1 / 18

HIPAA 101

HIPAA 101. A presentation by Harvey Nation Jan 23, 2003. HIPAA 101. What would a HIPAA presentation be without the obligatory hippo? Note how much of this hippo you can’t see!. What is HIPAA?. Health Insurance Portability and Accountability Act of 1996 One P, two A’s.

mauli
Download Presentation

HIPAA 101

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. HIPAA 101 A presentation by Harvey Nation Jan 23, 2003

  2. HIPAA 101 • What would a HIPAA presentation be without the obligatory hippo? • Note how much of this hippo you can’t see!

  3. What is HIPAA? • Health Insurance Portability and Accountability Act of 1996 • One P, two A’s

  4. Getting Started with HIPAA • The Administrative Simplification provisions of HIPAA were enacted by Congress to regulate and standardize information exchanges and establish standards for the privacy and security of individually identifiable health information.

  5. Who's Covered • The first thing you must ask yourself with regard to HIPAA is: • Are you a covered entity? • Health Plans HMOs, health insurers, group health plans including employee welfare benefit plans • Health Care Clearinghouses - An entity that processes health information going from a health care provider to a payer. • Any healthcare provider who transmits any health information in electronic form in connection with a standard HIPAA transactions and described below.

  6. HIPAA Provisions • The four key areas of Administrative Simplification are: • Transaction Standards and Code Sets • National Identifiers • Security • Privacy

  7. Practical View of HIPAA • HIPAA is larger and more complex than Y2k • Y2K was strictly a technology issue with a defined ending and a limited and identifiable scope • The issues that HIPAA addresses not only involve technology, but requirements imposed on administration operations which effect everything from document storage, to medical procedures coding, to customer service • Compliance with HIPAA will be a constantly evolving process with no defined end

  8. Assess All HIPAA Provisions • While they are being released in a staggered fashion, the HIPAA regulations are interdependent within the systems and operations of covered entities • None of the provisions of Administration Simplification should be assessed nor remediated in a vacuum • Later releases of the final rules will further effect changes already in progress as well as implemented solutions to meet earlier specifications

  9. Many Factors will Influence HIPAA Effort • Complexity of the organization and number of business units or decentralized operations • Value of documented policies, procedures and programs • Culture toward confidentiality in business operations • The nature of your systems environment • Custom-developed versus vendor package software • Data architecture and current EDI capabilities • The degree of connectivity and e-business activity • The complexity of the existing security architecture and security administration

  10. HIPAA Technology Provisions • Three Categories of Technology Requirements: • Transaction Standards • Addresses the key business transactions among health care providers, health plan payers and health plan sponsors (EDI – Electronic Data Interchange) • Code Sets • Define the data element values used in the standard transactions (ICD-9, CPT-4, HCPCS, etc.) • National Identifiers • Uniform data values used to uniquely identify the key participants in the standard transactions • Provider, Health Plan, Employer

  11. HIPAA Security vs. Privacy • Security - an organization’s responsibility to control the means by which such information remains confidential • Administrative Procedures • Physical Safeguards • Technical Security Services • Technical Security Mechanisms

  12. HIPAA Security vs. Privacy(continued) • Privacy - an individual’s rights to control access and disclosure of their protected or individually identifiable healthcare information (IIHI) • Establish authorization requirements • Establish administration requirements • Establish individual rights • Establish regulations for use or disclosure of Protected Health Information ("PHI")

  13. Relationship between Privacy and Security • There is a direct relationship between security and privacy : • Security is the ‘how’.. privacy is the ‘what’ and often the ‘why’ • Security is the structure established to protect IIHI • One of the implementation barriers to privacy is the security infrastructure of the Covered Entity • Security awareness and education addresses ‘what’ is being protected

  14. HIPAA Timeline

  15. Good HIPAA Web Sites • www.hipaa.dhr.state.ga.us • aspe.hhs.gov/admnsimp/Index.htm • www.hcfa.gov/hipaa/hipaahm.htm • www.hhs.gov/ocr/hipaa/ • www.healthprivacy.org • www.hipaagives.org • www.sharpworkgroup.com/ • www.mhccm.org

  16. HIPAA 101 • Questions & Answers

  17. Parting Thoughts... • HIPAA is forever • One P, two A’s • Hopefully this won’t be our HIPAA

  18. FOLLOW THESE DIRECTIONS TO RECEIVE CREDIT • ENSURE YOU VIEW THE HIPAA PRIVACY • OVERVIEW PRESENTATION • ENSURE YOU COMPLETE THE COMPETENCY • EXAM AND SEND TO HRD • ENSURE YOU COMPLETE A INSERVICE TRAINING • ROSTER AND SEND TO HRD

More Related