Hipaa Privacy Rule


Length: 1950 words (5.6 double-spaced pages)
Rating: Excellent
Open Document
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Text Preview

More ↓

Continue reading...

Open Document

1. Introduction
Today, you have more reason than ever to care about the privacy of your medical information. This information was once stored in locked file cabinets and on dusty shelves in the medical records department.
Your doctor(s) used to be the sole keeper of your physical and mental health information. With today's usage of electronic medical records software, information discussed in confidence with your doctor(s) will be recorded into electronic data files. The obvious concern - the potential for your records to be seen by hundreds of strangers who work in health care, the insurance industry, and a host of businesses associated with medical organizations.
Fortunately, this catastrohic scenario will likely be avoided.
Congress addressed growing public concern about privacy and security of personal health data, and in 1996 passed “The Health Insurance Portability and Accountability Act” (HIPAA). HIPAA sets the national standard for electronic transfers of health data. Before HIPAA, each state set their own standards. Now states must abide by the minimum standards set by HIPAA. States can enact laws to incorporate and/or strengthen the basic rights given by HIPAA.
How HIPAA's Privacy Rule Protects YOU; The Patient
Access to your own medical records
Prior to HIPAA, access to YOUR medical records were not guaranteed by federal law. Only about half the states had laws giving patients the right to see and copy their own medical records. You may be charged for copies but HIPAA sets fee limits.
You Must Be Given Notice Of Privacy Practices
How your medical information is used and disclosed must now be given to you. The notice must also tell you how to exercise your rights and how to file a complaint with your health care provider and with the DHHS Office of Civil Rights.
HIPAA Requires Accounting of Disclosure Details
You have the right to know who has accessed your health records for the prior six years, However there are several exceptions to the accounting requirement. Accounting is not required when records are disclosed to persons who see your records for treatment, payment, and health care operations. These individuals do not need to be listed in the disclosure log.
Filing A Complaint
If you believe a health care provider or health plan has violated your privacy you have the right to file a complaint with your health care provider and with DHHS.
Special Requests For Confidential Communications.
You can make special requests specifying how you would like your doctor's office handle confidential communication.

