HIPAA: Important Information for Medical Students

An overview of HIPAA for medical students, covering the meaning of HIPAA, its core components, and scenarios related to accessing patient records through systems like EPIC. Learn about HIPAA regulations and how they safeguard patient information.

• HIPAA
• Medical Students
• Privacy Rules
• EPIC Access
• Patient Records

cresswell_v Follow

Uploaded on Oct 11, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

Presentation Transcript

1. HIPAA for medical students Dan Chen, MD Internal Medicine and Student Affairs Diane M. Lindquist - Director of Health Privacy and Compliance and BU HIPAA Privacy Officer Karen Symes, PhD Biochemistry and Student Affairs

2. What does HIPAA stand for? A. Horrible, Intrusive Privacy Access Account B. Health Insurance Portability and Accountability Act C. Harmful Illness Probability and Anti- Acquisition D. Healthy Intermediary Person and Associate Aide

3. What is HIPAA A US law to protect patients' health information, including: Privacy Rules, that every access, use or disclosure of patient information must be for an approved purpose Security Rule, that requires we keep patient electronic data safe and encrypted Breach Notification rule, requiring any breach of the Privacy and Security Rules be reported to the affected patients and to the government.

4. Is this access a HIPAA violation?

5. Is it OK for me to use EPIC to look at the entire medical record of my patient? A. Yes B. No

6. Is it OK for me to use EPIC to look at the entire medical record of my patient? A. Yes, because it is part of my formal clinical rotation B. No, because it is not part of my formal clinical rotation

7. Is it OK for me to use EPIC to look at the entire medical record of my team s patient? A. Yes B. No

8. Is it OK for me to use EPIC to look at the entire medical record of my team s patient? A. Yes, because it is part of my formal clinical rotation B. No, because it is not part of my formal clinical rotation

9. Is it OK to review the records of patients I will be seeing when my rotation starts next week? A. Yes B. No

10. Is it OK to review the record of patients I will be seeing when my rotation starts next week? A. Yes, because it is part of my formal clinical rotation B. No, because it is not part of my formal clinical rotation

11. Is it OK for me to use EPIC to check in on a patient I was following in my previous rotation? A. Yes B. No

12. Is it OK for me to use EPIC to check in on a patient I was following in my previous rotation? A. Yes, because it is part of my formal clinical rotation B. No, because it is not part of my formal clinical rotation

13. Is it OK for me to use a random patient record in EPIC to learn about a specific condition or treatment? A. Yes B. No

14. Is it OK for me to use a random patient record in EPIC to learn about a specific condition or treatment? A. Yes, because it is part of my formal clinical rotation B. No, because it is not part of my formal clinical rotation

15. Is it OK if my friend asks me to check his medical record in EPIC to see what is written about him? A. Yes B. No

16. Is it OK if my friend asks me to check his medical record in EPIC to see what is written about him? A. Yes, because it is part of my formal clinical rotation B. No, because it is not part of my formal clinical rotation

17. Is it OK if my Aunt asks me to check her medical record in EPIC to see what is written about her? A. Yes B. No

18. Is it OK if my Aunt asks me to check her medical record in EPIC to see what is written about her? A. Yes, because it is part of my formal clinical rotation B. No, because it is not part of my formal clinical rotation

19. Is it OK for me to access my own medical record through EPIC? A. Yes B. No

20. Is it OK for me to access my own medical record through EPIC? A. Yes, because it is part of my formal clinical rotation B. No, because it is not part of my formal clinical rotation

21. Is it OK for me speak about a patient in the hallway as long as it is with other members of the medical team? A. Yes B. No

22. Is it OK for me speak about a patient in the hallway as long as it is with other members of the medical team? A. Yes, as long reasonable efforts are made to safeguard against accidental disclosure to other people within earshot B. No, the risk of accidental disclosure to other people within earshot is too high

23. Is it OK for me to post a comment on social media about a patient as long as it is deidentified? A. Yes B. No

24. What is social media?

25. BMC definitions of social media

26. Is it OK for me to post a comment on social media about a patient as long as it is deidentified? A. Yes, as long as I am respectful B. No, never under any circumstances

27. Is it OK for me to snapchat an image of a patients interesting mole as long as it is deidentified and they give me permission? A. Yes B. No

28. Is it OK for me to snapchat an image of a patients interesting mole as long as it is deidentified and they give me permission? A. Yes, because it is part of my formal clinical rotation B. No, because it is not part of my formal clinical rotation

29. How are HIPAA violations detected? Every click in the EMR is registered and recorded The BMC compliance office frequently carries out audits to determine who is accessing the EMR. Flags include access by individuals not in particular departments or rotations, same last name accesses, excessive access to particular patient s record AS WELL AS RANDOM AUDITS Patients overhear or witness things in person and on-line Colleagues report violations

30. Consequences Investigation by Boston University and Boston Medical Center Suspension from using EPIC temporary pending investigation Suspension from using EPIC permanently Patients informed of violation Appear before Disciplinary Committee Dismissal Inability to obtain a medical license Fined Institution and personally sued Financial, reputational, and discriminatory harms to patients

31. Case discuss 2 minutes with the person sitting next to you and report back A medical student uses marijuana for medical reasons. As part of the onboarding at an away site, they were required to take a drug test, which was positive for delta-9-tetrahydrocannabinol (THC) and its derivatives. What are possible implications?

32. Questions