Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Free HIPAA TrainingBCI Computers

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

What is HIPAA?

• Standardizes health care transactions and rules to protect the privacy and security of health information.

• Standardization of transactions to electronic format for administrative and healthcare privacy.

• Delineates unique health identifiers for employers, health plans, health care providers and individuals.

• Sets security standards to protect the confidentiality, integrity and availability of Individually Identifiable Health Information (IIHI).

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

The HITECH Act

• Enacted on February 17, 2009

• Addresses the privacy and security concerns associated with the electronic transmission of health information

• Lists penalties in order to strengthen the civil and criminal enforcement the rules.

• Defines Data Content as elements and code sets inherent to a transaction

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Omnibus Rule

• Final set of rules effective September 23, 2013.

• Expands the obligations of physicians and other health care providers regarding protected health information (PHI)

• Extends the definition of Business Associates ( BA) and Covered Entities (CE)

• Increases the penalties for violations of any of the obligations.

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Break

•Quiz 1

•Continue to Quiz 1

•Contact Us

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

• Is HIPAA mandatory?

• HIPAA does not deal with security standards. T/F?

• Business Associates and Covered Entities do not fall under HIPAA compliance. T/F?

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

How could this affect you?Tier 1, 2 Violations and Fines

HIPAA Violation Minimum Penalty Maximum Penalty

Individual did not know (and by exercising reasonable diligence would not have known) that he/she violated HIPAA

$100 per violation, with an annual maximum of $25,000 for repeat violations (Note: maximum that can be imposed by State Attorneys General regardless of the type of violation)

$50,000 per violation, with an annual maximum of $1.5 million

HIPAA violation due to reasonable cause and not due to willful neglect

$1,000 per violation, with an annual maximum of $100,000 for repeat violations

$50,000 per violation, with an annual maximum of $1.5 million

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Tier 3, 4 Violations and Fines

HIPAA violation due to willful neglect but violation is corrected within the required time period

$10,000 per violation, with an annual maximum of $250,000 for repeat violations

$50,000 per violation, with an annual maximum of $1.5 million

HIPAA violation is due to willful neglect and is not corrected

$50,000 per violation, with an annual maximum of $1.5 million

$50,000 per violation, with an annual maximum of $1.5 million

  

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Break

•Quiz 2

•Continue to Quiz 2

•Contact Us

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

• How many tiers of violations are there?

• What is the minimum amount per violation you can be fined?

• Can a violation result in jail time?

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

How to Protect Patient Information

• Encryption (Desktops, Laptops and Tablets)

• Encrypting the drives

• Encrypting E-mails

• E-mail Retention Policy

• Firewall

• Virus Protection

• Secure Internet Connection

• Hardware Locks on each machine

• Password-Protection Enabled (Changed every 30 days)

• Smart Cards Coming Soon

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Server

• One Machine should be Server

• Must be encrypted

• Must have a back-up and retention policy in place

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Mobile Devices

• Password Protected

• Encrypted

• Phones cannot be left out in the open

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Break

•Quiz 3

•Continue to Quiz 3

•Contact Us

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

• Is it ever necessary to change your passwords?

• Do your servers need to be encrypted?

• Should your phone be password protected?

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Internet Security & Firewalls

• Intrusion Protection

• Smart FireWall

• - No Best Buy, RadioShack, etc...

• Secure Wi-Fi for your office

• - Is it available for your patients?

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Education

• Train Staff

• Educate staff

• Proper Forms

• BAA, Non-Disclosure, etc…

• Locks (Hardware, doors, windows, files)

• Assign Privacy Officer

• BCI HIPAA Guide on Amazon

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Break

•Quiz 4

•Continue to Quiz 4

•Contact Us

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

• What constitutes a “Smart FireWall”?

• Does your Wi-Fi have to be secure if the patients have access to it?

• How often does your staff require training?

Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Questions & Support

• If you have any questions, contact our HIPAA Specialists Jameson McKay or Brenden Smerbeck at:

• Phone: (401) 828-5200

• E-Mail: info@bcicomputers.net