+353-1-416-8900REST OF WORLD
1-800-526-8630U.S. (TOLL FREE)

Hipaa @ IT Essentials, Second Edition: Health Information Transactions, Privacy, and Security

  • ID: 29574
  • Book
  • May 2003
  • 92 pages
  • HIPAA-IT LLC
1 of 4
This book is organized into the following three main chapters:
* Transactions,
* Privacy, and
* Security.

The Transaction Final Rule was published in August 2000, the Privacy Final Rule in December 2000, and the Security Rule in February 2003.

The Transactions Chapter relates to exchanges between healthcare providers and payers and covers
* transactions,
* code sets,
* identifiers,
* impact, and
* implementation.

Standards for transactions and code sets are vital to efficient and effective communication among healthcare organizations.
The impact should be higher quality at less cost.

The Privacy Chapter focuses on the relationship between patients and the healthcare system and addresses
* notice and authorization,
* uses and disclosures
* patient rights,
* administration, and
* impact.

When one person has the private information of another, that other person loses some control. The Privacy Rule gives the patient strong rights over his or her information.

The Security Chapter explains how to keep information safe and covers first the compliance life cycle and then administrative, technical, and physical safeguards. Workflow management is vital to healthcare organizations and when done properly gives security as a derivative.
Note: Product cover images may vary from those shown
2 of 4

Loading
LOADING...

3 of 4
Section-Number Heading Page-Number <BR>1 INTRODUCTION 1 <BR>1.1 THE PROBLEM 1 <BR>1.2 1990S 2 <BR>1.3 SCHEDULE 3 <BR>1.4 COVERED ENTITIES 3 <BR>1.5 PENALTIES 4 <BR>2 TRANSACTIONS 5 <BR>2.1 LEGISLATION 5 <BR>2.1.1 Standards Required 5 <BR>2.1.2 Applicability 6 <BR>2.2 STANDARDS 6 <BR>2.2.1 Standards Organizations 6 <BR>2.2.2 Standards Development 7 <BR>2.3 TRANSACTIONS 8 <BR>2.3.1 X12 Administration 8 <BR>2.3.2 X12 Technical Details 8 <BR>2.3.3 Eligibility Technical Details 9 <BR>2.4 CODE SETS 10 <BR>2.5 IDENTIFIERS 11 <BR>2.5.1 Provider Identifiers 12 <BR>2.5.2 Employer Identifier 12 <BR>2.5.3 Personal Identifier 12 <BR>2.6 ECOMMERCE WORKFLOW 13 <BR>2.6.1 Physician Practice 13 <BR>2.6.2 Eligibility 13 <BR>2.6.3 Claims Status Inquiry 13 <BR>2.6.4 Savings 14 <BR>2.7 IMPLEMENTATION 14 <BR>2.7.1 Who is Doing What 14 <BR>2.7.2 Costs 15 <BR>2.7.3 Sequencing 16 <BR>2.7.4 Certification 16 <BR>2.7.5 Provider Approach 16 <BR>2.7.6 Trading Agreement 18 <BR>2.7.7 Case Study 19 <BR>2.8 CONCLUSION 19 <BR>2.8.1 Administrative Simplification 19 <BR>2.8.2 Transactions 19 <BR>2.8.3 Codes and Identifiers 20 <BR>2.8.4 Implementation 20 <BR>2.8.5 Epilogue 20 <BR>3 PRIVACY 21 <BR>3.1 INTRODUCTION 21 <BR>3.1.1 Power 21 <BR>3.1.2 A Flow Scenario 22 <BR>3.1.3 Applicable 24 <BR>3.2 NOTICE OF PRIVACY PRACTICES 24 <BR>3.2.1 Provision of Notice 24 <BR>3.2.2 Acknowledgment 25 <BR>3.2.3 Plain Language 25 <BR>3.3 AUTHORIZATION 26 <BR>3.3.1 Principles 26 <BR>3.3.2 Authorization Form 26 <BR>3.4 USES AND DISCLOSURES 27 <BR>3.4.1 Minimum Necessary Standard 27 <BR>3.4.2 Business Associate 29 <BR>3.4.3 De-identification 32 <BR>3.5 SPECIAL OPPORTUNITIES 33 <BR>3.5.1 Opportunity to Object 33 <BR>3.5.2 No Opportunity to Object 34 <BR>3.6 PATIENT RIGHTS 35 <BR>3.6.1 Access to Information 35 <BR>3.6.2 Confidential Communications 36 <BR>3.6.3 Right to Amend 36 <BR>3.6.4 Accounting of Disclosures 37 <BR>3.7 ADMINISTRATION 38 <BR>3.7.1 Requirements 38 <BR>3.7.2 Enforcement 39 <BR>3.8 STATE LAW 40 <BR>3.8.1 Comparing 40 <BR>3.8.2 Preemption 40 <BR>3.9 MAINTENANCE COSTS 41 <BR>3.9.1 Patient Rights 41 <BR>3.9.2 Communication 43 <BR>3.9.3 Administration 43 <BR>3.9.4 Overall 43 <BR>3.10 CASE STUDIES 44 <BR>3.10.1 Air Force 44 <BR>3.10.2 Kindred 44 <BR>3.11 CONCLUSION 45 <BR>3.11.1 Summary 45 <BR>3.11.2 Directions 47 <BR>4 SECURITY 48 <BR>4.1 CONTEXT 48 <BR>4.1.1 Covered Information 48 <BR>4.1.2 Addressable 49 <BR>4.2 LIFE CYCLE 49 <BR>4.2.1 Awareness 50 <BR>4.2.2 Gap Analysis 50 <BR>4.2.3 Risk Analysis 51 <BR>4.2.4 Information Security Officer 52 <BR>4.2.5 Training 53 <BR>4.2.6 Quality Control 53 <BR>4.2.7 Evaluation 54 <BR>4.3 ADMINISTRATIVE SAFEGUARDS 55 <BR>4.3.1 Management and Awareness 55 <BR>4.3.2 Workforce Security 55 <BR>4.3.3 Information Access 56 <BR>4.3.4 Incident Procedures 59 <BR>4.3.5 Contingency Plan 59 <BR>4.3.6 Business Associate 60 <BR>4.3.7 Matrix 61 <BR>4.3.8 Case Studies 62 <BR>4.4 TECHNICAL SAFEGUARDS 64 <BR>4.4.1 Access Control 65 <BR>4.4.2 Audit 65 <BR>4.4.3 Integrity 66 <BR>4.4.4 User Authentication 67 <BR>4.4.5 Transmission 67 <BR>4.4.6 Case Studies 68 <BR>4.5 PHYSICAL SAFEGUARDS 70 <BR>4.5.1 Facility Access 70 <BR>4.5.2 Workstation 71 <BR>4.5.3 Device and Media Controls 71 <BR>4.5.4 Example 72 <BR>4.6 CONCLUSION 72 <BR>5 CONCLUSION 73 <BR>5.1 CORPORATE COMPLIANCE 73 <BR>5.2 PEER PRACTICES 75 <BR>5.3 TECHNOLOGY 76 <BR>5.4 EPILOGUE 76 <BR>6 REFERENCES 78 <BR>7 INDEX OF TERMS 82
Note: Product cover images may vary from those shown
4 of 4
Note: Product cover images may vary from those shown
Adroll
adroll