do you need to review?
60 of 70
Click here to advance
61. As a nursing student questions or concerns about
HIPAA policies or infractions should be directed
to your instructor or preceptor.
True False
61 of 70
62. You’re right! You can also talk with the
agency’s privacy officer, but as a nursing
student it is best to check with your faculty
or preceptor first.
62 of 70
Click here to advance
63. No, that’s not right. Do you need to review?
63 of 70
Click here to advance
64. Personal digital assistants (PDAs), clipboards,
floppy disks, zip disks and CD-ROMs used for
storing PMI, careplans, process recordings, or
patient assessments forms must be protected as we
protect the patient’s chart?
True False
64 of 70
65. You’re right!
Any format that contains PHI needs your
special attention.
65 of 70
Click here to advance
66. No, that’s not right. Do you need to review?
66 of 70
Click here to advance
67. Complying with HIPAA guidelines is an important
part of a healthcare provider’s role. As a nursing
student, failure to comply can result in academic,
professional, civil, or criminal consequences.
True False
67 of 70
69. No, that’s not right. Do you need to review?
69 of 70
Click here to advance
70. The University of Texas at Austin
School of Nursing
HIPAA Supplemental Training for Health Care Settings
Today’s Date:07/19/12
Your Name Printed
I have completed this HIPAA training program. I understand the basic provisions
of the law and agree to do my part to ensure the patients’ rights of privacy and
confidentiality. Furthermore, I understand the consequences of failing to do so.
Your Signature and EID Number
TO PRINT THE CERTIFICATE: Press the Escape key to get out of this program. Next go to
‘file’ and ‘print.’ Make sure that you are printing only the CURRENT SLIDE, that you are
printing in the slide mode, and then click on OK.’
Fill in the blanks and deliver the certificate to the box on the Students Affairs receptionist’s desk.
As a student you will need to redo HIPAA training each academic year.
70 of 70 Exit Program