- Posted by gwtadmin
- On September 14, 2016
- 0 Comments
HIPAA Law and the Privacy Rule to Protect Your Medical Information
Protecting the Privacy of Your Medical Records – HIPAA and the Privacy Rule
How to Know if Your Personal Health Care Data and Information is Safe ?
Everyone is concerned about protecting their privacy, and with the massive amount of information and personal data stored electronically today, it is no wonder you might wonder what your health care provider is doing to protect your health care information. Fortunately the HIPAA Law and Privacy and Security Rules have been in place to protect your sensitive data starting in 1996, with revisions due to our changing environment and advancements in technology through the years.
What is the HIPAA Law and Privacy Rule ?
The Health Insurance Portability and Accountability Act (HIPAA) and the HIPAA Privacy Rule set the standard for protecting sensitive patient data by creating the standards for the electronic exchange, and privacy and security of patient medical information by those in the healthcare industry. As part of HIPAA, Administrative Simplification Rules were designed to protect patient confidentiality, while allowing for medically necessary information to be shared while respecting the patients rights to privacy.
What To Do If Your Identity Is Stolen ?
Most healthcare providers, health organisations, and government health plans that use, store, maintain, or transmit patient health care information are required to comply with the privacy regulations of the HIPAA law.
What is the Purpose of the HIPAA Act and Privacy Rule ?
The main purpose of HIPAA was to help individuals maintain health insurance coverage by: simplifying administrative procedures (Administrative Simplification Rules) and controlling administrative costs. With so much information changing hands between medical providers and health insurers and so many other parties in the health care services world, the HIPAA Act looked to simplify handling of documentation and sensitive patient information in the healthcare industry, while protecting the confidentiality of the patient’s healthcare information.
Is HIPAA the Only Law That Protects Patient Confidentiality and Health Records ?
No, HIPAA is a federal law, there are many other individual laws that touch on protecting individuals privacy and handling of data contained in medical records. These laws and rules vary from state to state. HIPAA is a baseline standard and each state may add to it and have their own additional standards.
How Does HIPAA and the Privacy Rule Protect Me ?
The HIPAA law is focused on simplifying the health care system and ensuring security for patients. Title IV is a safeguard ensuring the protection of privacy for your medical information. Along with federally ensuring your privacy, the HIPAA law is intended to lead to reduced fraudulent activity and improved data systems. When fully adhered to by all that are required to comply,
4 Rules of HIPAA for Compliance by Health Care Providers
- HIPAA Privacy Rule – Protecting the type of data that is communicated
- HIPAA Security Rule – Protecting the databases and data for security
- HIPAA Enforcement Rule – Indicates procedures for enforcement and procedures for hearings and penalties.
- HIPAA Breach Notification Rule – Requires healthcare providers to notify individuals when there has been a breach of protected health information
What is the Purpose of the HIPAA Security Rule ?
The HIPAA Security rule addresses the requirements for compliance by health service providers. In order for a service provider to be HIPAA compliant, they must meet the conditions set forth by the HIPAA Security Rule. This includes the requirement and guidelines surrounding appropriate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of protected health information (PHI).
What is Protected Health Information (PHI) ?
Protected Health Information under the Privacy Rule includes any information that may be transmitted or kept by one of the entities covered under the HIPAA Law that includes individually identifiable health information. Individually identifiable health information includes any information that may identify the patient as an individual such as name, address, birth date, Social Security Number. It also includes in either the present, past or future any information related to the patients physical or mental health, the provision of health care to the individual or information regarding payment for the provision of health care to the patient.
What is De-Identified Health Information ?
There are no restrictions on de-identified health information, de-indentified health information is information that can not be tied back to an individual as it has been stripped of all individualised information that could identify the individual and therefore has no identifying properties and provides no risk.
Who Does the HIPAA Privacy Rule Apply To ?
The Privacy Rule, as well as all the Administrative Simplification rules, apply to health plans, health care clearinghouses, and to any health care provider who transmits health information in electronic form in connection with transactions for which the Secretary of HHS has adopted standards under HIPAA (the “covered entities”)
Examples of People or Companies That HIPAA Does Not Apply to:
- direct to consumer (DTC) genetic testing companies
- mobile apps used for health and fitness purposes
- alternative medicine practitioners
- state agencies, like child protective services
- law enforcement agencies
- life insurance companies
- your employer
How Do I Make Sure My Healthcare Provider is Taking Steps to Comply With the HIPAA Regulations ?
Some health care providers have taken steps such as controlling access to offices with medical files by electronic key card systems and only allowing employees limited access to the minimum amount of information needed. In addition, the use of special services to make electronic transactions secure is also being used by many medical facilities and insurance providers. If you have concerns about what your health care provider or physician is doing to comply with the HIPAA law, ask them what steps they have taken to ensure your privacy. Remember that if they are HIPAA compliant, they had a long list of things to do to be considered HIPAA compliant. Privacy laws and protection of sensitive patient data is taken very seriously. There is a good chance that they are following these rules very strictly because it is the law.
If your health insurance is from a small, self-administered health organisation, they may not have to comply to the HIPAA regulations. It is important to check with them to see if they are complying, and if not, what steps are they taking on their own to ensure your privacy.
Are There Any Privacy Exceptions to the HIPAA Law ?
HIPAA’s privacy exceptions give health care providers and others who are required to follow HIPAA an exception in some areas where they don’t have to follow the rules outlined by the act and rules. You should inform yourself about the top three most common HIPAA privacy exceptions so you can be aware of what information or medical data about you may be legally disclosed and is not covered under HIPAA protection.