This is an IT class , the question should answered in reference to the materials attached to the question and the case study in blue print .
reference book : legal issue in information security
(joanna lyn grama ) second edition
Answer the following to the best of your ability in complete sentences with proper spelling and grammar. Be sure to elaborate on your answers and provide support for each of your statements. Your textbook and your own knowledge are your source for answering questions unless otherwise instructed. Format your answers in blue font.
Recall that you must cite any sources and it is never okay to copy from any source. TurnItIn Plagiarism checking is being run against all submissions. Your work must be below a 40% match per question.
1. Describe the main parts of the Health Information Portability and Accountability Act (HIPAA) and how it protects health care information.
2. Why is health care information sensitive?
3. List 5 examples of privacy data elements for HIPAA as defined in the Privacy Rule.
4. Describe the role of state law in protecting the confidentiality of medical records.
5. What other laws affect health care in the USA?
6. What is the difference between COBRA and HIPAA?
7. Explain incidental disclosures that are permitted disclosures under the Privacy Rule.
8. Discuss the scope of HIPAA in the context of small doctor’s and dentist’s offices. Do these offices have to comply with the same HIPAA regulations as large health institutions? What challenges do the small offices face?
9. Read through the HIPAA case examples presented in the text sheet “HIPAA Case Examples” (ts_ hipaacaseexamples). What other policies or procedures could each organization institute to comply with HIPAA?
10. Consider the check-in desk at any doctor’s office, dentist’s office, or emergency room at a hospital. Most desks are located in the waiting room, where visitors can hear conversations at the check-in desk between care providers and patients. What procedures should be instituted to ensure the privacy of conversations between providers and patients?
HIPAA Case Examples
© 2015 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.
www.jblearning.com
This handout is a reprint of several HIPAA case examples published by the U.S. Department of
Health and Human Services (http://www.hhs.gov).
Source: http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/allcases.html
URL Last Verified: 2014-05-16
HIPAA Case Examples
Hospital Implements New Polices for Telephone Messages
Covered Entity: General Hospital
Issue: Minimum Necessary; Confidential Communications
A hospital employee did not observe minimum necessary requirements when she left a telephone
message with the daughter of a patient that detailed both her medical condition and treatment plan. An
OCR investigation also indicated that the confidential communications requirements were not followed, as
the employee left the message at the patient’s home telephone number, despite the patient’s instructions
to contact her through her work number. To resolve the issues in this case, the hospital developed and
implemented several new procedures. One addressed the issue of minimum necessary information in
telephone message content. Employees were trained to provide only the minimum necessary information
in messages, and were given specific direction as to what information could be left in a message.
Employees also were trained to review registration information for patient contact directives regarding
leaving messages. The new procedures were incorporated into the standard staff privacy training, both
as part of a refresher series and mandatory yearly compliance training.
HMO Revises Process to Obtain Valid Authorizations
Covered Entity: Health Plans / HMOs
Issue: Impermissible Uses and Disclosures; Authorizations
A complaint alleged that an HMO impermissibly disclosed a member’s PHI, when it sent her entire
medical record to a disability insurance company without her authorization. An OCR investigation
indicated that the form the HMO relied on to make the disclosure was not a valid authorization under the
Privacy Rule. Among other corrective actions to resolve the specific issues in the case, the HMO created
a new HIPAA-compliant authorization form and implemented a new policy that directs staff to obtain
patient signatures on these forms before responding to any disclosure requests, even if patients bring in
their own “authorization” form. The new authorization specifies what records and/or portions of the files
will be disclosed and the respective authorization will be kept in the patient’s record, together with the
disclosed information.
Mental Health Center Corrects Process for Providing Notice of Privacy Practices
Covered Entity: Outpatient Facility
Issue: Notice
Page 2
A mental health center did not provide a notice of privacy practices (notice) to a father or his minor
daughter, a patient at the center. In response to OCR’s investigation, the mental health center
acknowledged that it had not provided the complainant and his daughter with a notice prior to her mental
health evaluation. To resolve this matter, the mental health center revised its intake assessment policy
and procedures to specify that the notice will be provided and the clinician will attempt to obtain a signed
acknowledgement of receipt of the notice prior to the intake assessment. The acknowledgement form is
now included in the intake package of forms. The center also provided OCR with written assurance that
all policy changes were brought to the attention of the staff involved in the daughter’s care and then
disseminated to all staff affected by the policy change.
