The health and privacy rule is part of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). It covers the disclosure of an individuals’ health information in addition to standards for individuals’ privacy rights. Moreover, the privacy rule assures that an individual’s health information is protected; it allows the flow of information in order to properly care for an individual while making sure that the information is kept within a tight circle of healthcare providers. An important rule in light of the fact that computers and the internet have allowed easier access to health records.
Any sort of health information is covered under the rule, including health insurance claims and benefits eligibility. Health care providers covered under the HIPAA rule include hospitals and private services or any provider of health services. Professionals who both work in private practice or in a hospital need to become familiar with the provision and what it covers; basically the privacy rule protects all health information, whether it is in electronic, paper or oral form. Such information relates to:
- The individual’s physical or mental health or condition, no matter when it was diagnosed
- The provision of health care to the individual
- Payment for the provision of health care to the individual,
- Name, address, birth date, and social security number of patient.
When processing information on a patient it is important to ensure the documents remain confidential and not shared with anyone other than the patient unless otherwise documented and approved by the patient. It is also important to know the extent of privacy to which patients are entitled. Be careful with computer files and passwords, email addresses and important health documents. Keep important documents stored on a secure server not on computers as they can be hacked. Do not send important information via email or left on voicemails over the phone. Each computer with access to patient records should be password protected.
Know the HIPAA requirements, train your office staff on the privacy of your patients and educate your patients on how your office embraces the HIPAA laws. Should information be shared accidentally that goes against the HIPAA rules, professional liability insurance will pay for your defense of a lawsuit. Medical malpractice insurance will generally only pay for your defense if the action is done accidentally, not if it is done intentionally.
For a couple hundred bucks a year, you can ensure your practice is safe against lawsuits that are caused by people error or accidents.