Preparation for Child Psych PRITE and Boards
(→Privacy Rule) |
|||
| Line 10: | Line 10: | ||
* regulates use and disclosure of protected health information (PHI) by covered entities. PHI includes any part of medical record or billing history. | * regulates use and disclosure of protected health information (PHI) by covered entities. PHI includes any part of medical record or billing history. | ||
| − | |||
* Covered entities '''must''' disclose PHI | * Covered entities '''must''' disclose PHI | ||
| − | **to the patient (upon request, within 30 days), and | + | **to the patient (upon written request, within 30 days), and |
| − | **when required by law (child abuse, etc) | + | **when required by law (child abuse, gun shot wounds, etc) |
| + | |||
| + | *Covered entities '''may,''' but not required to, disclose PHI without written authorization for | ||
| + | **billing and insurance coverage | ||
| + | *** this includes traditional billing, ED giving PHI to ambulance company or outside lab, so they can bill. | ||
| + | **to the individual (a '''must''' with written authorization) | ||
| + | **'''treatment'''** | ||
| + | *** this includes releasing medical information to a specialist who will treat the pt. or to a nursing home, where pt. is being discharged. | ||
| + | ** '''psychotherapy notes''' is an important exception; written consent is required for release of PHI to individual or others | ||
| + | |||
| + | |||
| + | |||
| + | |||
| + | |||
| + | |||
===Security Rule=== | ===Security Rule=== | ||
Security rule outlines the necessary safeguards in protecting electronic PHI. | Security rule outlines the necessary safeguards in protecting electronic PHI. | ||
| + | |||
| + | |||
| + | ==References== | ||
| + | |||
| + | (1) http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/privacysummary.pdf | ||
Revision as of 16:14, 28 February 2012
Introduction
Health Insurance Portability and Accountability Act of 1996 (HIPAA) deals with employees keeping their insurance coverage, national electronic healthcare standards. THe part generally relevant to doctors have to do with the Privacy and Security provisions of the HIPAA law.
Who is not bound by HIPAA
- Covered entities include hospitals, insurance companies, and doctors are bound by the Privacy and Security rules of HIPAA.
- Life insurance companies, employers, worker comp agencies, schools, and law enforcement are not covered entities.
Privacy Rule
- regulates use and disclosure of protected health information (PHI) by covered entities. PHI includes any part of medical record or billing history.
- Covered entities must disclose PHI
- to the patient (upon written request, within 30 days), and
- when required by law (child abuse, gun shot wounds, etc)
- Covered entities may, but not required to, disclose PHI without written authorization for
- billing and insurance coverage
- this includes traditional billing, ED giving PHI to ambulance company or outside lab, so they can bill.
- to the individual (a must with written authorization)
- treatment**
- this includes releasing medical information to a specialist who will treat the pt. or to a nursing home, where pt. is being discharged.
- psychotherapy notes is an important exception; written consent is required for release of PHI to individual or others
- billing and insurance coverage
Security Rule
Security rule outlines the necessary safeguards in protecting electronic PHI.
References
(1) http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/privacysummary.pdf