1 of 26

Slide Notes

HIPAA and Texas State Law Compliance

DownloadGo Live

Copy of Compliance

No Description

View Outline

MORE DECKS TO EXPLORE

PRESENTATION OUTLINE

1.

HIPAA Compliance

HIPAA and Texas State Law Compliance

Photo by Glyn Lowe Photoworks.
2.

Hipaa

Health Insurance Portability & Accountability Act
Photo by 401(K) 2013
3.

Medical Record Privacy Act
AND
Identity Theft Enforcement & Protection Act

Tthese are the two primary TX Acts: TMRPA under the Health and Safety Code at Chapter 181 and ITEPA under Business and Commerce Code at Chapter 521

other state laws affect both of these
Photo by Don J Schulte
4.

Federal HiPAA Regs

Texas Law
Photo by StockMonkeys.com
5.

HIPAA

ACTS AS THE FLOOR, THe Minimum
Photo by rubyblossom.
6.

Pre-empts if More Stringent

Photo by rcbodden
7.

http://hipaanews.org/

Both Federal and State Laws Continue to Change
Photo by Andreanna Moya Photography
8.

Are You a Covered Entity?
Yes, if you
Collect
Store
Use or Disclose
Transmit or
Destroy
PHI or SPI

9.

But We're NonProfit

It doesn't matter . . .
Photo by lovingyourwork.com
10.

PHI & SPI

Protected Health Information & Sensitive Personal Information
As a Covered Entity, you must abide by HIPAA and State Laws to protect PHI and SPI
Photo by seanmcgrath
11.

Protected Health Information:
Individually Identifiable Physical & Mental Health or Condition

Includes payment and the provision of healthcare

and past present and future health and conditions
Photo by KayVee.INC
12.

Sensitive Personal Info
PHI or Financial Info

Means an individual's first name or first initial and last name in combo w/ any one or more of the following items, if the name and items are not encrypted: SSN, Drivers License # or Gov't issued ID, account # or Credit or Debit Card number w/ any required security access code or password; or information that identifies a person and relates to PHI
Photo by Leo Reynolds
13.

Privacy & Security

Photo by garryknight
14.

Privacy Rule

Oral, Paper and Electronic Info
Photo by Lotus Carroll
15.

Security Rule

Protection of Electronic PHI & SPI
Photo by chrismar
16.

Security Rule

Protection of Electronic PHI & SPI
Photo by chrismar
17.

Privacy Policies

and Procedures and Training
Photo by taberandrew
18.

Privacy

  • Identify PHI and SPI
  • Minimum Necessary Use
  • Safeguarding PHI and SPI
  • No release w/o consent
  • Sanctions
  • Retention and Destruction
19.

Identify PHI & SPI

  • How do you collect & use it?
  • How do you safeguard it in all forms: oral, written, electronic
Photo by Images_of_Money
20.

Minimum Necessary Use

  • Use by consent only
  • Use for purpose intended
  • No further disclosure
Photo by liquidnight
21.

Safeguarding

  • Conversations
  • Secure storage
  • Proper Destruction
  • Careful Transmission
Photo by Fran García Salomón
22.

No Release w/o Consent

Except in limited necessary circumstances
Photo by P!XELTREE
23.

Sanctions

if policy is violated
Photo by Tomás Fano
24.

Retention & Destruction

  • Maintain PHI and SPI as necessary
  • Destroy by shredding, erasing, or other means so that the info is unreadable
Photo by GollyGforce - Living My Worst Nightmare
25.

Workforce Training

  • Within 90 days of new hire
  • Signed verification of completion
Photo by salendron
26.

Workforce Training

  • Every two years
  • Within one year if a material change in the law occurs
Texas law mandates training regarding PHI at least every two years, but more often is advisable.

If the duties of an employee are affected by a material change in state or federal law concerning PHI, the employee will receive training within a reasonable period but not later than the first anniversary of the dat the material change in law takes effect.

Photo by salendron

Sandra Garant