If you have been to a physician’s office lately chances are that you have heard of HIPAA (Health Insurance Portability And Accountability Act), but do you really know what it means? HIPAA is a federal law that gives you rights over your health information and puts limits on who can look at and receive your health information. Created in 1996, HIPAA was designed to improve, “the efficiency and effectiveness of the health care system, by encouraging the development of a health information system through the establishment of standards and requirements for the electronic transmission of certain health information.”
Patient Rights Under HIPAA
- Receive copies of your health records
- Receive notices stating how your health information will be used
- Have corrections added to your health information
- Decide if you want to give your permission before your health information can be used or shared for certain purposes, such as for marketing
- Get a report on when and why your health information was shared for certain purposes
What Information is Protected?
- Information your doctors, nurses, and other health care providers put in your medical record
- Conversations your doctor has about your care or treatment with nurses and others
- Information about you in your health insurer’s computer system
- Billing information about you at your clinic
- Most other health information about you held by those who must follow these laws
- Doctors, nurses, pharmacies, hospitals, clinics, nursing homes, and many other healthcare providers.
- Health insurance companies, HMOs, most employer group health plans.
- Certain government programs that pay for healthcare, such as Medicare and Medicaid.
Those are the basics of HIPAA. In reality HIPAA is a complex system that has many rules and regulations. These laws and regulations exist to protect patient information for privacy and safety reasons. Since medical records often have patient addresses, full names, dates of birth, social security numbers, and billing information they are prime targets for identity thieves. Entities that do not comply with HIPAA rules are subject to large fines and punishments. Each violation has a $50,000 penalty minimum along with potential criminal penalties.
There are many useful guides that summarize the importance of HIPAA and how it works. The U.S. Department of Health and Human Services is in charge of enforcing HIPAA and educating Individuals and professionals about health information privacy. Detailed HIPAA laws can be found at https://www.hhs.gov/hipaa/index.html
Fantastic read, Alice! With the healthcare business-facing increasing security concerns, HIPAA compliance has become a must. It assures that any information supplied to physicians and healthcare institutions and data produced, transferred, or held by them is subject to stringent security measures. Additionally, patients have discretion over who their information is provided and shared with.