Compliance Minute

Often in the news, we hear about breaches of information in large companies. With this comes the potential for personal information such as social security numbers, credit card numbers, dates of birth, to be exposed.  In the healthcare industry, we are required to ensure similar information that we gather on our patients is protected and kept private.  Protected health information can include names, dates of birth, diagnosis, medical record numbers, etc. HIPAA (not HIPPA!) stands for the Health Insurance Portability and Accountability Act of 1996.  It is a federal law that created national standards to protect sensitive patient health information from being disclosed without the patient’s knowledge or consent. 

Because Mission Point Healthcare Services is considered a “covered entity” as described in the rule, we have a duty and responsibility to not use or disclose protected health information, except as permitted or required.  So, how do you know what is protected health information?  The easiest way to determine this is to use the 2 ½ Part Test: 

  1. Is it health information? (Lab work, history and physical’s, progress notes, etc.)
  2. Does it reasonably identify the individual? (Name, date of birth, room number, picture, etc.)

½.    Is it maintained? (Are you storing this information in a medical record, in a database, etc.) 

If you answered yes to the above questions, the information you have should be considered protected health information, and you must take steps to ensure it is not disclosed without the patient’s knowledge or consent.  The most common protected health information you may come across in your roles include access to medical records, face sheets, dates of birth, social security numbers, diagnosis listings, medication administration records, etc.  You can help to ensure this information is protected by closing laptop screens when not using, not leaving notes with resident information visible to others, holding conversations about residents and their health conditions in private areas, and ensuring that any of this type of information is not disclosed without the resident’s consent or knowledge.  In addition, do not share usernames, passwords, or click on email links that appear suspicious.  

For more information on HIPAA (not HIPPA!), you can read our policy and procedures on SharePoint>Policies and Procedures>Health Information Management.  You can also speak with your Nursing Home Administrator, the Corporate Compliance Officer, and/or the Director of Health Information Management, Angela Barnes.

HIPAA = Patient Privacy

 

 

 

 

 

HIPAA =    (a female hippopotamus!)

Contact Information:

Emery Dumas, LNHA, CHC
[email protected]
248-940-5390
“We Care” Hotline: 616-975-5335 (may remain anonymous)