Presentation Transcript

1. Domain VI – Legal (11%)

   RHIT Prep Workshop 2014
2. The People Involved Defendant Plaintiff
3. Type of Laws Civil laws – laws that deal with the rights of individuals Criminal laws – laws that protect individuals’ health, safety, and welfare Tort – a civil wrong committed against an individual or property Contract – legally enforceable agreement between two or more individuals
4. Types of Laws Private laws – rights and duties of people and non-governmental businesses Public laws – Administrative laws and regulations Statutes – law enacted by legislature Administrativelaw– created by agencies that are given authority to oversee particular areas Regulation – a rule to control behaviors
5. Legal Documents Subpoena – a court order to produce evidence Supoena ad testificandum– a court order for an individual to testify Subpoena ducestecum– a court order to deliver specific documents to the court
6. Legal Documents Consent to treat Release of Information (ROI) Advanced Directives: DNR (Do Not Resuscitate) Living Will Healthcare Surrogate
7. Types of Consent Express consent – written consent that is specific and signed by the individual Implied consent – a situation where agreement can be reasonably assumed, based on an individual’s actions or behavior Informed consent – a regulation mandating the sharing of information with a patient by a health care provider to assist the patient in deciding to agree or refuse treatment
8. Patient Self-Determination Act Legislation that requires all federally funded facilities to inform their patients of their rights under state law to accept or refuse medical treatment
9. Elements of Negligence All four are required to recover damages: Duty to care – obligation to patient Breach of duty – failure to perform according to standards of care Injury or damage – actual damage or injury Causation – the injury was caused by the breach of duty and predictable
10. Practice Question #1 Which type of law is constituted by rules and principles determined by legislative bodies? Statutory law Administrative law Common law Case law
11. Practice Question #2 Which of the following elements of negligence are required to recover damages? Duty to care, breach of duty, value attached to injury greater than $1,000 Duty to care, suffered an injury, value attached to injury greater than $10,000 Duty to care, breach of duty, injury, and causation Breach of duty and violation of HIPAA’s Privacy rule
12. Practice Question #3 HIM personnel charged with the responsibility of bringing a medical record to court would be doing this in response to a ____. Personal subpoena Deposition Subpoena ducestecum Interrogatory
13. Practice Question #4 The ideal consent for medical treatment obtained by the physician is ___. Express Implied Verbal None of these
14. Practice Question #5 Written permission to proceed with care is classified as ___. Advance directive Formal consent Express consent Implied consent
15. Confidentiality Patient’s have limited rights to access and control the disclosure of their information Privacy is the right of an individual to be left alone Information derived form a clinical relationship is patient-specific health information
16. Confidentiality HIPAA’s Privacy Rule Use of PHI Information shared within one facility between health care professionals required for care Disclosure of PHI Information shared between facilities required for care Release of Information Form
17. HIPAA’s Privacy Rule Covered Entities… Health care providers Health care plans Health care clearinghouses ALSO Business Associates
18. HIPAA’s Privacy Rule PHI (Protected Health Information) IIHI (Individually-Identifiable Health Information) Any indicator/piece of data that points directly to one person
19. Practice Question #6 Under HIPAA, which of the following is not named as a covered entity? Health plan Outsourced transcription service Healthcare clearinghouse Healthcare provider
20. Practice Question #7 HIPAA Privacy Rule ___. Protects only medical information that is not already specifically protected by state law Supersedes all state laws that conflict with it Is federal common law Sets a minimum (floor) of privacy requirements
21. Practice Question #8 Which of the following is NOT an identifier under the Privacy Rule? Visa account number 1523 5561 9981 Vehicle license plate number ABC 123 Age 85 Street address 123 Testing Lane
22. Practice Question #9 Which of the following is NOT a factor of PHI as per HIPAA’s Privacy Rule? Relates to one’s health information Contained within the personnel file Identifies an individual by name In the custody of a CE or its BA
23. Practice Question #10 The HIPAA Security Rule requires all of the following addressable implementation programs but one for an entity’s workforce. Disaster recovery plan Log-in monitoring Password management Security remainders
