Hippa

HIPAA Training and OSHA infection Control

Please read over this section to on Hippa training and OSHA Infection Control

Bloodborne Pathogens – micro-organisms that maybe present in blood or other certain body fluids and  can produce disease or illness. Illness may be caused when infected blood or other body fluids are  introduced into the bloodstream of a person. Examples of blood and other potentially infections  materials (OPIM) are semen, vaginal and nasal secretions, feces, urine, vomitus, sputum, saliva and  synovial, amniotic, cerebrospinal, pleural, peritoneal, pericardial fluids. 

Universal or Standard Precautions

Under the concepts of universal precautions, all human and certain body fluids from a clients/ patient are to be treated as if they are known to be infectious for HIV, HBV, HCV and other bloodborne pathogens.

Essential Precautions:

• Handwashing – Wash hands after contact with blood or body fluids (OPIM) – even if gloves are worn and there is no visible tear, puncture, or leak. Wash hands before and after all work with patients. 

• Personal Protective Equipment (PPE) – The use of barriers to prevent contact with potentially infected material:

  • Gowns - for use when clothing is likely to be soiled with blood or body fluids.

  •  Masks- for use when clothing and/or face may be soiled with blood or body fluids (OPIM).

  • Mask should be replaced when wet.

  • Gloves – for use when hands are likely to be in contact with blood or body fluids (OPIM).  Wash hands after glove removal. Dispose of gloves after a single patient uses. If you have a latex allergy or allergy - type reactions, ask you preceptor for latex-free gloves.

  • Eye Protection – (face shields or goggles) for use when there is potential for slash or spray. 

Exposure, Disposal, and Needle Safety 

Exposure 

Should you be exposed to blood or OPIM: 

1. Flush the site and cleanse with soap and water. 

2. Flush the mucous membrane with water or saline. 

3. Report the incident immediately to your supervisor. 

Disposal 

When disposing of broken glass or other sharp objects, never pick up the pieces by hand. Wear gloves and pick up the pieces using tongs or a brush and pan. Dispose of materials in a sharps container. 

Needle Safety 

• Do not recap a needle after use. 

• Discard used needles, glass slides, scalpels, capillary tubes, disposable razors, lancets, etc. in a sharp’s or biohazard container. 

• Do not overfill the used sharp’s container or push sharps into a container. 

OSHA Hazard Communication Standard Safety Data Sheets 

Safety Data Sheets (SDSs) 

Per The hazard Communication Standard (HCS) (29 CFR 1910.122 (g)), revised in 2012, any entity that manufactures, imports or distributes a chemical must provide Safety Data Sheets (SDSs) for each hazardous chemical to downstream users to communicate information on these hazards. Information contained in SDSs are required to be presented in a consistent user friendly, 16 - section format. The SDS includes information such as the properties of each chemical, the physical health and environmental health hazards; protective measures; and safety precautions for handling, storing and transporting the chemical. The information contained in the SDS must be presented in English (although it may be in other languages as well). Examples of hazardous materials found in a clinical area include infectious waste, flammable liquids and gases, toxic chemicals, radioactive materials, cancer causing chemicals and drugs and compressed gas cylinders. SDSs must be accessible 24 hours a day. Your supervisor should be able to locate the SDSs as needed.

HIPAA Privacy and Security Rules

HIPAA Privacy Rule – the Privacy Rule standards address the use and disclosure of individuals’ health information (known as “protected health information”) by entities subject to the Privacy Rule. These individuals and organizations are a called “covered entities”. 

The Privacy Rule also contains standards for individuals’ rights to understand and control how their health information is used.  A major goal of the Privacy Rule is to endure that individuals’ health information is properly protected while allowing the flow of health information needed to provide and promote high quality health care and to protect the public’s health and well-being.  The Privacy Rule strikes a balance that permits important uses of information while protecting the privacy of the people who seek care and healing. 

HIPAA Security Rule – while the HIPAA Privacy Rule safeguards protected health information (PHI), the Security Rule protects a subset of information covered by the Privacy Rule. 

This subset is all individually identifiable health information a covered entity creates, receives, maintains, or transmits in electronic form. This information is called “electronic protected health information (e-PHI). The Security rule does not apply to PHI transmitted orally or in writing. 

To comply with the HIPAA Security Rule, all covered entities must do the following: 

• Ensure the confidentiality, integrity, and availability of all electronic protected health information. • Detect and safeguard against anticipated threats to the security of the information. 

• Protect against anticipated impermissible uses or disclosures. 

• Certify compliance by their workforce 

Covered entities should rely on profession ethics and best judgement when considering request for these permissive uses and disclosures. The HHS Office for Civil Rights enforces HIPAA rules, and all complaints should be reported to that office. HIPAA violations may result in civil monetary or criminal penalties. 

For more information, visit the Department of Health and Human Services - Health Information Privacy | HHS.gov 

• Healthcare providers: Every healthcare provider, regardless of size of practice, who electronically transmits health information in connection with certain transactions. These transactions include claims, benefit eligibility inquiries, referral authorization requests, and other transactions for which HHS has established standards under the HIPAA Transactions Rule. 

• Health plans: Entities that provide or pay the cost of medical care. Health plans include health, dental, vision, and prescription drug insurers; health maintenance organizations (HMOs); Medicare, Medicaid, Medicare + Choice, and Medicare supplement insurers; and long-term care insurers (excluding nursing home fixed-indemnity policies). Health plans also include employer-sponsored group health plans, government- and church-sponsored health plans, and multi-employer health plans. 

  • • Exception: A group health plan with fewer than 50 participants that is administered solely by the employer that established and maintains the plan is not a covered entity. 

•  Healthcare clearinghouses: Entities that process nonstandard information they receive from another entity into a standard (i.e., standard format or data content), or vice versa. In most instances, healthcare clearinghouses will receive individually identifiable health information only when they are providing these processing services to a health plan or healthcare provider as a business associate. 

Business associates: A person or organization (other than a member of a covered entity’s workforce) using or disclosing individually identifiable health information to perform or provide functions, activities, or services for a covered entity. These functions, activities, or services include claims processing, data analysis, utilization review, and billing.

Permitted Uses and Disclosures 

A covered entity is permitted, but not required, to use and disclose protected health information, without an individual’s authorization, for the following purposes or situations: 

Disclosure to the individual (if the information is required for access or accounting of disclosures, the entity MUST disclose to the individual) 

Treatment, payment, and healthcare operations 

Opportunity to agree or object to the disclosure of PHI (Informal permission may be obtained by asking the individual outright, or by circumstances that clearly give the individual the opportunity to agree, acquiesce, or object) 

Incident to an otherwise permitted use and disclosure 

Public interest and benefit activities—The Privacy Rule permits use and disclosure of protected health information, without an individual’s authorization or permission, for https://www.hhs.gov/hipaa/forprofessionals/privacy/laws-regulations/index.html 

1. When required by law 

2. Public health activities 

3. Victims of abuse or neglect or domestic violence 

4. Health oversight activities 

5. Judicial and administrative proceedings

6. Law enforcement 

7. Functions (such as identification) concerning deceased persons 

8. Cadaveric organ, eye, or tissue donation 

9. Research, under certain conditions 

10. To prevent or lessen a serious threat to health or safety 

11. Essential government functions 

12. Workers Compensation 

Limited dataset for research, public health, or healthcare operations. 

By clicking Agree, I acknowledge that I have fully read and understood the hippa guidelines .  I understand that if I have any questions or concerns about this policy, it is my responsibility to discuss this with my supervisor.  

On the next page, please complete and hit submit.