Entity Rescinds Improper Billing for Medical Record Copies
Covered Entity: Private Practice
Issue: Access
A patient alleged that a covered entity failed to provide him access to his medical records. After OCR
notified the entity of the allegation, the entity released the complainant’s medical records but also billed
him $100.00 for a “records review fee” as well as an administrative fee. The Privacy Rule permits the
imposition of a reasonable cost-based fee that includes only the cost of copying and postage and
preparing an explanation or summary if agreed to by the individual. To resolve this matter, the covered
entity refunded the $100.00 “records review fee.”
Hospital Issues Guidelines Regarding Disclosures to Avert Threats to Health
or Safety
Covered Entity: General Hospital
Issue: Safeguards; Impermissible Uses and Disclosures; Disclosures to Avert a Serious Threat to Health
or Safety
After treating a patient injured in a rather unusual sporting accident, the hospital released to the local
media, without the patient’s authorization, copies of the patient’s skull x-ray as well as a description of the
complainant’s medical condition. The local newspaper then featured on its front page the individual’s x-
ray and an article that included the date of the accident, the location of the accident, the patient’s gender,
a description of patient’s medical condition, and numerous quotes from the hospital about such unusual
sporting accidents. The hospital asserted that the disclosures were made to avert a serious threat to
health or safety; however, OCR’s investigation indicated that the disclosures did not meet the Privacy
Rule’s standard for such actions. The investigation also indicated that the disclosures did not meet the
Rule’s de-identification standard and therefore were not permissible without the individual’s authorization.
Page 3
Among other corrective actions to resolve the specific issues in the case, OCR required the hospital to
develop and implement a policy regarding disclosures related to serious threats to health and safety, and
to train all members of the hospital staff on the new policy.
Page 4
We provide professional writing services to help you score straight A’s by submitting custom written assignments that mirror your guidelines.
Get result-oriented writing and never worry about grades anymore. We follow the highest quality standards to make sure that you get perfect assignments.
Our writers have experience in dealing with papers of every educational level. You can surely rely on the expertise of our qualified professionals.
Your deadline is our threshold for success and we take it very seriously. We make sure you receive your papers before your predefined time.
Someone from our customer support team is always here to respond to your questions. So, hit us up if you have got any ambiguity or concern.
Sit back and relax while we help you out with writing your papers. We have an ultimate policy for keeping your personal and order-related details a secret.
We assure you that your document will be thoroughly checked for plagiarism and grammatical errors as we use highly authentic and licit sources.
Still reluctant about placing an order? Our 100% Moneyback Guarantee backs you up on rare occasions where you aren’t satisfied with the writing.
You don’t have to wait for an update for hours; you can track the progress of your order any time you want. We share the status after each step.
Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.
Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.
From brainstorming your paper's outline to perfecting its grammar, we perform every step carefully to make your paper worthy of A grade.
Hire your preferred writer anytime. Simply specify if you want your preferred expert to write your paper and we’ll make that happen.
Get an elaborate and authentic grammar check report with your work to have the grammar goodness sealed in your document.
You can purchase this feature if you want our writers to sum up your paper in the form of a concise and well-articulated summary.
You don’t have to worry about plagiarism anymore. Get a plagiarism report to certify the uniqueness of your work.
Join us for the best experience while seeking writing assistance in your college life. A good grade is all you need to boost up your academic excellence and we are all about it.
We create perfect papers according to the guidelines.
We seamlessly edit out errors from your papers.
We thoroughly read your final draft to identify errors.
Work with ultimate peace of mind because we ensure that your academic work is our responsibility and your grades are a top concern for us!
Dedication. Quality. Commitment. Punctuality
Here is what we have achieved so far. These numbers are evidence that we go the extra mile to make your college journey successful.
We have the most intuitive and minimalistic process so that you can easily place an order. Just follow a few steps to unlock success.
We understand your guidelines first before delivering any writing service. You can discuss your writing needs and we will have them evaluated by our dedicated team.
We write your papers in a standardized way. We complete your work in such a way that it turns out to be a perfect description of your guidelines.
We promise you excellent grades and academic excellence that you always longed for. Our writers stay in touch with you via email.