Pub. Date:
American Medical Association
HIPAA Plain and Simple: A Compliance Guide for Health Care Professionals / Edition 1

HIPAA Plain and Simple: A Compliance Guide for Health Care Professionals / Edition 1

by Carolyn Hartley, Edward D. Jones


Current price is , Original price is $49.95. You
Select a Purchase Option (Older Edition)
  • purchase options

Product Details

ISBN-13: 9781579474195
Publisher: American Medical Association
Publication date: 09/01/2003
Edition description: Older Edition
Pages: 250
Product dimensions: 6.00(w) x 8.90(h) x 0.60(d)

Table of Contents

About the Authorsxv
Chapter 1HIPAA Overview1
The Pathway to HIPAA2
Basics of Administrative Simplification3
Four Sets of Standards7
Overview of the Four Standards8
Transactions and Code Sets8
Privacy Standards10
Security Standards11
National Identifier Standards14
Who Must Comply?15
Benefits to the Practice Can Be Substantial18
Implementation May Take a While20
Everyone Has a Specific Role24
Risk Management25
Chapter 2From Patient Eligibility to Claim Payment29
The Eligibility to Claim Payment Process30
Creating New Patient Records32
Verifying Records for Returning Patients33
Understanding the Medical Record33
Ensuring Quality Control of Health Information34
A Brief Overview of Transactions36
A Brief Overview of Coding36
HIPAA Transactions and Code Set Standards39
Covered Transactions40
General Provisions41
Code Sets44
Transaction Standards47
Health Claims or Equivalent Encounter Information47
Eligibility for a Health Plan, Inquiry, and Response50
Healthcare Claim Status, Inquiry, and Response52
Referral Certification and Authorization54
Chapter 3The Privacy Team57
Step 1Start With the Basics58
A Quick Overview of the Privacy Rule58
Patient Rights59
What Does It Mean to Be a Covered Entity?63
Who's Enforcing the Privacy Rule?64
Protect Patient Confidentiality65
Designate a Privacy Official66
Designate a Privacy Team68
Develop a Budget and Time-and-Task Chart68
Start Now--Right Now68
Step 2Develop Your Notice of Privacy Practices69
Know How and When to Distribute the Notice of Privacy Practices70
What to Do if Patient Refuses to Sign71
Revising the Notice of Privacy Practices72
Step 3Get to Know the Six Patient Rights72
A Patient Can Make a Request to Any Staff Member74
Patient Right #1Requests for Further Restriction75
Patient Right #2Request for Alternative Communications76
Patient Right #3Access to Information and Right to Copy77
Patient Right #4Request to Amend Protected Health Information79
Patient Right #5Accounting of Disclosures80
Patient Right #6File a Complaint82
No Retaliation83
No Waiver of Rights84
Step 4Use and Disclosure of Protected Health Information84
Map Out How Protected Health Information Flows Through Your Office84
Permitted Incidental Disclosures86
When Are You Required to Obtain Permission to Use or Disclose Protected Health Information?87
Uses and Disclosures for the Public Good91
Minimum Necessary93
Step 5Review and Implement HIPAA's Administrative Requirements94
Designate a Privacy Official95
Designate One Person to Be the Contact Person to Receive Complaints95
Develop HIPAA Policies and Procedures95
Revising Your Policies and Procedures97
Develop Documentation Procedures97
Workforce Training98
Develop Internal Sanctions If an Employee Breaches Privacy Policies98
Develop a Process to Mitigate Breaches99
Develop Administrative, Technical, and Physical Safeguards101
Step 6Special Requirements108
Verify the Identity of the Person Who Requests Access to Protected Health Information108
Verify Personal Representatives109
Minimum Necessary Special Requirements110
Special Requirements for Marketing110
Psychotherapy Notes111
Policies and Procedures Consistent with Notice of Privacy Practices112
State Laws112
Step 7Develop Business-Associate Contracts with Your Vendors113
Contents of the Business-Associate Agreement115
Deadline for Business-Associate Agreements115
Step 8Work with Legal Counsel to Assess Your Compliance Status116
Step 9Train Your Staff116
Step 10Implement Your Plan and Evaluate Your Compliance Status120
Chapter 4Security123
About HIPAA's Security Rule125
Security Standards131
General Rules132
Administrative Safeguards134
Standard: Security-Management Process135
Standard: Assigned Security Responsibility137
Standard: Workforce Security139
Standard: Information Access Management141
Standard: Security Awareness and Training142
Standard: Security Incident Procedures145
Standard: Contingency Plan146
Standard: Evaluation148
Standard: Business-Associate Contracts and Other Arrangements149
Physical Safeguards151
Standard: Facility Access Controls152
Standard: Workstation Use154
Standard: Workstation Security155
Standard: Device and Media Controls155
Technical Safeguards157
Standard: Access Control157
Standard: Audit Controls158
Standard: Integrity159
Standard: Person or Entity Authentication160
Standard: Transmission Security160
Chapter 5Communicating HIPAA: Inquiring Patients Want to Know163
Why Talk about Communication in a HIPAA Book?164
What HIPAA Says about Oral and Written Communication165
Oral Communications in the Medical Office165
Written Communications in the Medical Office166
Incidental Uses and Disclosures167
How the Staff Can Confidently Deal with HIPAA168
What Patients Want to Know about HIPAA170
Customize Your Internal and External Communication Plan173
Develop an Internal Communication Plan173
Develop an External Communication Plan175
HIPAA Crisis-Communications Management177
Chapter 6HIPAA Compliance Costs and Return on Investment183
Questions to Ask as You Build a Budget and Determine Your Return on Investment184
Putting Your Team Together184
How Much Will You Save?185
Will E-Communications Enhance or Detract from Patient Relationships?186
Internal Investment versus Outsourcing187
Costs of Technology versus Costs of Policies and Procedures188
How to Use Your Workforce to Reinvent the Future191
Raising the Bridge and Lowering the River193
Your Accountability with Other Healthcare Paradigm Shifts194
Going Forward195
Appendix A197
Notice of Privacy Practices Required Language198
Notice of Privacy Practices Receipt201
Request to Access Records202
Sample Authorization203
Request to Amend Records205
Request to Restrict Uses and Disclosures of Protected Health Information207
Request for Alternative Communications209
Sample Complaint Form211
Follow-Up on Privacy Complaint212
Medical Privacy--National Standards to Protect the Privacy of Personal Health Information: Sample Business Associate Contract Provisions213
Privacy Official Job Responsibilities219
Security Official Job Description221
Twelve-month Training Calendar224
Appendix B227
Check for Understanding Self Test227
Answers to the Check for Understanding Self Test232

Customer Reviews

Most Helpful Customer Reviews

See All Customer Reviews