Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search Store documents

The best documents sold by students who completed their studies

Search through all study resources
Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

University Rankings

Discover the best universities in your country according to Docsity users

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

From our blog

Exams and Study
Go to the blog

HIPAA Accounting of Disclosures: A Guide to Tracking Protected Health Information Releases, Study notes of Accounting

Texas Tech University System AdministrationAccounting

Guidance on the hipaa accounting of disclosures requirement, which mandates the tracking of protected health information disclosures that are not part of treatment, payment, or health care operations. Common disclosures that must be tracked, including those for public health purposes, victims of abuse, neglect, or domestic violence, health oversight activities, judicial or administrative proceedings, law enforcement purposes, coroners, medical examiners, or funeral directors, cadaveric organ donation, human-subject research, avert serious threats to health or safety, and the food and drug administration. It also includes disclosures that do not need to be tracked, such as those for treatment, payment, health care operations, signed patient authorizations, prior to april 14, 2003, to patients about themselves, for the ohsu facility directory, to persons involved in the care or payment of health care, and as part of a limited data set.

What you will learn

  • Which disclosures do not need to be tracked under HIPAA's Accounting of Disclosures requirement?
  • What types of disclosures must be tracked under HIPAA's Accounting of Disclosures requirement?
  • What are some examples of disclosures that must be tracked under HIPAA's Accounting of Disclosures requirement?

Typology: Study notes

2021/2022

Uploaded on 09/12/2022

houhou
houhou 🇺🇸

4

(7)

269 documents

1 / 2

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
HIPAA: Accounting of Disclosures Guidance Document
A disclosure is a release, transfer, access to, or divulging of information outside of OHSU. In general,
patients have the right to know who has received his/her health information for reasons other than
treatment, payment, or health care operations, or disclosures specifically authorized by the patient.
Examples of this are public health activities (reporting vital statistics, communicable diseases,
cancer/tumor registries), reports about victims of abuse, neglect, or domestic violence, releases as a
result of a subpoena, disclosures about decedents to coroners, medical examiners, or funeral directors,
and other disclosures required by law. Under HIPAA, disclosures that are not part of treatment,
payment, and/or operations and that are not authorized by the patient must be tracked. The list below
will provide a clearer picture of which disclosures are subject to the HIPAA accounting requirement
and which disclosures do not need to be tracked.
INCLUDED IN THE ACCOUNTING
The following disclosures must be recorded using the Accounting of Disclosures System (ADS) if protected
health information is disclosed. This list is designed to capture the most common disclosures, but there may be
others that are not listed. If you are unsure whether a disclosure should be tracked, check with your supervisor or
e-mail oips@ohsu.edu.
Disclosure Examples
1. For Public Health Purposes
Immunizations
Infectious/Communicable disease reporting (i.e., HIV,
STD, TB, foodborne)
Vital Statistics (i.e., birth and death certificates, fetal death,
teen suicides)
Newborn Screening
Oregon Death with Dignity (Physician-Assisted Suicide)
Reports of death for purposes of organ donation
Poison Control
Lead Poisoning
Suspected pesticide poisoning
Animal bites
2. About victims of abuse, neglect, or domestic violence This includes disclosure to Social Services or a protective service
agency to report:
Domestic violence and intimate partner violence
Elder abuse
Child abuse
Abuse of mentally ill or developmentally disabled
3. For health oversight activities
Audits (e.g., by Center for Medicare & Medicaid Services)
Inspections (e.g., Dept of Health & Human Services,
Office for Human Research Protections)
Oversight Reviews (i.e., OMPRO; OR Dept of Health)
4. For judicial or administrative proceedings
Court orders
Subpoenas
5. For law enforcement purposes
Reporting of gunshot wounds
6. To Coroners, Medial Examiners, or Funeral Directors About decedents
7. For cadaveric organ, eye or tissue donation and
transplantation purposes Including activities related to Medicare Conditions of
Participation
8. For human-subject research that does not obtain a
subjects authorization
Research that receives a waiver of authorization by the
IRB
Research involving the health information of decedents
Last Revised 7/22/2016 Page 1 of 2
pf2

Partial preview of the text

Download HIPAA Accounting of Disclosures: A Guide to Tracking Protected Health Information Releases and more Study notes Accounting in PDF only on Docsity!

HIPAA: Accounting of Disclosures Guidance Document

A disclosure is a release, transfer, access to, or divulging of information outside of OHSU. In general,

patients have the right to know who has received his/her health information for reasons other than

treatment, payment, or health care operations, or disclosures specifically authorized by the patient.

