HIPAA 101 - PowerPoint PPT Presentation

1 / 18

About This Presentation

Title:

HIPAA 101

Description:

Number of Views:194

Avg rating:3.0/5.0

Slides: 19

Provided by: hena8

Category:

Tags: hipaa | hippa

Transcript and Presenter's Notes

Title: HIPAA 101

1
HIPAA 101

2
HIPAA 101

3
What is HIPAA?

4
Getting Started with HIPAA

The Administrative Simplification provisions of
HIPAA were enacted by Congress to regulate and
standardize information exchanges and establish
standards for the privacy and security of
individually identifiable health information.

5
Who's Covered

The first thing you must ask yourself with regard
to HIPAA is
Are you a covered entity?
Health Plans HMOs, health insurers, group health
plans including employee welfare benefit plans
Health Care Clearinghouses - An entity that
processes health information going from a health
care provider to a payer.
Any healthcare provider who transmits any health
information in electronic form in connection with
a standard HIPAA transactions and described
below.

6
HIPAA Provisions

7
Practical View of HIPAA

HIPAA is larger and more complex than Y2k
Y2K was strictly a technology issue with a
defined ending and a limited and identifiable
scope
The issues that HIPAA addresses not only involve
technology, but requirements imposed on
administration operations which effect everything
from document storage, to medical procedures
coding, to customer service
Compliance with HIPAA will be a constantly
evolving process with no defined end

8
Assess All HIPAA Provisions

While they are being released in a staggered
fashion, the HIPAA regulations are interdependent
within the systems and operations of covered
entities
None of the provisions of Administration
Simplification should be assessed nor remediated
in a vacuum
Later releases of the final rules will further
effect changes already in progress as well as
implemented solutions to meet earlier
specifications

9
Many Factors will Influence HIPAA Effort

Complexity of the organization and number of
business units or decentralized operations
Value of documented policies, procedures and
programs
Culture toward confidentiality in business
operations
The nature of your systems environment
Custom-developed versus vendor package software
Data architecture and current EDI capabilities
The degree of connectivity and e-business
activity
The complexity of the existing security
architecture and security administration

10
HIPAA Technology Provisions

Three Categories of Technology Requirements
Transaction Standards
Addresses the key business transactions among
health care providers, health plan payers and
health plan sponsors (EDI Electronic Data
Interchange)
Code Sets
Define the data element values used in the
standard transactions (ICD-9, CPT-4, HCPCS,
etc.)
National Identifiers
Uniform data values used to uniquely identify the
key participants in the standard transactions
Provider, Health Plan, Employer

11
HIPAA Security vs. Privacy

Security - an organizations responsibility to
control the means by which such information
remains confidential
Administrative Procedures
Physical Safeguards
Technical Security Services
Technical Security Mechanisms

12
HIPAA Security vs. Privacy (continued)

Privacy - an individuals rights to control
access and disclosure of their protected or
individually identifiable healthcare information
(IIHI)
Establish authorization requirements
Establish administration requirements
Establish individual rights
Establish regulations for use or disclosure of
Protected Health Information ("PHI")

13
Relationship between Privacy and Security

There is a direct relationship between security
and privacy
Security is the how.. privacy is the what and
often the why
Security is the structure established to protect
IIHI
One of the implementation barriers to privacy is
the security infrastructure of the Covered Entity
Security awareness and education addresses
what is being protected

14
HIPAA Timeline
15
Good HIPAA Web Sites