How to Cite this Page

MLA Citation:
"Hipaa Privacy Rule." 123HelpMe.com. 24 Sep 2017
    <http://www.123HelpMe.com/view.asp?id=158836>.
Title Length Color Rating  
Essay on Hipaa Privacy Rule - 1. Introduction Today, you have more reason than ever to care about the privacy of your medical information. This information was once stored in locked file cabinets and on dusty shelves in the medical records department. Your doctor(s) used to be the sole keeper of your physical and mental health information. With today's usage of electronic medical records software, information discussed in confidence with your doctor(s) will be recorded into electronic data files. The obvious concern - the potential for your records to be seen by hundreds of strangers who work in health care, the insurance industry, and a host of businesses associated with medical organizations....   [tags: Healthcare Medical Information Privacy] 1950 words
(5.6 pages)
Strong Essays [preview]
Health Insurance Portability and Accountability Act (HIPAA) & Privacy Rule Violations - Our case assignment deals with Dr. Williams a recent medical school graduate who is licensed and meets the requirements to legally practice medicine. Graduating from an overseas medical school made it difficult finding employment so he chose to operate a medical clinic providing abortion services based on a very profitable clinic operated by a former classmate and friend. Prior to leaving my job as his assistant I witnessed a patient, Joan, suffer an injury resulting from an error by Dr. Williams....   [tags: Healthcare]
:: 5 Works Cited
1233 words
(3.5 pages)
Strong Essays [preview]
Health Insurance Portability and Accountability Act Essay - The Standards for Privacy of Individually Identifiable Health Information, better known as the Privacy Rule, that took effect in April 2003 for large entities and a year later for small ones, was established as the first set of national standards for the protection of health information. This rule was issued by the U.S. Department of Health and Human Services to meet the requirement of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The Privacy Rule was born out of a need for health information to be appropriately protected yet still allowing the health information to be shared to ensure quality health care and to protect the public’s health and well being....   [tags: Healthcare, Privacy Rule, HIPAA]
:: 6 Works Cited
1793 words
(5.1 pages)
Term Papers [preview]
Protecting Personal Health Information: HIPAA is NOT Enough Essay examples - One type of personal data we should be concerned with keeping secure is Protected Health Information or PHI. PHI is defined in the Privacy Rule section of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as “"individually identifiable health information" held or transmitted by a covered entity or its business associate, in any form or media, whether electronic, paper, or oral” (U.S. Department of Health & Human Services). While HIPAA was enacted to address the protection of PHI, it falls short of this task because there are no measures to proactively ensure entities are abiding by its guidelines, the penalties are subjective and fail to inflict enough punishment on...   [tags: HIPAA Enforcement, Protected Health Information]
:: 10 Works Cited
2236 words
(6.4 pages)
Powerful Essays [preview]
Essay on Hipaa Bill was Created to Protect Privacy - ... A doctor would be allowed to report how many cases of the flu he/she treated, but could not identify the individual. Hipaa allows some unauthorized disclosure of patient health information, such as for domestic violence, law enforcement, workers compensation, to the DEA or state pharmacy board and to report drug related problems to the FDA. If a covered entity needs to disclose any PHI other than treatment, payment, healthcare operations, or anything else allowed or required by the privacy rule, they must have a patient write specific terms on a written authorization....   [tags: security, patient information, congress] 1831 words
(5.2 pages)
Research Papers [preview]
HIPAA: Privacy and Security Rules The Computer, the Nurse and You Essay - HIPAA: Privacy and Security Rules The Computer, the Nurse and You Introduction How would you like to keep track of your personal health information record in your computer at home. The electronic data exchange was one of the goals of the government to improve the delivery and competence of the U.S. healthcare system. To achieve this plan, the U.S. Congress passed a regulation that will direct its implementation. The Department of Health and Human Services is the branch of the government that was assigned to oversee the HIPAA rules....   [tags: Medical Research ]
:: 11 Works Cited
1452 words
(4.1 pages)
Powerful Essays [preview]
HIPAA's Purpose in Improving Healthcare Essay - The Health Information Portability and Accountability Act (HIPAA) is an act that was passed in 1996 and enacted in 2003. It was established to improve on several aspects in healthcare, including the portability and continuity of health insurance coverage, as well as implementing national standards that ensure a patient’s security and privacy are protected. The HIPAA Law has several intentions which include; improving portability and the continuation of health insurance coverage when switching jobs or moving, combatting waste, fraud and abuse in health insurance and healthcare delivery, promoting the use of medical savings accounts, improving access to long term medical care and lastly, to si...   [tags: insurance, patient, safeguards] 1838 words
(5.3 pages)
Powerful Essays [preview]
Essay on HIPAA: Protecting Our Privacy - HIPAA Identity theft has always been in the back of my mind whenever I use my debit card but I wasn’t too concerned about my health information until I learned about HIPAA. It is a very important set of rules and standards that protects our privacy. Health Insurance Portability and Accountability Act or HIPAA is a statute endorsed by the U.S. Congress in 1996. It offers protections for many American workers which improves portability and continuity of health insurance coverage. The seven titles of the final law are Title I - Health care Access , Portability, Title II - Preventing Health Care Fraud and Abuse; administrative simplification; Medical Liability Reform; Title III – Tax-related He...   [tags: Healthcare]
:: 3 Works Cited
1003 words
(2.9 pages)
Strong Essays [preview]
HIPPA and the Privacy of Medical Records Essay examples - HIPPA and the Privacy of Medical Records Previously, healthcare information has been protected by state law. However, since this information crosses state lines, the need for federal protection has been warranted. In 1996, Congress passed the Health Insurance Portability and Accountability Act (HIPAA). HIPAA provides the first federal protection for the privacy of medical records (Burke & Weill, 2005) HIPPA encourages the use of electronic medical record and the sharing of medical records between healthcare providers, because it can aid in saving lives....   [tags: Healthcare Privacy Internet Medical Records]
:: 3 Works Cited
1335 words
(3.8 pages)
Strong Essays [preview]
The Technological Feasibility of HIPAA Requirements Essay - Introduction The Health Insurance Portability and Accountability Act of 1996, or HIPAA, is a law designed “to improve portability and continuity of health insurance coverage in the group and individual markets, to combat waste, fraud, and abuse in health insurance and health care delivery, to promote the use of medical savings accounts, to improve access to long-term care services and coverage, to simplify the administration of health insurance, and for other purposes.”1 HIPAA mandates that covered entities must employ technological means to ensure the privacy of sensitive information....   [tags: Exploratory Essays Research Papers]
:: 3 Works Cited
3082 words
(8.8 pages)
Strong Essays [preview]



