The Health Insurance Portability and Accountability Act (HIPAA) is a federal law designed to create standards for maintaining patient health records electronically and put procedures in place to keep those records private and secure. HIPAA applies to healthcare providers, employers and their business affiliates. HIPAA seeks to protect health information, including personal information that may be used to identify a person. These rules apply to oral, written and electronic patient records.(1)
Patients’ Right to Privacy
Today, it’s quite common to transmit patients’ personal health information electronically between doctors, insurance companies and other entities responsible for patient care. Transmitting information this way streamlines the delivery of healthcare services, but can pose certain risks to privacy, if not handled well. HIPAA regulations serve to protect patient records and privacy. Such regulations must be followed by:(2)
- Health plans, such as insurance companies and health maintenance organizations (HMOs)
- Healthcare providers, including doctors, dentists and nursing homes
- Healthcare information clearinghouses that process and format health information for others
To ensure regulatory compliance, the attorneys at Cathleen Scott & Associates, P.A. in Palm Beach County are available to offer legal advice and representation. HIPAA compliance lawyers are able to provide guidance to ensure your business practices comply with these very complex rules.
HIPAA Regulation Compliance
HIPAA compliance attorneys understand that patient health records must be kept confidential, yet be made available for release to authorized persons. HIPAA regulations detail what information must be protected and the manner in which it should be protected. The HIPAA Privacy Rule also explains how patient health information may be shared to ensure patients receive proper medical care.(3) The Privacy Rule and federal civil rights laws protect patients and their right to keep health information private. Patients may file a complaint with their healthcare provider or the federal Office of Civil Rights to protect their rights relating to their health information.(4)
Release of Patient Information
Patients must give permission to allow for release of medical records. In the case of improper release of information, patients must be notified regarding any breach or accidental release of patient information within sixty days of discovery. During 2010, 5 healthcare entities in the state of Florida improperly released the data of more than 500 individuals. The largest breach was of 12,580 patient records stored on a laptop computer that was stolen in violation of HIPAA compliance standards.(5)Regulatory compliance lawyers can provide advice to prevent patient data from being mishandled.
4-Office of Civil Rights:
5-Health Information Privacy, Breach Notification Rule, Breaches Affecting 500 Or More Individuals: