privacy
freedom from unauthorized intrusion
state preemption
if a state's privacy laws are stricter than HIPAA privacy standards, the state laws take precedence
protected health information
information that contains one or more patient identifiers
de-identify
to remove from health care transactions all information that identifies patients
permission
a reason under HIPAA for disclosing patient information
covered entities
health care providers and clearinghouses that transmit HIPAA transactions electronically, and must comply with HIPAA standards and rules
limited data set
protected health information from which certain patient identifiers have been removed
electronic medical record
contains all patient medical records for one practice
electronic health record
a more comprehensive record than the EMR, focusing on the total health of the patient and traveling with the patient
breach
any unauthorized acquisition, access, use, or disclosure of personal health information which compromises the security or privacy of such information
firewalls
hardware, software, or both designed to prevent unauthorized persons from accessing electronic information
encryption
the scrambling or encoding of information before sending it electronically
Health Information Technology for Economic and Clinical Health Act
a section of the American Recovery and Reinvestment Act that strengthened certain HIPAA privacy and security provisions (HITECH)
American Recovery and Reinvestment Act
a 2009 act that made substantive change to HIPAA's privacy and security regulations
Federal False Claims Act
a law that allows for individuals to bring civil actions on behalf of the U.S. Government for false claims made to the federal government, under a provision of the law called qui tam (from Latin meaning "to bring an action for the king and for oneself")
qui tam relators
individuals commonly known as whistle-blowers
Federal Anti-Kickback Law
prohibits knowingly and willfully receiving or paying anything of value to influence the referral of federal health care program business
Stark Law
prohibits physicians or their family members who own health care facilities from referring patients to those entities if the federal government, under Medicare or Medicaid, will pay for treatment
Criminal Health Care Fraud Statute
a section of the United States Code that prohibits fraud against any health care benefit program
use PHI
means that you use patients' protected health information within the facility where you work in the normal course of conducting health care business
disclose PHI
means that patients protected health information is sent outside of a health care facility for legitimate business or health care reasons