1 HIPAA Definitions What Does PHI Include Information

1

HIPAA Definitions What Does PHI Include? Information in the health record, such as: Encounter/visit documentation Lab results Lab Appointment dates/times Invoices Radiology films and reports History and physicals (H&Ps) X-Ray Physical Patient Identifiers 2

HIPAA Definitions What Are Some Examples of Patient Identifiers? Names Medical Record Numbers Social Security Numbers Account Numbers License/Certification numbers Vehicle Identifiers/Serial numbers/License plate numbers Internet protocol addresses Health plan numbers Full face photographic images and any comparable images Web universal resource locaters (URLs) Any dates related to any individual (date of birth) Telephone numbers Fax numbers Email addresses Biometric identifiers including finger and voice prints Any other unique identifying number, characteristic or code 3

Safeguards Implementation of administrative, physical and technical safeguards (work in tandem with Security rule). Safeguard PHI from any intentional or unintentional use or disclosure. Limit incidental uses and disclosures that occur as a result of otherwise permitted or required uses and disclosures. Example: create safeguards to prevent others from overhearing PHI. 4

IT Security Review – When and How When any of the following are true: Contract or Agreement involving UNMHSC Information Assets Transmitting, storing, sharing or processing of UNM Information Assets that require IT security protections. How do I request an IT Security Review Email – HSC-ISO@salud. unm. edu (@unm. edu) Create a self-service ticket using http: //Help. health. unm. edu Attach the Preliminary Security Questionnaire 5

6