Stedman's Guide to the HIPAA Privacy & Security Rules / Edition 2

Stedman's Guide to the HIPAA Privacy & Security Rules / Edition 2

by Kathy Nicholls
     
 

View All Available Formats & Editions

ISBN-10: 1608310531

ISBN-13: 9781608310531

Pub. Date: 02/01/2011

Publisher: Lippincott Williams & Wilkins


Addressing the needs of all health information management  professionals, from medical transcriptionists, coders, and billers to medical office administrators and managers, Stedman's Guide to the HIPAA Privacy & Security Rules has been completely revised to include not only the Security Rule, but also the new HITECH Act passed in 2009. Writing in

Overview


Addressing the needs of all health information management  professionals, from medical transcriptionists, coders, and billers to medical office administrators and managers, Stedman's Guide to the HIPAA Privacy & Security Rules has been completely revised to include not only the Security Rule, but also the new HITECH Act passed in 2009. Writing in a lively, engaging style, Kathy Nicholls cuts through the daunting legalese and gets right to the core of each relevant piece of legislation, clearly and concisely explaining the meaning and purpose of the law, while also providing clean, easy-to-follow checklists for compliance. Helpful hints and key items are pulled out and highlighted for ease of studying and retention, and real-world stories anchor the legal information in the real world of healthcare information, demonstrating both the necessity and the application of the law, and enlivening the material. An FAQ section at the end is a handy reference as students move into the professional world, and as professionals need a refresher on key questions. The online resources include dozens of sample forms that can be modified to suit the user's needs. This concise, clear guide explains even the most complicated of the HIPAA legislation in terms that are easy to understand and relevant to students and professionals responsible for safeguarding the privacy and integrity of healthcare information.

Product Details

ISBN-13:
9781608310531
Publisher:
Lippincott Williams & Wilkins
Publication date:
02/01/2011
Edition description:
Second
Pages:
256
Product dimensions:
6.00(w) x 8.90(h) x 0.30(d)

Table of Contents

Chapter 1 Introduction to HIPAA and the Privacy and Security Rules 1

Introduction 2

What Is HIPAA? 3

The Privacy and Security Rules 7

Terminology 8

General Terminology in Healthcare 13

Significant Points 14

Compliance Deadlines 16

Chapter 2 The Privacy and Security Rules and Healthcare Documentation 21

Introduction 22

What Does the Privacy Rule Really Do? 23

What Does the Security Rule Really Do? 23

Privacy for Protected Health Information Is the Goal! 24

What Constitutes Protected Health Information? 25

Who Must Comply and How Does Compliance Impact the Work Setting? 25

State Laws 26

Application of the Privacy Rule in Healthcare Documentation 26

Policies and Procedures 27

Training 27

Use and Disclosure 28

Minimally Necessary Information 29

Access Control 29

De-identified Information 30

Confidentiality Agreements 32

Computer Security 32

Work Areas 33

Transfer of Data 33

Destruction of Hard Copy protected Health Information 34

Use of the Fax 34

Use of E-Mail 36

Disaster Recovery 37

Offsite Workers 37

Storage and Retention 38

Audit Trails 39

Termination Procedures 39

Recycling of Computers 40

Access to PHI for Educational Purposes 40

Vendors 41

Breaches 42

Complaints 43

Penalties 44

Enforcement 46

HIPAA for the Independent Contractor 46

Are You a Business Associate? 47

General Requirements 47

Chapter 3 A Blueprint for Compliance with the Privacy Rule 57

Introduction 58

Where Do I Start? 58

Gap Analysis Checklist 59

Vendor Compliance Checklist 63

Training Checklist 63

What Policies Do I Need? 65

Privacy Officer Policy 66

Policy for the Use of Protected Health Information 67

Policy for the Use of Protected Health Information in Quality Assurance and Educational Programs 67

Training Policy 69

Computer Security Policy 69

Policy for Confidentiality Agreements 73

Policy for Work Area Arrangements 74

Access Policy for Digital Dictation Systems 75

Policy for the Use of Hard Copy Protected Health Information 76

Policy for Use of the Fax Machine 77

E-Mail Policy 78

Disaster Recovery Policy 80

Policy for Offsite Workers 81

Termination Policy 84

Breaches and Sanctions Policies 86

Complaint Policy 87

Vendor Policy 88

Policies for Business Associates 88

Sample Contracts and Agreements 90

Policy for Subcontractors 99

Policy for Offshore Contractors 99

A Word About Disclosures 100

What About Indemnification? 100

Chapter 4 The Security Rule and Healthcare Documentation 109

Introduction 110

What Does the Security Rule Really Do? 110

What Constitutes Protected Health Information? 111

Who Must Comply and How Does Compliance Impact the Work Setting? 112

State Laws 112

Application of the Security Rule 113

Administrative Safeguards 113

Physical Safeguards 121

Technical Safeguards 125

Organizational Requirements 127

Policies and Procedures and Documentation Requirements 127

Penalties 128

Enforcement 129

HIPAA for the Independent Contractor 130

Are You a Business Associate? 130

Chapter 5 A Blueprint for Compliance with the Security Rule 137

Introduction 138

Administrative Safeguards 139

Security Management Process 139

Assigned Security Responsibility 145

Workforce Security 146

Information Access Management 148

Security Awareness and Training 150

Security Incidents 152

Contingency Plans 155

Evaluation 157

Business Associate Contracts and Other Arrangements 158

Physical Safeguards 162

Facility Access Control 162

Workstation Use 165

Workstation Security 166

Device and Media Controls 167

Technical Safeguards 169

Access Control 170

Audit Controls 172

Integrity 172

Person or Entity Authentication 173

Transmission Security 174

Organizational Requirements 175

Business Associate Contracts and Other Arrangements 175

Requirements for Group Health Plans 176

Policies and Procedures and Documentation Requirements 177

Policies and Procedures 177

Documentation 178

A Final Note on Security 179

Chapter 6 Frequently Asked Questions 185

Appendix A Industry Resources 199

Appendix B AAMT Paper on Special Considerations for Offsite Medical Transcriptionists 205

Appendix C Abbreviations and Acronyms 211

Glossary 213

Index 219

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >