So after talking about some of the restrictions of HIPPA, the next question we want to ask is, Well, do I always have to get a waiver dough? I always have to get consent. What are some exceptions or possible exceptions to the rule? When can Ph I be shared?
Um, and I first of all, just want to stress that these Air General rules
often they're very specific requirements to allow this to happen. So when we talk about Ph. I've being shared. There are a couple of situations in which this information can be shared
to the individual patient themselves
in relation to information regarding that patient's treatment.
That information may be able to be shared in order to obtain payment
and then for health care operations activity. So just in looking at each of these, you know the first one's kind of common sense. I can share your health care information with you,
and you have a right to ask for that health care information. So you know the doctor patient privilege and that doctor patient coverage. As a health care provider, I don't protect a patient's information from that patient. I'm, of course, able to disclose the information to the patient now
options. And again, this does not give CART launch exception to HIPPA. But as a general rule, when we're talking about providing coordinating our managing
health care for a particular patient, we can share health care information with the physicians or other attending entities providing that health care. So perhaps you're staying at a hospital, and a specialized surgeon needs to be called in.
They have access to your medical records because they need to be able to provide you complete and comprehensive
ah, an anesthesiologist that's brought in as a separate entity
will be given access to your healthcare records because they need to know if you've had allergic reactions to anesthesia in the past.
Ah, hospital may use this information thio in relation to an individual, perhaps that cannot make decisions for themselves. Uh, and again, it just really depends on the specific situation
payment. So here, when we talk about a doctor who is trying to make sure that a specific procedure is covered by your health plan, your health plan may require more information from the doctor to support that claim.
Ah, if I want to build on behalf of my patients or submit a claim for insurance again. I think I mentioned earlier. We need diagnostic codes. We need codes for the treatment. So usually information between a doctor and a payment organization like Medicaid, Medicare, health Insurance Company
Maur information that health care information is able to be
distributed again. Some specifics. Billing and collection activities, medical necessity coverage, justification
utilization review activities. Are you someone that is frequently returning to the doctor for a specific issue? Perhaps you're near the point where you're exceeding your coverage for specific issue
or something that needs to be attended or restricted by the insurance companies,
consumer reporting agencies. This is a little bit if he, you know, it's not that perhaps you haven't paid a bill. I can't disclose your full health care information, But I can disclose, For instance, the doctor in which you,
uh, encountered this charge and maybe some very high level
So health care provider might disclose pH I about an individual so that they can have their claim paid, or they could return to turn it over to a reporting agency as necessary. And then the final exception, or the final element in which hip maybe
accepted, would be for general management type operations. So health care related management.
So, for instance, um, I might monitor calls for quality assurance at a hospital. I might play those back for review. I might, as part of our quality assurance program for surgeons at a hospital, review a specific case. So again for the specific
medical type review's legal reviews,
maybe planning. So when I see an increase in a certain type of treatment in a specific region, I might need to adjust operations of my staff. That may also be an instance in which we find the ability to share health care information outside of hip hop.
So ultimately, what we've done here is we've covered quite a bit of information,
certainly not conclusive, but just a good overview on the purpose of HIPPA. You know why we need it? What HIPPA does for us, how it protects our personal health information or a protected health information. The security rule in the privacy rule being to really essential pieces.
We've talked about who's covered by Hippo. We've talked about the various controls, physical, administrative and technical,
and then we've talked about certain elements in which we may find exceptions to the requirements mandated by HIPPA. Now, one of the things that I do wanna stress is this is a presentation for instructional purposes on Lee. This is not and shall not be considered legal advice.
I will stress to you, I am no attorney
would. Our job here is to help make some of the requirements of hip a little bit easier to understand. So this information that's been provided by cyber areas general information
regarding the health care, the health insurance portability and accountability at
please remember legal questions specific to your company. And, sure, you are working with your own legal counsel, which can best represent your organization
for further information, details and clarification. I've given you a couple of references here. Also, if you go back through the previous slides, you'll find that I've put certain references down at the bottom source information at the bottom of the slides. So anything that you want further clarification or further information on,
I would certainly encourage you to do a little research on your own.
But hopefully this has been successful in summarizing what hip is, what it does and how it works.