How can we help?

You can also find more resources in our Help Center.

23 terms

Chapter 07: Privacy Law & HIPAA

STUDY
PLAY
code set
Under HIPAA, terms that provide for uniformity and simplification of health care billing and record keeping.
Covered Entities
Health care providers and clearinghouses that transmit HIPAA transactions electronically, and must comply with HIPAA standards and rules.
Covered Transactions
Electronic exchanges of information between two covered-entity business partners using HIPAA-mandated transaction standards.
De-identify
To remove all information that identifies patients from health care transactions.
Designated record set
Records maintained by or for a HIPAA-covered entity.
Electronic data interchange (EDI)
The use of uniform electronic protocols to transfer business information between organizations via computer networks.
Electronic transmission
The sending of information from one network-connected computer to another.
Encryption
The scrambling or encoding of information before sending it electronically.
Firewall
Hardware, software, or both designed to prevent unauthorized persons from accessing electronic information.
Health Insurance Portability and Accountability Act (HIPAA)
A federal law passed in 1996 to protect privacy and other health care rights for patients. The act helps workers keep continuous health insurance coverage for themselves and their dependents when they change jobs, and protects confidential medical information from unauthorized disclosure and/or use. It was also intended to help curb the rising cost of health care fraud and abuse.
limited data set
Protected health information from which certain specified, direct identifiers of individuals have been removed.
Minimum necessary
Term referring to the limited amount of patient information that may be disclosed, depending on circumstances.
Notice of Privacy Practices (NPP)
A written document detailing a health care provider's privacy practices.
Permissions
Reasons under HIPAA for disclosing patient information.
Privacy
Freedom from unauthorized intrusion.
Protected Health Information (PHI)
Information that contains one or more patient identifiers.
Rule
A document that includes the HIPAA standards or requirements.
Security
The use of policies and procedures to protect electronic information from unauthorized access.
Standard
A general requirement under HIPAA.
State preemption
If a state's privacy laws are stricter than HIPAA privacy standards, state laws take precedence.
Transaction
Transmission of information between two parties for financial or administrative activities.
Treatment, payment, and healthcare operations (TPO)
A HIPAA term for qualified providers, disclosure of PHI to obtain reimbursement, and activities and transactions among entities. Treatment means that a health care provider can provide care; payment means that a provider can disclose PHI to be reimbursed; health care operations refers to HIPAA-approved activities and transactions.
Verification
The requirement under HIPAA that a patient's identity be verified before protected health information is released.