| |
| |
| Preface | |
| |
| |
| About the Authors | |
| |
| |
| Acknowledgements | |
| |
| |
| |
| Introduction to HIPAA | |
| |
| |
| Introduction | |
| |
| |
| How the Rules Came into Existence | |
| |
| |
| Titles of HIPAA Law | |
| |
| |
| |
| Health Insurance Access, Portability, and Renewal | |
| |
| |
| |
| Preventing Health Care Fraud and Abuse; Administrative Simplification; Medical Liability Reform | |
| |
| |
| |
| Group Health Plan Requirements | |
| |
| |
| Other Titles in HIPAA | |
| |
| |
| HIPAA: An Organizational and Business Challenge | |
| |
| |
| Who Is a "Covered Entity?" | |
| |
| |
| The HIPAA Officer | |
| |
| |
| Summary | |
| |
| |
| Review Questions | |
| |
| |
| References | |
| |
| |
| |
| Privacy Issues Explained | |
| |
| |
| Introduction | |
| |
| |
| To Whom Does Title II Apply? | |
| |
| |
| What Is Protected Health Information? | |
| |
| |
| Authorization versus Consent | |
| |
| |
| Concerns about Protected Health Information and Possible Disclosures | |
| |
| |
| Required Disclosures | |
| |
| |
| Permitted Use and Disclosure without Authorization | |
| |
| |
| For Individual Access | |
| |
| |
| For Treatment, Payment, and Health Care Operations | |
| |
| |
| When Permission to Disclose is Received | |
| |
| |
| When Incidental | |
| |
| |
| For Public Interest or to Benefit the Public | |
| |
| |
| For Research | |
| |
| |
| Permitted Use and Disclosure with Authorization | |
| |
| |
| Disclosure of Psychotherapy Notes | |
| |
| |
| Disclosure for Marketing Purposes | |
| |
| |
| Disclosure for Directory Purposes | |
| |
| |
| Limiting Uses and Disclosures | |
| |
| |
| Minimum Necessary Uses | |
| |
| |
| Business Associates under the Privacy Rule | |
| |
| |
| Training of the Public and Workforce | |
| |
| |
| Amending Protected Health Information | |
| |
| |
| Enforcement Guidelines | |
| |
| |
| Civil Penalties under HIPAA | |
| |
| |
| Criminal Penalties under HIPAA | |
| |
| |
| What the HIPAA Privacy Rule Covers | |
| |
| |
| Summary | |
| |
| |
| Review Questions | |
| |
| |
| References | |
| |
| |
| |
| Transactions and Code Sets | |
| |
| |
| Introduction | |
| |
| |
| Purpose of Transaction Standards | |
| |
| |
| Designated Code Sets | |
| |
| |
| Diagnosis Codes | |
| |
| |
| Inpatient Procedure Codes | |
| |
| |
| Outpatient Procedure Codes | |
| |
| |
| Dental Procedures | |
| |
| |
| Drug Codes | |
| |
| |
| Nonmedical Code Sets | |
| |
| |
| ASC X12 Nomenclature | |
| |
| |
| Data Overview | |
| |
| |
| Architecture | |
| |
| |
| Use of Loops | |
| |
| |
| Sample of EDI Claim Data (UB-04, Hospital Billing Form) | |
| |
| |
| Limitations of Electronic Claims | |
| |
| |
| Remittance Advice and Secondary Payer | |
| |
| |
| Working with Outside Entities | |
| |
| |
| Trading Partner Agreements | |
| |
| |
| Business Use and Definition | |
| |
| |
| Enforcement of Transactions and Code Sets | |
| |
| |
| Summary | |
| |
| |
| Review Questions | |
| |
| |
| References | |
| |
| |
| |
| Security Rule Explained | |
| |
| |
| Introduction | |
| |
| |
| Core Requirements | |
| |
| |
| Administrative Safeguards | |
| |
| |
| Security Management | |
| |
| |
| Assigned Security Responsibility-Security Officer | |
| |
| |
| Workforce Security | |
| |
| |
| Information Access | |
| |
| |
| Security Awareness and Training | |
| |
| |
| Security Incidents | |
| |
| |
| Contingency Plans | |
| |
| |
| Evaluation of Security Effectiveness | |
| |
| |
| Business Associate Contracts | |
| |
| |
| Physical Safeguards | |
| |
| |
| Facility Access Controls | |
| |
| |
| Workstation Use | |
| |
| |
| Workstation Security | |
| |
| |
| Device and Media Controls | |
| |
| |
| Technical Safeguards | |
| |
| |
| Access Control | |
| |
| |
| Audit Controls | |
| |
| |
| Integrity | |
| |
| |
| Person or Entity Authorization | |
| |
| |
| Transmission Security | |
| |
| |
| Organization Requirements | |
| |
| |
| Policies, Procedures, and Documentation | |
| |
| |
| Impact on Organizations | |
| |
| |
| Challenges to Compliance and Enforcement | |
| |
| |
| Summary | |
| |
| |
| Review Questions | |
| |
| |
| References | |
| |
| |
| |
| Unique Health Identifiers and HIPAA Myths | |
| |
| |
| Introduction | |
| |
| |
| Reasons for Identification Numbers | |
| |
| |
| Employer Identifier | |
| |
| |
| Health Care Provider Identifier | |
| |
| |
| Health Plan Identifier | |
| |
| |
| Personal Identifier | |
| |
| |
| What Is Important to Know about HIPAA? | |
| |
| |
| Locating the Latest Title II Rules and Changes | |
| |
| |
| Legal Ramifications of HIPAA | |
| |
| |
| Myths about HIPAA | |
| |
| |
| Summary | |
| |
| |
| Review Questions | |
| |
| |
| References | |
| |
| |
| |
| HIPAA for Health Care Professionals | |
| |
| |
| |
| Covered Entity Charts | |
| |
| |
| |
| CMS Regional Offices and Government Resources | |
| |
| |
| |
| HIPAA Non-Privacy Complaint Form | |
| |
| |
| |
| Security Standards Matrix | |
| |
| |
| |
| Resources for HIPAA Information | |
| |
| |
| Introduction to HIPAA-Chapter 1 | |
| |
| |
| Privacy Rule Resources-Chapter 2 | |
| |
| |
| Transactions and Code Sets Resources-Chapter 3 | |
| |
| |
| Names and Web Sites of Designated Standards Maintenance Organizations (DSMOs)-Chapter 3 | |
| |
| |
| Security Rule Resources-Chapter 4 | |
| |
| |
| Identifier Rule Resources-Chapter 5 | |
| |
| |
| Glossary | |
| |
| |
| Index | |