Professional Documents
Culture Documents
Ver X.X
Preface
What is HIPAA?
Who has to follow the HIPAA law?
When do we start?
How does HIPAA affect you and your job?
Why is HIPAA important?
Where can you get help with HIPAA?
Initially intended to improve the portability and continuity of health insurance coverage
for groups and individuals.
To provide health care coverage for all people, regardless of preexisting health
conditions or layoff
To protect medical records and other personal health information (PHI) and give
patients new rights regarding the management of their PHI
Administrative Simplification:
• To establish precise and uniform standards for Electronic Data Interchange (EDI)
• To reduce the cost and improve the process of filing insurance claims
NOW!
If you have any questions about what you must do and when
you are in doubt.
Ask your supervisor.
Access Control
• Limit access.
• Unique user identification
• Emergency access procedure
• Automatic logoff
• Encryption and decryption
Audit Controls
• Defines this requirement as implement of hardware, software,
and/or procedural mechanism that record and examine activity in
information systems that contain or use.
• Appears that flexibility does not extend to having no audit trail
mechanisms at all.
For Internal training purpose 24
Technical Safeguards
Integrity
• Policies and procedures to protect e-PHI from improper alteration
or destruction
Authentication
Transmission
• e-PHI is not improperly modified without detection until disposed
off
• Mechanisms to encrypt e-PHI deemed appropriate
Any activity that harms the resources or can cause harm to the
Organization and / or:
Unauthorized changes or access of PHI or ePHI
Criminal activity or natural disaster
1. What is PHI? (Please click on all answers you think are right. There
may be more than one right answer.)
a. A person's Protected Health Information.
b. A person's health, billing or payment information that is created
or received by a health care provider or health plan.
c. Protected Health Information is information about a person that
can be used to identify the person.
d. PHI is a person's information that is protected by the HIPAA law.
2. Who has to follow the HIPAA Law? (Please click on all answers
you think are right. There may be more than one right answer.)
a. My supervisor, and other administrators, managers and directors
b. Everyone
c. I don't know
3. When can I disclose or use PHI? (Please click on all answers you
think are right. There may be more than one right answer.)
a. Only if HIPAA allows me to use or disclose PHI as a part of my
job.
b. For the treatment of a patient, if that is part of my job.
c. For obtaining payment for services, if that is part of my job.
d. For teaching activities, if that is part of my job.