Articles
Writers

What You Need to Know About HIPAA: The New Privacy Rule


© Robert D. Lipman, Esq.

Apr 1, 2003


HIPAA creates a national standard to protect the privacy of medical records and other personal health information. HIPAA stands for the Health Insurance Portability and Accountability Act of 1996. This article will focus on HIPAA's Privacy Rule, which is officially called Standards for Privacy of Individually Identifiable Health Information.

Before HIPAA, under federal law:

  • There was no limit on the distribution of personal health information.
  • There was no notice or consent required to distribute personal health information.
  • Personal health information could be distributed for reasons that had nothing to do with medical treatment or health insurance.
  • Personal health information could be used by financial institutions to make credit determinations.
  • Some personal health information could be used by employers to make personnel decisions.
  • Personal health information contained mistakes - most of which were never corrected.
  • Personal health information in computer readable formats was often not properly secured.

For years, our country relied on a patchwork of federal and state laws to protect personal health information. However, those laws addressed the old system where paper records were locked in filing cabinets. These laws were not enough protection in the electronic age. The problem had to be fixed.

Then Came HIPAA'S Privacy Rule

HIPAA, among other things, requires that health care records and certain financial and administrative transactions can be secured and protects them from misuse.

The Privacy Rule provides clear standards for all parties regarding protection of personal health information. Personal health information in any form is covered by the Privacy Rule:

  1. electronic
  2. paper documents
  3. oral statements

The rule applies to many different types of organizations. They range from small physician practices to large national private and governmental health agencies. We will refer to these organizations as "covered entities."

Congress was so serious about HIPAA that it required all covered entities to adopt written privacy procedures and to train all employees about HIPAA. We must all do our part to make sure that personal health information is respected and protected.

Patient Rights

Under the Privacy Rule, patients have the right to understand and to control how their health information is used.

Specifically, the Privacy Rule:

  1. Entitles patients a clear written explanation of how the covered entity may use and disclose their health information.


  2. Entitles patients access to their medical records. Patients generally must be able to see and get copies of their medical records. However, they must first complete an authorization form for the release of their records. Patients are also entitled to request amendments to their medical records. There are, however, some exceptions to this rule. For example, family members and representatives of an individual who is participating in a medical study are not entitled to know if the individual is receiving the placebo or the actual drug while the study is in progress.


Go To Page: 1 2 3


The copyright of the article What You Need to Know About HIPAA: The New Privacy Rule in Human Resources is owned by Robert D. Lipman, Esq.. Permission to republish What You Need to Know About HIPAA: The New Privacy Rule in print or online must be granted by the author in writing.

Post this Article to facebook Add this Article to del.icio.us! Digg this Article furl this Article Add this Article to Reddit Add this Article to Technorati Add this Article to Newsvine Add this Article to Windows Live Add this Article to Yahoo Add this Article to StumbleUpon Add this Article to BlinkLists Add this Article to Spurl Add this Article to Google Add this Article to Ask Add this Article to Squidoo




about us Limelight Blog freelance writing jobs careers press room Site Map Terms & Conditions Privacy Policy