HIPAA Fundamentals Training


At Prairie Lakes Healthcare System, privacy of patient information has always been considered a basic right. What can happen when protected health information is inadvertently exposed? Personal harm to individuals, embarrassment, community mistrust, lawsuits, etc. By law, this information is legally protected under the Health Insurance Portability and Accountability Act, or HIPAA.


Points to remember

  • HIPAA is a relatively new federal law that keeps private a wide range of health information, known as Protected Health Information, or PHI.
  • The law allows for penalties such as fines and/or prison for people caught violating patient privacy.
  • HIPAA Privacy Regulations became effective in April 2003 and the Security Regulation became effective in April 2006.
  • Part of our compliance with the HIPAA law is to provide the required awareness training for employees and workforce members.

Protected Health Information

  • PHI is about patient information – whether it is spoken, written, or on the computer. It includes health information about our patients, something as simple as their name.
  • Certainly we can share PHI when it is part of our job to do so, but beyond that you may have broken the law if you share patient information.
  • Need to Know
  • A good way to determine if you should share patient data is to ask yourself: “Do I or others need this information to do the job?” Use this little test before you look at patient information or share it with others.
  • Sometimes you may inadvertently hear or see information that you don’t need to know. If so, just keep it to yourself.

Dispose of PHI Properly

  • Trash and garbage bins are another place that might contain PHI. Be sure to dispose of patient lists and other documents that contain PHI in non-public areas.
  • If you see PHI in the trash in public areas, notify the supervisor immediately.
  • If you transport PHI, make sure it is secure when not in your sight, such as a locked vehicle.

The Privacy Officer

At PLHS we have a person responsible for ensuring that privacy is maintained – The Privacy Officer. However, no one person can know if we have a possible threat in every area of such a large organization.

Each of us must do our part to protect patient information. You should always report possible privacy problems to the manager in your area or to the Privacy Officer.

Coworkers, Friends and Family

For instance, you hear about a friend that has had surgery. You are tempted to call a nurse on that floor to find out the details, but the nurse can't tell you.

  • Friends and coworkers have a right to privacy just like any other patient. You cannot seek or share patient information for personal reasons. You may only obtain/share information that you need to know to do your job.
  • You may personally ask the individual you know about their condition, and it is their choice what to share with you.
  • You may also ask their permission to share their information with a common friend, but you should never do this without their permission.
  • Don’t be curious. Situation: You like to look at the patient directory or surgery schedule daily to see if you know anyone. This is not within the scope of your job at this hospital. You are in violation of HIPAA laws and Prairie Lakes Healthcare System policies.

Respect the Privacy of Patients

Situation: You are working in an area where caregivers are discussing health information with a patient, a family member or another caregiver.

  • You can ask if you need to leave the area.
  • You may quickly finish your task and leave.
  • You must keep any health information you overhear to yourself.

Situation: In the process of doing your job, you use a list that contains patient names and possibly other patient information.

  • You should keep the information in your possession at all times.
  • You should make sure that it is protected from others who would not need the information.
  • You can turn it over so the information can't be viewed.
  • You should make sure when you are finished with the information that you have disposed of it properly.
  • Your supervisor may give you instructions for disposal of PHI.

HIPAA Fundamentals Test

This completes the fundamental overview of the HIPAA regulations. You now know and are responsible for what is required of you as a Job Shadowing/Observation Program Participant. HIPAA laws also require that we keep a record to show that you have been trained in patient privacy. The HIPAA FUNDAMENTALS TEST is part of the download document that must be filled out and returned to Prairie Lakes Healthcare System..