It’s imperative for healthcare professionals to be well acquainted with the Health Insurance Portability and Accountability Act (HIPAA). Congress passed it in 1996, but surprisingly, there are portions of the act that are still being violated by unassuming healthcare workers.
HIPAA offers Americans the ability to transfer their health insurance coverage when they switch jobs (or lose jobs), sets standards for health care information on electronic billing, puts in place regulations meant to prevent fraud and abuse, and sets a standard for keeping patient information confidential.
Health care providers, clearinghouses and health plans must all comply with HIPAA, which also protect electronic personal health record. The act also requires the average provider to let patients know their privacy rights and how their information can be used. Employees must be trained so that they follow all the privacy rules. Healthcare providers are also required to establish a person or persons responsible for making sure HIPAA rules are being followed.
One of the most often violated rules established in HIPAA is one concerning securing patient records so that unauthorized personnel don’t view them. Employees are supposed to be notified on what records they can and cannot access, and sometimes, due to insufficient training, they are not.
Contrary to what some might believe, doctors and pharmacists are allowed to contact patients at home through the mail or a phone call/voicemail about upcoming appointments or when the prescription is filled. However, the message is not to contain too much private information as others within the household could gain access to the information.
The HIPAA privacy rule allows parents to see the medical records of their children, as long as the child is still a minor. However, there are exceptions to this rule: when the minor is the consenting person and there is no consent required of the parent; when the care of the individual is court ordered; and when the parent agrees to a confidential relationship between the healthcare provider and the minor.
Electronic personal health records can be sent from one doctor to another without written consent from the patient. The only reason for transmitting the record must be for the care/treatment of the individual.
It’s not likely that many patients peruse the guidelines/rules in HIPAA, but they are required to be posted in an easy to access area of the healthcare facility. But by knowing what rights they have in HIPAA, patients have a clearer understanding and control over their health information. They’re also more knowledgeable about the boundaries set on the use and release of their health records, electronic and otherwise.
The employees at OffSite Image Management, Inc., are knowledgeable on the rules and regulations contained in HIPAA. The health information exchange designed by OffSite provides many safeguards to ensure that the information shared between doctors, radiologists and specialists is secure and is viewable only by the intended parties. Sharing images is the fundamental aspect of the radiology services provided by OffSite, and doing it in a secure fashion is of upmost importance.