Health Insurance Portability and Accountability Act
Health Insurance Portability 2
The Health Insurance Portability and Accountability Act (HIPAA) was established in 1996 to protect the rights of individuals when receiving services from health organizations. The Health Insurance Portability and Accountability Act ensures privacy and confidentiality of individual’s health information. Health information could be protected on paper, oral communication, or electronically. If an individual’s privacy is violated in any way that individual has the option to file a complaint against the offending office.
The Office for Civil Rights assists individuals with complaints by investigating them. If necessary the Office for Civil Rights will impose a fine for violating the Privacy Rule Provision. Criminal violations of this law are referred to the United States Department of Justice for investigation and action (United States Department of Health and Human Services, 2008).
The Privacy Rule imposes rules that healthcare workers must abide by to protect patient’s information. By doing this the Privacy Rule dictates how patient’s information could be handled in pharmacies, hospitals, and other healthcare industries. Patients have access to their medical records if copies are needed or if mistakes are found. There could be a monetary charge for copies but patients should receive copies within 30 days of the request.
If a medical provider requires sharing of the patient’s information; this request must be approved by the patient in writing. This notice is usually provided by the healthcare organization to the patient upon their first visit. This notice allows the patient to appoint any person whom he or she wishes to have access to their medical files. A patient could amend or omit information at any time. Patients would sign or initial this document generated by the organization which was
Health Insurance Portability 3
formatted per HIPAA guidelines. If the document is amended in any way the patient must be presented with the updated document and given the opportunity to review and sign it.
The Privacy Rule imposes limits on how the information is shared. To provide the highest quality of care; this rule does not permit any medical staff that is directly working from the patient to share information with another staff that is working directly with the patient. This could include physicians, nurses, and other medical providers that treat the patient. If any other provider that is directly working with the patient requires the medical information the patient would need to sign a consent form. A form usually called “release of information” would be completed and would specify which information could be shared. By specifying which information could be shared is another way for the patient to protect their information. For example if a patient is applying for life insurance they could consent for the life insurance company to have access to their medical lab work. The patients file could include more extensive history such as mental illness or surgical history, but this information would not be shared.
The Health Insurance Portability and Accountability law affects day-to-day operations in many ways. The Privacy Rule ensures that various healthcare providers have policies and procedures as to different ways to protect a patient’s information. Different agencies such as health insurance organizations, pharmacies, and physicians have procedures as to how to protect information. These various healthcare workers have requirements that are flexible to permit different healthcare workers to implement them as necessary for their practice. Covered medical personnel could limit the use of information as...