For example you can ask for calls be made to your home rather than your office. Your health care provider should agree to any of your reasonable requests.
Establishment Of Formal Safeguards.
Healthcare business must comply with certain administrative requirements including staff training and appointment of a privacy officer.
You can also choose to have your medical information discussed with designated immediate family members, close friends, or relatives.
If HIPAA Privacy Rule is violated the government can file a lawsuit for violations.Civil and crimanal penalties certainly provide an incentive for compliance.
The HIPAA Privacy Rule Is Less Than Perfect.
Consumer and patient advocates are critical of HIPAA for its numerous weaknesses.
Your consent to the use of your medical information is not required if
it is used or disclosed for treatment, payment, or health care operations.
Your private health information may be disclosed to pharmaceutical companies or businesses looking to recall, repair or replace a product or medication.
You have no right to sue under HIPAA for violations of your privacy. You may be able to sue under state law using the HIPAA Privacy Rule to establish the appropriate standard of care.
Business associates can receive protected health information without a patient's knowledge or consent. Business associates may include billing services, lawyers, accountants, data processors, software vendors, and more.
Law enforcement can access protected health information without a warrant or court order.
The HIPAA Privacy Rule only applies to health care providers, health plans, and health care clearinghouses.
Health care providers who transmit health information electronically.
Health plan is defined as anyone that pays for the cost of medical care.
Included in the group - health insurance companies, health maintenance organizations, group health plans sponsored by your employer and Medicare/Medicaid.
Health care clearinghouses
Applies to businesses that work as a go-between for health care providers and health plans. I.E. A billing service that takes information from a doctor and puts it into a standard coded format.
Who Is Not Covered By The HIPAA Privacy Rule?
Life insurance companies.
Workers Compensation.
Social Security and welfare benefits agencies.
Automobile insurance plans that include health benefits.
Internet self-help sites.
Researchers who obtain health data directly from health care providers.
Law enforcement agencies.
Medical Information - What Does HIPAA Cover?
HIPAA covers information related to your past, present or future mental or physical health including information about payment for your care. Informattion must be kept by a health care provider, health care plan, or health care clearinghouse. HIPAA deems said information as "Protected Health Information"
Limitations On Medical file Disclosures.
HIPAA uses a “minimum necessary standard” to limit amount of disclosed information. What amounts to the minimum is left up to the health care provider, not you. And, the minimum necessary rule does not apply to information disclosed in connection with treatment. It also doesn't apply if you authorize the disclosure of your health information.
How Many People Have Accessed My Medical Information?
HIPAA requires safeguards to limit the number of people who have access to personal information, however given the number of people who may have access to your information just to run the operations of the health care provider or plan, there really is no way to count the number of people who may come across your records. If you are hospitalized, for example, hundreds of hospital employees may see your health information.
Exceptions To The HIPAA Rule Limits Your Ability To Authorize Release .
The exceptions do place conditions on the entity who makes the decision to disclose your "protected health information". You are not part of the decision making process when disclosure is required by:
federal, state, or local regulation, regardless of the scope of the disclosure or the purpose of the disclosure.
Public health authorities.
A person subject to the jurisdiction of the federal Food and Drug Administration.
A person who may have been exposed to a communicable disease.
An employer to (1) conduct workplace medical surveillance or (2) to evaluate whether you have a work-related illness or injury.
Victims of abuse, neglect or domestic violence.
A health oversight agency for audits and investigations.
Court or administrative proceedings in response to a court order, subpoena, or discovery request.
A collection agency for unpaid medical bills.
Coroners and medical examiners.
Funeral directors.
Organ procurement organizations.
A medical researcher with institutional review board approval.
A threat to public safety or public health.
U.S. and foreign military commanders.
U.S. Department of Veterans Affairs to determine eligibility for benefits.
