• Health & Wellness
• Finance, law & insurance
• Housing & Care
• Services for seniors
• Lifestyle & Shopping
• Blog
• LOOKING FOR SOMETHING ?

 What is HIPAA? The "Health Insurance Portabilty and Accountability Act"

 In 1996 Congress enacted a law to enable privacy of health information and streamline health insurance administration. Privacy Regulations were published by the Secretary of Health and Human Services December 28, 2000. They provide certain protections that "covered entities" (in this case a health care provider), must apply with regard to the use of medical records and identifiable health related information, whether in oral, paper, or in this case, electronic format. The purpose of these protections are to prohibit misuse and unauthorized disclosure of patients' health records and medical information. Stiff penalties for non-compliance apply.

 What is PHI (Protected health Information)?

 Any information, including demographic information (e.g.- name, social security number, e-mail address, etc), that identifies an individual is subject to the law if it meets any or all of the following:

• information created or received by a health care provider (e.g.- e-mail, paper record, oral communication, etc),
• information relating to past, present, or future physical or mental health condition of an individual,
• information that describes past, present, or future payment for health care of the individual.

 What makes Information Identifiable?

 Demographic information, including: names, addresses, employer, relatives names, date birth, phone/fax numbers, e-mail address, social security number, medical record number, or any other characteristic that may identify an individual is considered "identifiable".

 What about patient authorization?

 Authorization is required for the release of information for any purpose other than medical management and treatment. The patient cannot be denied treatment, simply because they refuse to authorize release of information. Authorization may be revoked at any time, but the provider cannot be held responsible for information released when the authorization was active. The authorization is typically signed at the first office visit.

 Why are privacy and confidentiality necessary?

 Health care providers are ethically and legally obliged to protect health related information. HIPAA privacy rules are designed to give patients the right to control who has access to such information. Communication of this information must remain private and limited to health care providers who need this information to manage diagnostic and treatment endeavors, and administer related healthcare operations (such as payment and insurance issues).

 Examples of misuse of healthcare information might include: loss of employment because of potential downtime related to a medical condition, HIV status published in a newspaper, political and financial implications of "discovered" conditions such a physical and mental impairments, etc.