| |
| |
Preface | |
| |
| |
About the Authors | |
| |
| |
Acknowledgements | |
| |
| |
| |
Introduction to HIPAA | |
| |
| |
Introduction | |
| |
| |
How the Rules Came into Existence | |
| |
| |
Titles of HIPAA Law | |
| |
| |
| |
Health Insurance Access, Portability, and Renewal | |
| |
| |
| |
Preventing Health Care Fraud and Abuse; Administrative Simplification; Medical Liability Reform | |
| |
| |
| |
Group Health Plan Requirements | |
| |
| |
Other Titles in HIPAA | |
| |
| |
HIPAA: An Organizational and Business Challenge | |
| |
| |
Who Is a "Covered Entity?" | |
| |
| |
The HIPAA Officer | |
| |
| |
Summary | |
| |
| |
Review Questions | |
| |
| |
References | |
| |
| |
| |
Privacy Issues Explained | |
| |
| |
Introduction | |
| |
| |
To Whom Does Title II Apply? | |
| |
| |
What Is Protected Health Information? | |
| |
| |
Authorization versus Consent | |
| |
| |
Concerns about Protected Health Information and Possible Disclosures | |
| |
| |
Required Disclosures | |
| |
| |
Permitted Use and Disclosure without Authorization | |
| |
| |
For Individual Access | |
| |
| |
For Treatment, Payment, and Health Care Operations | |
| |
| |
When Permission to Disclose is Received | |
| |
| |
When Incidental | |
| |
| |
For Public Interest or to Benefit the Public | |
| |
| |
For Research | |
| |
| |
Permitted Use and Disclosure with Authorization | |
| |
| |
Disclosure of Psychotherapy Notes | |
| |
| |
Disclosure for Marketing Purposes | |
| |
| |
Disclosure for Directory Purposes | |
| |
| |
Limiting Uses and Disclosures | |
| |
| |
Minimum Necessary Uses | |
| |
| |
Business Associates under the Privacy Rule | |
| |
| |
Training of the Public and Workforce | |
| |
| |
Amending Protected Health Information | |
| |
| |
Enforcement Guidelines | |
| |
| |
Civil Penalties under HIPAA | |
| |
| |
Criminal Penalties under HIPAA | |
| |
| |
What the HIPAA Privacy Rule Covers | |
| |
| |
Summary | |
| |
| |
Review Questions | |
| |
| |
References | |
| |
| |
| |
Transactions and Code Sets | |
| |
| |
Introduction | |
| |
| |
Purpose of Transaction Standards | |
| |
| |
Designated Code Sets | |
| |
| |
Diagnosis Codes | |
| |
| |
Inpatient Procedure Codes | |
| |
| |
Outpatient Procedure Codes | |
| |
| |
Dental Procedures | |
| |
| |
Drug Codes | |
| |
| |
Nonmedical Code Sets | |
| |
| |
ASC X12 Nomenclature | |
| |
| |
Data Overview | |
| |
| |
Architecture | |
| |
| |
Use of Loops | |
| |
| |
Sample of EDI Claim Data (UB-04, Hospital Billing Form) | |
| |
| |
Limitations of Electronic Claims | |
| |
| |
Remittance Advice and Secondary Payer | |
| |
| |
Working with Outside Entities | |
| |
| |
Trading Partner Agreements | |
| |
| |
Business Use and Definition | |
| |
| |
Enforcement of Transactions and Code Sets | |
| |
| |
Summary | |
| |
| |
Review Questions | |
| |
| |
References | |
| |
| |
| |
Security Rule Explained | |
| |
| |
Introduction | |
| |
| |
Core Requirements | |
| |
| |
Administrative Safeguards | |
| |
| |
Security Management | |
| |
| |
Assigned Security Responsibility-Security Officer | |
| |
| |
Workforce Security | |
| |
| |
Information Access | |
| |
| |
Security Awareness and Training | |
| |
| |
Security Incidents | |
| |
| |
Contingency Plans | |
| |
| |
Evaluation of Security Effectiveness | |
| |
| |
Business Associate Contracts | |
| |
| |
Physical Safeguards | |
| |
| |
Facility Access Controls | |
| |
| |
Workstation Use | |
| |
| |
Workstation Security | |
| |
| |
Device and Media Controls | |
| |
| |
Technical Safeguards | |
| |
| |
Access Control | |
| |
| |
Audit Controls | |
| |
| |
Integrity | |
| |
| |
Person or Entity Authorization | |
| |
| |
Transmission Security | |
| |
| |
Organization Requirements | |
| |
| |
Policies, Procedures, and Documentation | |
| |
| |
Impact on Organizations | |
| |
| |
Challenges to Compliance and Enforcement | |
| |
| |
Summary | |
| |
| |
Review Questions | |
| |
| |
References | |
| |
| |
| |
Unique Health Identifiers and HIPAA Myths | |
| |
| |
Introduction | |
| |
| |
Reasons for Identification Numbers | |
| |
| |
Employer Identifier | |
| |
| |
Health Care Provider Identifier | |
| |
| |
Health Plan Identifier | |
| |
| |
Personal Identifier | |
| |
| |
What Is Important to Know about HIPAA? | |
| |
| |
Locating the Latest Title II Rules and Changes | |
| |
| |
Legal Ramifications of HIPAA | |
| |
| |
Myths about HIPAA | |
| |
| |
Summary | |
| |
| |
Review Questions | |
| |
| |
References | |
| |
| |
| |
HIPAA for Health Care Professionals | |
| |
| |
| |
Covered Entity Charts | |
| |
| |
| |
CMS Regional Offices and Government Resources | |
| |
| |
| |
HIPAA Non-Privacy Complaint Form | |
| |
| |
| |
Security Standards Matrix | |
| |
| |
| |
Resources for HIPAA Information | |
| |
| |
Introduction to HIPAA-Chapter 1 | |
| |
| |
Privacy Rule Resources-Chapter 2 | |
| |
| |
Transactions and Code Sets Resources-Chapter 3 | |
| |
| |
Names and Web Sites of Designated Standards Maintenance Organizations (DSMOs)-Chapter 3 | |
| |
| |
Security Rule Resources-Chapter 4 | |
| |
| |
Identifier Rule Resources-Chapter 5 | |
| |
| |
Glossary | |
| |
| |
Index | |