Please enable JavaScript.
Coggle requires JavaScript to display documents.
Security and Privacy of Health Information - Coggle Diagram
Security and Privacy of Health Information
Business Challenges Facing the Healthcare Industry
Medical Identity Theft
Why is Healthcare information so sensitive?
The Health Insurance Portability and Accountability Act
Purpose
The Difference Between COBRA and HIPAA
The 2009 HITECH Act
Scope
Unprotected health information (PHI)
Covered entity
Billing and claims payment
Health plan eligibility
Enrollment and disenrollment in a health plan
Health plan premium payments
Business associates
Main Requirements of the Privacy Rule
To improve health care in the united states by restoring consumer trust in the healthcare system
To create a national framework for health privacy protection.
To allow consumers to control the use of their health information. This includes providing consumers with a way to access their health information
Disclosure
Permitted uses and disclosures
Uses and Disclosures made for public health and safety activities
Vital Statistics and Communicable Diseases
Uses and Disclosures made after an Opportunity to Opt-Out
Abuse and Neglect
Treatment, Payment, and Healthcare Operations
Required by law and law enforcement
Uses and Disclosures made to a person about his or her own PHI
Limited Data sets used or disclosed for specified activities
Uses and Disclosures that require authorization
Authorization
Minimum Necessary Rule
Minimum necessary rule
Other Individual Rights under the Privacy Rule
Amendments of PHI
Privacy Notices
Administrative Requirements
Breach Notification Provisions
The PHI that was involved in the breach
Who used or received the PHI
Was the PHI actually Acquired?
Have risks been mitigated?
Main Requirements of Security Rule
Electronic protected health information (EPHI)
Safeguards and Implementation Specifications
Administrative Safeguards
Physical Safeguards
Technical Safeguards