Pa H.I.P.P.A

[hemi444]

Hello everyone,
I was wondering if anyone here is familiar with the pennsylvania HIPPA laws.
I have been employed with this assisted living organization and knowing at some point an injury will come up and a incident report will be needed.
My question is that, if a incident report is stated detail of a resident(s)injury at the facility, is the Officer bound by HIPPA knowing he is not the health care provider but is employed by the orginization?

[N. A. Corbier]

Hello everyone,
I was wondering if anyone here is familiar with the pennsylvania HIPPA laws.
I have been employed with this assisted living organization and knowing at some point an injury will come up and a incident report will be needed.
My question is that, if a incident report is stated detail of a resident(s)injury at the facility, is the Officer bound by HIPPA knowing he is not the health care provider but is employed by the orginization?

Fortunately, the health care provider should be required to provide you with HIPPA training, as part of most state's HIPPA acts. If they do not, inquire.

I would believe that since you are an agent of the health care provider, and you have routine access to any patient information, you would be liable under HIPPA, as well as any confidentiality agreements you signed.

[Bill Warnock]

Hemi444: Strongly recommend you go online, just type HIPPA and you will get to their official site. In the mean time, this may be of some help.
Take N.A.'s response to heart. The healthcare organization is to provide you with the information to suit your position. To be on the safe side, I'd learn as much as possible myself so as not to be blindsided. OK!

*New HIPAA rule targets patient data
A new provision of the Health Insurance Portability and Accountability Act (HIPAA) of 1996 will require doctors and insurance companies to implement operational measures to prevent improper access to electronically stored patient data.
The "Security Rule" differs from the HIPAA "Privacy Rule" (enacted in April 2003), which regulates how a patient's health information can be used or disclosed.
The Security Rule includes a set of scalable and technology-neutral requirements that a covered entity can use in its day-to-day business operations. According to the Department of Health and Human Services, "When we state that a covered entity must ensure the safety of the information in its keeping, we intend that a covered entity take steps, to the best of its ability, to protect that information."
So, a small medical practice is not required to implement the same level of security measures as a large hospital; however, both parties should identify and document the data security necessary for their respective sizes, resources and state of protection.
The Security Rule is comprised of 22 compliance "Standards," which are divided into four categories:
* Administrative (the selection, development, implementation and maintenance of security measures).
* Physical (the measures, policies and procedures to protect software and hardware from natural and environmental hazards, and unauthorized access or intrusion).
* Technical (the systems used and those who control access to them).
* Miscellaneous (specific organizational requirements, third-party assistance from business associates and documenting Security Rule compliance).
The rule is scheduled to go into effect on April 20. (*Source: ?Security Beat E-mail Newsletter,? ©Access Control & Security Systems®, February 15, 2005)
Enjoy the day,
Bill

[N. A. Corbier]

HIPAA

Health Insurance Portability and Accountability Act

HIPAA

I just noticed that. I have, for some reason, a wish to call it HIPPA, as in Hippo.

[tony mallette]

HIPPA is the same standard throughout the United States. An easy way to avoid confusion concerning a patient is to remember that anything to do with diagnosis or prognosis is strictly confidential. Any report that is needed for the welfare of the patient due to an injury or accident should not contain information concerning diagnosis or prognosis of any disease or condition that existed prior to the injury or accident. If a patient commits a criminal act while in your care, there is a need to know basis for Law Enforcement such as information concerning the date of birth, address, drivers license numbers etc, that is legal to convey. You just can not reveal the diagnosis or prognosis of any illness or condition of the patient. Those conditions can only be revealed through a court order for you to be totally legal without recourse.
Hope this helps