Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
HIPAA Guidelines
5
| Question | Answer |
|---|---|
| HIPAA - What does this stand for? | Health Insurance Portability and Accountability Act (of 1996). |
| HIPAA - What does this mean? | Protects health insurance coverage for workers and their families when they change or lose their jobs. Provisions also address security and privacy of health data. Standards are meant to improve the nation's health care system. |
| HIPAA - Who is covered by the Privacy Rule? | Applies to health plans, health care clearinghouses, and to any health care provider who transmits health information in electronic form in connection with transactions for which the Secretary of HHS has adopted standards. |
| HIPAA - Business Associate Defined: | A person or organization, other than a member of a covered entity's workforce, that performs functions on behalf of, or provides certain services to, a covered entity that involve the use or disclosure of individually identifiable health info. |
| HIPAA - Business Associate Contract: | When a covered entity uses a contractor or other non-workforce member to perform "business associate" services or activities. The Rule requires that the covered entity include certain protections for the information in a business associate agreement. |
| HIPAA - Protected Health Information: | All "individually identifiable health information." •Pt's past, present or future physical or mental health, •Provision of health care, or •Payments for care that identifies the individual. |
| HIPAA - De-Identified Health Information: | -No restrictions on use or disclosure of de-identified health info. 2 ways to de-identify info: 1) a formal determination by a qualified statistician; or 2) removal of identifiers and relatives, household members, and employers is required. |
| HIPAA - Principle for Privacy Rule: | Define and limit the circumstances in which an individual’s protected heath information may be used or disclosed by covered entities. |
| HIPAA - Required Disclosures Only: | Disclose protected health info in only two situations: (a) to individuals (or their personal representatives) specifically when they request access to it. (b) to HHS when it is undertaking a compliance investigation or review or enforcement action. |
| HIPAA - Permitted Uses and Disclosures: | (1) To the Individual. (2) Treatment, Payment, Health Care Operations for its own treatment, payment, and health care operations activities. Also Public Interest and Benefit Activities for 12 national priority purposes. |
| HIPAA - Covered entities may use and disclose protected health information without individual authorization as required by law: | Public Health, Abuse, Neglect or Domestic Violence, Health Oversight Activities, Judicial and Administrative Proceedings, Law Enforcement Purposes, Decedents for Death, Cadaveric Organ Donation, Research, Threat to Health or Safety, Government Functions. |
| HIPAA - Authorization: | A covered entity must obtain the individual’s written authorization for any use or disclosure of protected health information that is not for treatment, payment or health care operations or otherwise permitted or required by the Privacy Rule. |
| HIPAA - Psychotherapy Notes: | A covered entity must obtain an individual’s notes with the following exceptions: training, to defend itself in legal proceedings by individual, for HHS to investigate compliance and marketing. |
| HIPAA - Minimum Necessary: | A covered entity must make reasonable efforts to use, disclose, and request only the minimum amount of protected health information needed to accomplish the intended purpose of the use, disclosure, or request. |
| HIPAA - Privacy Practices Notice: | Each covered entity must provide a notice of its privacy practices. The Privacy Rule requires a notice must describe the ways they may use and disclose protected info and duties to abide by. |
| HIPAA - Notice Distribution: | Not later than the first service encounter by personal delivery, posting the notice at each service delivery site, in emergency treatment situations, as soon as practicable. |
| HIPAA - Restriction Request: | Individuals have the right to request that a covered entity restrict use or disclosure of protected health information for treatment, payment or health care operations, disclosure to persons involved in the individual’s health care. |
| HIPAA - Confidential Communications Requirements: | Must permit individuals to request an alternative means, location, or concealment for receiving communications. The health plan may not question the individual’s statement of endangerment. |
| HIPAA - What is HHS? | United States Department of Health and Human Services. |
| HIPAA - Special Case - Minors: | In most cases, parents are the representatives for minor children. In certain exceptional cases, the parent is not considered the personal representative. In these situations, the Privacy Rule defers to State and other law to determine the rights. |
Created by:
kmburg5840
Popular Clinical Skills sets