Support our online development, and advance our onground research initiatives in free market economics, as we seek to showcase the brightest Next-Gen minds.
THE ME-P DISCLAIMER: Posts, comments and opinions do not necessarily represent iMBA, Inc., but become our property after submission. Copyright © 2006 to-date. iMBA, Inc allows colleges, universities, medical and financial professionals and related clinics, hospitals and non-profit healthcare organizations to distribute our proprietary essays, photos, videos, audios and other documents; etc. However, please review copyright and usage information for each individual asset before submission to us, and/or placement on your publication or web site. Attestation references, citations and/or back-links are required. All other assets are property of the individual copyright holder.
Protected Health Information and HIPAA
By Richard J. Mata; MD, MIS, CMP™ [Hon]
One important concept of the Health Insurance Portability and Accountability Act [HIPAA] is the “minimum necessary” rule, which states the minimum use of Protected Health Information [PHI] to identify a person, such as a social security number, home address, or phone number.
Only the essential elements are to be used in transferring information from the patient record to anyone else that needs this information.
Financial Information Included
This is especially important when financial information is being addressed. Only the minimum codes necessary to determine the cost should be provided to the financial department. No other information should be accessed by that department. Many institutions have systems where a registration or accounting clerk can pull up as much information as a doctor or nurse, but this is now against HIPAA policy and subject to penalties. The “minimum necessary” rule is also changing the way software is set up and vendor access is provided.
Human Resources
Another challenging task is keeping up with the number of people who access PHI, because the privacy regulations allow a patient to receive an accounting of anyone who has accessed their information, both internally (within your hospital, Emerging Healthcare Organization, or medical entity) and externally (such as through your business associates). The patient has the right to know who in the lengthy data chain has seen their PHI. This sets up an audit challenge for the medical organization, especially if the accountability is programmed internally. When other business associates use this PHI without documenting access to a specific patient’s PHI, no one would be accountable for a breach in privacy.
http://www.findbookprices.com/author/Hope_Hetico
One way to track access is through a designated record set, which contains medical or mixed billing records, and any other information that a physician and/or medical practice utilizes for making decisions about a patient. It is up to the hospital, EHO, or healthcare organization to define which set of information comprises “protected health information” and which does not, though logically this should not differ from locale to locale.
Assessment
Overlaps from the privacy regulations that are also addressed in the security regulations are access controls, audit trails, policies on e-mail and fax transmissions, contingency planning, configuration management, entity and personal authentication, and network controls. For more information about the Security Standards final rule; reference the Federal Register.
Conclusion
Your thoughts and comments on this ME-P are appreciated. Feel free to review our top-left column, and top-right sidebar materials, links, URLs and related websites, too. Then, subscribe to the ME-P. It is fast, free and secure.
Link: http://feeds.feedburner.com/HealthcareFinancialsthePostForcxos
Speaker: If you need a moderator or speaker for an upcoming event, Dr. David E. Marcinko; MBA – Publisher-in-Chief of the Medical Executive-Post – is available for seminar or speaking engagements. Contact: MarcinkoAdvisors@msn.com
OUR OTHER PRINT BOOKS AND RELATED INFORMATION SOURCES:
DICTIONARIES: http://www.springerpub.com/Search/marcinko
PHYSICIANS: www.MedicalBusinessAdvisors.com
PRACTICES: www.BusinessofMedicalPractice.com
HOSPITALS: http://www.crcpress.com/product/isbn/9781466558731
CLINICS: http://www.crcpress.com/product/isbn/9781439879900
BLOG: www.MedicalExecutivePost.com
FINANCE: Financial Planning for Physicians and Advisors
INSURANCE: Risk Management and Insurance Strategies for Physicians and Advisors
Share this:
Filed under: "Doctors Only", Career Development, Glossary Terms, iMBA, Inc., Information Technology, Research & Development, Sponsors | Tagged: designated record set, Dictionary Health Information Technology Security, eHR, eMR, federal register, HIPAA, hope hetico, minimum necessary, PHI, protected health information, Richard Mata, www.healthdictionaryseries.com | 1 Comment »
The Leading Business Education Network for Doctors, Financial Advisors and Health Industry Consultants 