Deliverable Length: 4 pages not including cover and reference pages
You have been invited to do a presentation to the laboratory department regarding Health Insurance Portability and Accountability Act (HIPAA) compliance and electronic health records. Discuss the salient points of your presentation and why you feel it is important to include this information in your presentation.
Include the following information:
- Define protected health information and when it can be disclosed.
- Differentiate between the privacy rule and the security rule as it applies to actual use in the laboratory.
- Differentiate between identifiable and unidentified information and their uses.
- Assess how the development of integrated healthcare systems has affected the installation of computer networks.
- The answer should be supported with a minimum of 1 reliable resource in addition to your text. Be sure to cite all references in APA format.
- The presentation should be written with an adequate strength of argument, support for the position, and a level of reasoning in communicating points. Answers can include any or all of the following examples (this is not intended to be an exhaustive list, only a guideline):
Protected health information (PHI)
PHI is patient information held by the organization concerning health status, provision of care, or payment for care that can be linked directly to the individual. This includes any part of the patient’s medical record including laboratory results or payment history for billed services. When necessary to disclose PHI for treatment, payment, or operations, disclose only that which is needed to achieve the purpose.
This applies to the patient and his or her health care information disclosure other than that listed above is illegal.
This applies to the systems and the obligation to protect the data through limited access such as passwords and security levels.
That which can directly be tied to the patient such as demographics is known as identifiable data. In research or reporting, it would include the use of the patient’s name. It can only be done when properly authorized.
This is data used for data gathering and report production. Individual patients are not identified. Examples of this include trends of diagnoses seen at a facility and zip code distribution.