1. HIPAA and Confidentiality
Brandy Press-Smith
MHA 690
March 15, 2012

2. What is HIPAA?
• “The HIPAA Privacy Rule, also called the
Standards for Privacy of Individually Identifiable
Health Information, provided the first nationally-
recognizable regulations for the use/disclosure of
an individual's health information.”
• “The Privacy Rule defines how covered entities
use individually-identifiable health information or
the PHI (Personal Health Information).”
http://whatishipaa.org/

3. HIPAA Privacy
• Rule addresses all issues
concerned with
saving/accessing/sharing
medical & personal
information of an individual.
http://whatishipaa.org/

4. Privacy Rule
• Gives patients control over the use of their health
information
• Defines boundaries for the use/disclosure of health
records by covered entities
• Establishes national-level standards that healthcare
providers must comply with
• Helps to limit the use of PHI and minimizes chances of its
inappropriate disclosure
• Strictly investigates compliance-related issues and holds
violators accountable with civil or criminal penalties for
violating the privacy of an individual's PHI
• Supports the cause of disclosing PHI without individual
consent for individual healthcare needs, public benefit and
national interests
http://whatishipaa.org/

5. Who must follow these laws?
• Health Plans, including health insurance companies, HMOs,
company health plans, and certain government programs that pay
for health care, such as Medicare and Medicaid.
• Most Health Care Providers—those that conduct certain business
electronically, such as electronically billing your health insurance—
including most doctors, clinics, hospitals, psychologists,
chiropractors, nursing homes, pharmacies, and dentists.
• Health Care Clearinghouses—entities that process nonstandard
health information they receive from another entity into a standard
(i.e., standard electronic format or data content), or vice versa.
http://www.hhs.gov/ocr/privacy/hipaa/und
erstanding/consumers/index.html

6. Personally-identifiable health
information….what is it???
• Health information that relates to a specifically identifiable
individual; it generally includes the following, whether in electronic,
paper, or oral format:
• Health care claims or health care encounter information, such as
documentation of doctor's visits and notes made by physicians and
other provider staff
• Health care payment and remittance advice
• Coordination of health care benefits
• Health care claim status
• Enrollment and disenrollment in a health plan
• Eligibility for a health plan
• Health plan premium payments
• Referral certifications and authorization
• First report of injury
• Health claims attachments http://www.twc.state.tx.us/news/efte/hipaa_basics.html

7. Health Information can be used and shared:
• For your treatment and care coordination
• To pay doctors and hospitals for your health care
and to help run their businesses
• With your family, relatives, friends, or others you
identify who are involved with your health care or
your health care bills, unless you object
• To make sure doctors give good care and nursing
homes are clean and safe
• To protect the public's health, such as by
reporting when the flu is in your area
• To make required reports to the police, such as
reporting gunshot wounds
http://www.hhs.gov/ocr/privacy/hipaa/u
nderstanding/consumers/index.html

8. Think before you peak….
• Before viewing
medical records,
make sure you have
a valid reason.