Download - Welcome to UF
![Page 1: Welcome to UF](https://reader036.vdocument.in/reader036/viewer/2022062408/5681348a550346895d9b6ec5/html5/thumbnails/1.jpg)
Welcome to UF
We’re from the Privacy Office and we’re here to help you…
HIPAA Orientation College of Nursing– Fall 2014
Cheryl Webber, MS, RHIAUniversity of Florida Privacy Manager
Jacksonville Campus
![Page 2: Welcome to UF](https://reader036.vdocument.in/reader036/viewer/2022062408/5681348a550346895d9b6ec5/html5/thumbnails/2.jpg)
Learning Objectives
HIPAA Training Requirements
Practical Tips for Compliance
Breach Notification
![Page 3: Welcome to UF](https://reader036.vdocument.in/reader036/viewer/2022062408/5681348a550346895d9b6ec5/html5/thumbnails/3.jpg)
What do Patients Value?
![Page 4: Welcome to UF](https://reader036.vdocument.in/reader036/viewer/2022062408/5681348a550346895d9b6ec5/html5/thumbnails/4.jpg)
Trust
• Patients must trust their care givers enough to share personal and often sensitive information needed for care.
If trust is broken, the health of the patient suffers first, and the reputation of the institution may follow.
![Page 5: Welcome to UF](https://reader036.vdocument.in/reader036/viewer/2022062408/5681348a550346895d9b6ec5/html5/thumbnails/5.jpg)
HIPAA Training
Orientation and Annual Training are different!
You must complete the appropriate online module
Electronically sign the Confidentiality Agreement
Additional training modules for Shands and VA may be required!
![Page 6: Welcome to UF](https://reader036.vdocument.in/reader036/viewer/2022062408/5681348a550346895d9b6ec5/html5/thumbnails/6.jpg)
HIPAA TrainingComplete:• General Awareness Training – if you will not be involved in any research
OR
• HIPAA for Researchers – if you will be involved in human subject research.
• NOTE: If you completed the official training between December 1 and today, you’re good to go – until next January.
![Page 7: Welcome to UF](https://reader036.vdocument.in/reader036/viewer/2022062408/5681348a550346895d9b6ec5/html5/thumbnails/7.jpg)
Training and Re-training….
Failure to complete the training on time is a Level II HIPAA violation and will result in disciplinary action.
Be sure you are included in your college or department’s email list – ◦If so, you will also be on the All-HSC email list.
![Page 8: Welcome to UF](https://reader036.vdocument.in/reader036/viewer/2022062408/5681348a550346895d9b6ec5/html5/thumbnails/8.jpg)
Privacy SanctionsSanctions for HIPAA violations are serious:• Fines• Jail-time
UF Sanctions• Loss of student privileges, computer access• Verbal counseling up to termination• Suspension or expulsion• Reporting to professional licensing or
credentialing boards
![Page 9: Welcome to UF](https://reader036.vdocument.in/reader036/viewer/2022062408/5681348a550346895d9b6ec5/html5/thumbnails/9.jpg)
New Penalties
So, a breach involving PHI for 10 individuals could cost anywhere from $100 to $50,000 per disclosure
Tiers DescriptionMinimum
per Violation
Max per Year (for identical violations)
Tier A Did not know $100 - $50,000 $1,500,000
Tier B Reasonable cause – not willful neglect
$1,000 - $50,000 $1,500,000
Tier CWillful neglect –
corrected w/in 30 days
$10,000 - 50,000 $1,500,000
Tier D Willful neglect – uncorrected $50,000 $1,500,000
![Page 10: Welcome to UF](https://reader036.vdocument.in/reader036/viewer/2022062408/5681348a550346895d9b6ec5/html5/thumbnails/10.jpg)
Common HIPAA Violations Unauthorized disclosures:• Be aware of your surroundings when discussing patients• Use extra caution with privileged information
Improper use of portable devices: laptops, PDAs, camera phones, etc. • Recording (and sharing) unauthorized pix and videos• Failure to use encryption• Losing or misplacing equipment
Removal of PHI or health records from UF premises.
![Page 11: Welcome to UF](https://reader036.vdocument.in/reader036/viewer/2022062408/5681348a550346895d9b6ec5/html5/thumbnails/11.jpg)
Practical Tips for ComplianceShare PHI only with those who have a
professional need to know.Use strong passwords consistent with UF
policies.Properly destroy PHI.Do not disable virus protection
applications.
![Page 12: Welcome to UF](https://reader036.vdocument.in/reader036/viewer/2022062408/5681348a550346895d9b6ec5/html5/thumbnails/12.jpg)
Practical Tips for ComplianceYou are responsible for activity originating from
your account.
Do not access your own record or that of a family member’s
Email PHI when necessary-within the UF domain
Encrypt external emails containing PHI-avoid AOL, Yahoo, Gmail.
![Page 13: Welcome to UF](https://reader036.vdocument.in/reader036/viewer/2022062408/5681348a550346895d9b6ec5/html5/thumbnails/13.jpg)
Breach Notification
HITECH Act and Florida law requires covered entities to report breaches to the patient when:
– Unencrypted PHI is disclosed
– An individual’s SSN is inappropriately disclosed
![Page 14: Welcome to UF](https://reader036.vdocument.in/reader036/viewer/2022062408/5681348a550346895d9b6ec5/html5/thumbnails/14.jpg)
Examples of a BreachA breach is any unauthorized disclosure:
• Stolen laptop/tablet
• Accidental disclosure- sharing PHI with someone over the phone or in person you thought was the patient
• Emailing/faxing patient information to an unauthorized third party
![Page 15: Welcome to UF](https://reader036.vdocument.in/reader036/viewer/2022062408/5681348a550346895d9b6ec5/html5/thumbnails/15.jpg)
Reporting a BreachTo your supervisorUF Privacy Hotline: (866) 876-4472Online at [email protected]
If you know about a Privacy or Security incident, it is your responsibility to report it!
![Page 16: Welcome to UF](https://reader036.vdocument.in/reader036/viewer/2022062408/5681348a550346895d9b6ec5/html5/thumbnails/16.jpg)
Primary Take-Aways
Only access the PHI you need.
Complete HIPAA training
Report a breach
![Page 17: Welcome to UF](https://reader036.vdocument.in/reader036/viewer/2022062408/5681348a550346895d9b6ec5/html5/thumbnails/17.jpg)
Questions?UF Privacy Office
◦(352) 273-1212
• Cheryl Webber, MS, RHIA
◦(904) 244-6229