According to the HIPAA guidelines what is the major purpose for the HIPAA Privacy Rules? The purpose of the HIPPA Privacy rules is to protect the privacy of an individual’s health record. The rule is to prevent unauthorized access by others, and also give the patient more rights to their health information.
2. List specific patient information identified by HIPAA as being “individually identifiable health information.” 1. Name 2. Social Security number 3. Address 4. Birth Date 5. Zip code
3. Which facilities and/or organizations are covered by the HIPAA Privacy Rules? Health plans, both individual and group, that pay the cost of medical care are covered by HIPAA Privacy Rules such as dental, ...view middle of the document...
This means not providing the whole health care record, unless necessary to accomplish the purpose, but only providing the specific information applicable to the disclosure request.
7. When should the HIPAA Privacy Notice be given to a patient? The HIPAA privacy notice should be given when the patient is first encountered if possible. In emergency situations it should be given as soon as practically possible. It must be posted in a prominent place where a person would be expected to read the notice.
8. Describe at least two methods for distributing the Privacy Notice to a patient. The Privacy notice can be distributed in person at the patient visit, or by electronic service delivery.
9. What must the provider do if they are unable to obtain the patient written acknowledgement of receiving a Privacy Notice? If the provider fails to obtain written acknowledgement, they must document the reason.
10. List and describe two administrative requirements in the HIPAA Privacy Rules. One administrative requirement is that privacy policies and procedures must be developed. The policies and procedures must be implemented and must be consistent with the HIPAA Privacy Rule. Another administrative requirement is the training and management of the workforce. The workforce must be trained on all the privacy policies and procedures. The workforce includes any workers under the entity’s direct control, regardless of whether or not they are paid.
11. List five (5) elements that must be included on the patient authorization form for the "use and disclosure" of protected health information? 1. It must provide an expiration date 2. It must be in plain language 3. It must contain specific information on what is to be disclosed 4. It must say who is disclosing and also receiving the information 5. It must give the right to revoke in writing
12. According to the Privacy rule, how long should privacy rule related documents be retained by a healthcare provider? Privacy related documents should be retained 6 years.
13. What is the role of a Privacy Officer as stated by the HIPAA Privacy Rules? The role of the Privacy Officer is to develop and implement privacy policies and procedures.
14. What are the civil and criminal penalties for an individual who knowingly violates the privacy rule on individually protected identifiable health information? If an individual knowingly violated the privacy rule, the penalties are up to $50,000, and up to 1 year in prison. If the violation includes false pretenses, the...