Using passwords on your computer keeps patient records private.
An individual has privacy rights under a Federal law, protecting his or her health information.
No one is allowed to look at a patient’s medical chart if an authorization has not been signed.
Patient health insurance
Protected health information
Personal health information
A conversation with a patient, employee, family member, supervisor, or health care member.
A medical document such as a medical bill, treatment plan, lab report, or financial statement.
Electronically through emails, computer programs, data feeds, instant messaging.
All of the above
Collect the data, put it in a sealed envelope and place it in your locked desk drawer.
Don’t tell anyone, because you don’t want to get your co-worker in trouble.
Immediately notify your Supervisor or the HIPAA Privacy or Security Officer.
Tear the paper up and place it in the regular trash bin.
Leave the papers face down on your desk until the next day.
Lock the papers in your secure file drawer or cabinet and place them in the locked shred bin the following day.
Choosing a strong password (one not easily guessed) is essential in securing information.
Generally good passwords are at least six characters long and contain a combination of numbers and lower and upper case letters.
Poor passwords include the use of simple or easily guessed words or phrases such as your favorite sports team name, family name or dates of birth.
All of these are correct.
Paper copy of test results
It is OK to install software or use unauthorized websites as long as you have used them before.
It is OK to install software or use unauthorized websites as long as you click the "OK" or "ACCEPT" check box.
Computer viruses or spyware can expose our company’s computer network to hackers, which can cause a data breach.
Many forms of software costs money and the company must pre-approve all expenses.
Type [secure] into the subject line.
Send IT a Mantis ticket.
Minimize all your applications.
Tell a co-worker you are leaving and to “keep an eye” on your desk.
Lock your computer screen and secure any PHI on your desk.
Sending PHI through unsecured email.
Losing a laptop during business travel.
Talking about patient information in the bathroom areas.
Forgetting to encrypt an email containing PHI.
Talking too loudly with a patient on the phone, which allows your co-worker to overhear the conversation.
An impermissible use or disclosure that compromises the security or privacy of PHI and poses a significant risk of harm to the affected individual.
A HIPAA Breach
An inadvertent disclosure
The Office for Civil Rights can punish us with civil monetary penalties.
The Office for Civil Rights can punish us with criminal penalties.
We may have to notify the involved patient(s).
We may have to notify the involved client(s).
We may have to notify the media.
Our company’s name may be posted on the Department of Health and Human Services’ website “Wall of Shame.”
Height and weight
Date of birth or SSN
Eye and hair color
Ensure the confidentiality, integrity, and availability of ePHI.
Ensure the completeness, integrity, and authenticity of ePHI.
Ensure the confidentiality, individuality and accountability of ePHI.
Unsecured or unprotected PHI that is then accessed by unauthorized persons.
Hard copy PHI that is improperly disposed of in trash bins.
Curious employees that browse medical records of family or friends.
Terminated employees that gain access to computer records.
Careless employees discussing PHI in public areas.
All of the above