24. HIPAA’s Security Rule The General Rules include the objective and the scope of the Security Rule as a whole Security Officer is responsible for development of facility security goals and objectives
25. HIPAA’s Security Rule Five Security Domains Administrative Procedures Physical Safeguards Technical Security Services Technical Security Mechanisms Electronic Signatures
26. Record Retention Patient Health Record Adults …10 years after most recent encounter Minors…Age of majority + statute of limitations regarding malpractice lawsuits Test Results Diagnostic images… 5 years Fetal heart monitor record…Age of majority + 10 years
27. Record Retention Indexes MPI (master patient index) …permanently Disease index… 10 years Operative index… 10 years Physician index…10 years Registers Register of births… permanently Register of deaths…permanently Register of surgical procedures…permanently
28. Record Retention Maintain, for a minimum of 6 years after the later of the date of their creation or last effective date: Privacy policies and procedures Privacy practices notices and acknowledgements Disposition of complaints, and other actions, activities Designations that the Privacy Rule requires to be documented
29. Record Amendment Individuals have the right to request amendment to their PHI when that information is: Inaccurate Or Incomplete
30. Record Amendment Amendment request ACCEPTED make reasonable efforts to provide the amendment to others who need it and available to persons who might rely on the information to the individual’s detriment
31. Record Amendment Amendment request DENIED CE must provide the individual with a written denial and allow the individual to submit a statement of disagreement for inclusion in the record
32. Record Amendment CEs must amend PHI in its record upon receipt of notice to amend from another CE
33. Disclosure Requests Policies and procedures MUST be in place and in practice to handle routine, recurring disclosures requests for disclosures PHI disclosure MUST be kept to Minimum Necessary limit disclosures to the information reasonably necessary to accomplish the purpose of the disclosure
34. PrACTICE QUESTIONS
35. Practice Question #11 Competent individuals have the following rights in regard to his or her healthcare__? Right to alter content of the original health record Right to take original health record with them Right to access his or her own PHI Right to destroy their original health record
36. Practice Question #12 Walk Away Clinic has requested that Our Town Hospital send its records of Mary Jones’ most recent admission to them for her follow-up appointment. Which statement is true? The Privacy Rule requires the patient to complete a written authorization The Hospital may send only discharge summary, H&P, and operative report The Privacy Rule’s minimum necessary requirement does not apply This “public interest and benefit” disclosure does not require patient authorization
37. Practice Question #13 Joe is completed his required high school community service hours by serving as a volunteer at the local hospital. Relative to the hospital, he is: Business associate Employee Workforce member Covered entity
38. Practice Question #14 The ___ provide the objective and scope for the HIPAA Security Rule as a whole. Administrative provisions General rules Physical safeguards Technical safeguards
39. Practice Question #15 Which of the following must CEs do in order to comply with HIPAA Security provisions:___? Appoint a Chief Security Officer Conduct employee security training sessions every 6 months Establish a contingency plan Conducted technical and non-technical evaluations every six years
40. Practice Question #16 Which document directs an individual to bring originals or copies of records to court? Summons Subpoena C) Deposition D) Subpoena ducestecum
41. Practice Question #17 The HIPAA Privacy Rule requires that covered entities must limit use, access, and disclosure of PHI to only the amount needed to accomplish the intended purpose. What concept is this an example of…? Minimum necessary Notice of privacy practices Authorization Consent
42. Practice Question #18 Which of the following is an example of a business associate? Contract coder Environmental services Security officer Employee with access to e-PHI
43. Practice Question #19 Dr. Smith takes the medical records of a group of HIV-positive patients out of the hospital to work on them at home. He accidentally leaves the records in a restaurant where they were read by a newspaper reporter who publishes an article that identifies the patients. The physician can be sued for: Slander Libel Willful infliction or mental distress Invasion of privacy
44. Practice Question #20 When served with a court order directing the release of health records, an HIM professional… May ignore it Must comply with it Must request patient authorization before disclosing the records May determine whether or not to comply with it
45. Any Questions???