Examples of this are public health activities (reporting vital statistics, communicable diseases,

cancer/tumor registries), reports about victims of abuse, neglect, or domestic violence, releases as a

result of a subpoena, disclosures about decedents to coroners, medical examiners, or funeral directors,

and other disclosures required by law. Under HIPAA, disclosures that are not part of treatment,

payment, and/or operations and that are not authorized by the patient must be tracked. The list below

will provide a clearer picture of which disclosures are subject to the HIPAA accounting requirement

and which disclosures do not need to be tracked.

INCLUDED IN THE ACCOUNTING

The following disclosures must be recorded using the Accounting of Disclosures System (ADS) if protected

health information is disclosed. This list is designed to capture the most common disclosures, but there may be

others that are not listed. If you are unsure whether a disclosure should be tracked, check with your supervisor or

e-mail oips@ohsu.edu.

Disclosure Examples

  1. For Public Health Purposes (^) • Immunizations
    • Infectious/Communicable disease reporting (i.e., HIV, STD, TB, foodborne)
    • Vital Statistics (i.e., birth and death certificates, fetal death, teen suicides)
    • Newborn Screening
    • Oregon Death with Dignity (Physician-Assisted Suicide)
    • Reports of death for purposes of organ donation
    • Poison Control
    • Lead Poisoning
    • Suspected pesticide poisoning
    • Animal bites
  2. About victims of abuse, neglect, or domestic violence This includes disclosure to Social Services or a protective service agency to report: - Domestic violence and intimate partner violence - Elder abuse - Child abuse - Abuse of mentally ill or developmentally disabled
  3. For health oversight activities (^) • Audits (e.g., by Center for Medicare & Medicaid Services)
    • Inspections (e.g., Dept of Health & Human Services, Office for Human Research Protections)
    • Oversight Reviews (i.e., OMPRO; OR Dept of Health)
  4. For judicial or administrative proceedings (^) • Court orders
    • Subpoenas
  5. For law enforcement purposes • Reporting of gunshot wounds
  6. To Coroners, Medial Examiners, or Funeral Directors About decedents
  7. For cadaveric organ, eye or tissue donation and transplantation purposes

Including activities related to Medicare Conditions of Participation

  1. For human-subject research that does not obtain a subjects authorization - Research that receives a waiver of authorization by the IRB - Research involving the health information of decedents

Last Revised 7/22/2016 Page 1 of 2

Last Revised 7/22/2016 Page 2 of 2

Disclosure Examples

  1. To avert a serious threat to health or safety
  2. To the Food and Drug Administration (FDA) for purposes related to the quality, safety, or effectiveness of a FDA- regulated product or activity
    • To report adverse events
    • To track FDA-regulated products
    • To enable product recalls, repairs, or replacement
  3. Otherwise required/permitted by law (^) • For worker’s compensation
    • To registries (external to OHSU) including: Cancer (OSCaR), Trauma (OTR), and Immunizations (ALERT)
    • To advisory boards, such as the State Trauma Advisory Board
    • Hospital Holds for Mental Health
    • To state crime lab
    • Reports regarding Medical Marijuana Act Program
  4. Unauthorized Disclosures (^) • Misdirected fax or e-mail
    • Release of information based on invalid authorization
  5. Any other purpose that does not meet the “Not required” list below

NOT INCLUDED IN THE ACCOUNTING

The following disclosures of protected health information do not need to be included in the accounting of disclosures:

Disclosures that are excluded Examples

  1. To carry out treatment Including, disclosures to other health care providers for their treatment activities
  2. To carry out payment Including, disclosures to other health care providers and payers for their payment activities
  3. To carry out OHSU health care operations This includes: quality improvement, outcomes analysis, developing clinical guidelines, training or education, medical review, legal services, auditing functions, business planning and development, fraud and abuse detection, accreditation, licensing, certification, credentialing and general administrative functions.
  4. To carry out certain health care operations of another health care provider or health care payer if OHSU and the receiving entity has or had a relationship with the patient, the health information disclosed pertains to such relationship, and the disclosure is for one of the activities found in the cell to the right. - Conduction quality assessment and improvement activities (including outcomes evaluation and development of clinical guidelines). - Case management or care coordination - Professional performance review, health care provider training, accreditation, certification, licensing, or credentialing activities. - Health care fraud and abuse detection or compliance
  5. Made as a result of a signed patient authorization
  6. That occurred prior to April 14, 2003
  7. To patients about themselves
  8. For the OHSU facility directory The facility directory (hospital census) is a listing of patients used to address inquiries, from outside of OHSU, about patients’ condition or location
  9. To persons (family, friends, etc) involved in the care or payment of health care of the patient
  10. Made incidentally to a permitted or required use and disclosure
  11. As part of a limited data set A limited data set is health information that excludes specific direct identifiers of the patient.
  12. For national security or intelligence purposes
  13. To correctional institutions or law enforcement officials having lawful custody of an individual

For example, custody of an inmate.