Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
10 Cards in this Set
- Front
- Back
Define: "Informed Consent"
|
Written consent to the disclosure of information from patient health care records to an individual, agency or organization
|
|
What is contained on the written consent to disclose patient health care records?
|
1) Name of patient whose record is being disclosed
2) Type of information to be disclosed 3) Types of health care providers making disclosure 4) Purpose of disclosure 5) Individual, agency or organization to which disclosure may be made 6) Signature of patient or authorized person 7) Date on which consent is signed 8) Time period during which the consent is effective |
|
True or False
Billing statements and invoices for treatment are not considered patient health care records |
False
|
|
What is contained on the required "Notice of Privacy Practices"?
|
1) How information will be used and disclosed
2) Description of legal duties to protect PHI 3) Statement of pt's rights and brief explanation of how they may be exercised 4) Statement that pt may complain to the pharmacy or HHS along with a how-to 5) A contact in the company for privacy concerns. Must include person's name or title and a telephone number |
|
What are the exceptions to the minimum necessary requirement?
|
1) Communications to the pt
2) Communications regarding the tx of the pt with other providers involved in said tx 3) When authorized by pt 4) When required by HHS for compliance and enforcement purpose 5) When required by law |
|
When is patient authorization required?
|
An example would be if a pharmacy wished to mail a flyer for specific diabetic products to its diabetic patients identified through their database.
Anything that is sent to an identified patient subset with the intent to attain sales requires a patient authorization |
|
What are examples of business associate contacts?
|
These are outside entities such as:
- Claims processing - Data processing - Software developing |
|
True or False
A pharmacy must ascertain a signed privacy practice notice from every patient |
False - It is the right of the patient to refuse to sign the notice, but the pharmacy must make a "good faith effort" to at least obtain the signature
|
|
True or False
If one patient overhears the consult to another patient, this constitutes a HIPAA violation and the pharmacy is liable |
False - As long as the pharmacy has "reasonable safeguards" in place to protect PHI and professional judgement was maintained, this is not considered a violation
|
|
What happens if a pharmacy breaches the PHI of over 500 individuals?
|
They must notify the media within 60 days of discovery, as well as the HHS
|