Federal government national security and intelligence officials.
U.S. Department of State to verify health fitness of employees and their families for foreign duty.
Correctional institutions involved in health care of inmates.
Workers compensation uses authorized by state law.
HIPAA requires your specific authorization
when disclosure involves psychotherapy notes (exceptions - if the notes are used for such purposes as training staff or to defend the doctor or health plan in court).
when the disclosure is made for marketing.
The Privacy Rule explains the procedure that must be followed to get your authorization.
Treatment Or Coverage Cannot Be Denied.
Treatment or health care coverage cannot be denied because you don't sign an authorization. (exceptions - if the authorization is for research-related treatment, you may not be allowed to participate in the research program without giving authorization to disclose your information. If authorization is requested from a health plan prior to the time you enroll and you refuse to give your authorization, you may not be allowed to enroll).
Revoking Authorization.
You must do so in writing
before any action is taken based on your authorization.
HIPAA and Your Daily Routine
You can make a special request to be called for appointment reminders or to discuss your treatment at a certain telephone number.
Your health care provider should be careful to keep information left on patients' voice mail systems to a minimum.
Medical records can be faxed from one doctor to another.
Someone else can pick up your prescription with your permission.
Your doctor can prescribe medication without a face-to-face visit.
The pharmacists can talk to you over the counter about your medication, but must take care that others near you do not hear the conversation.
Medical files can be left outside the examining room, but should be turned facing the wall.
Tips for Safeguarding Your Medical Information
In reading this guide about the HIPAA Privacy Rule, you may have rightly concluded that your ability to control the flow of your sensitive medical information is limited. Still, the more you know, the better able you are to maximize the privacy you have left.
Educate yourself and find out as much as you can about the privacy practices of your health care provider and health plan. Read notices and ask questions if you don't understand.
Talk to your provider about your confidentiality concerns. Ask how the provider shares patient data within the office and with affiliates.
Remember, you are not just a patient but also a consumer of health care. Like any consumer, you can shop for the best privacy deal around. Also, be aware that, as a consumer, you can become a debtor. Unpaid medical bills can be referred to a collection agency or end up as a negative entry on your credit report. The insurance payment process can be complicated and confusing. Be sure to stay on top of your medical bills and dispute matters in writing with both the health provider and insurance company when you think errors have been made. Attempt to resolve disputes before bills are referred to a collection agency and/or the credit bureaus.
Read authorizations carefully. Make your choices about restrictions on authorizations known, and refuse to sign any you are not comfortable with. Keep in mind, authorization forms may ask for your permission to disclose your health information for multiple purposes. One type of authorization is the use of your medical data for marketing. You may withdraw your authorization if you later decide you made the wrong choice.
Exercise your right to obtain a copy of your medical records . Make sure information is accurate. Request that incorrect information be corrected or amended. Keep in mind, your health care provider has the final word on changes and amendments to health records.
Request that communications be made in a way that you choose. For example, you can request that you be called at your cellular telephone number rather than home phone, or that mailings be sent to your P.O. Box rather than your residential address.
Complain if you feel your rights have been violated or your concerns have been ignored. You can file a complaint with both the provider and the Office of Civil Rights. Many problems can be resolved by going directly to the health care provider before you contact DHHS.
Contact your representatives in Congress and in your state legislature if you feel stronger laws to protect your medical privacy are needed.
Remember that the HIPAA Privacy Rule is new to record keepers, and many providers and insurers are struggling to implement the Rule. Stand up for your rights and let everyone know that you are concerned about privacy, but demonstrate patience and understanding. It will take a lot of effort and time before there is universal compliance with the HIPAA Privacy Rule.


Return to 123HelpMe.com