Employer Hipaa Rules
employer hipaa rules
HIPAA and privacy guide 101
HIPAA has led to sweeping changes to health care administration and information systems as health care organizations struggle to achieve cost-effective compliance by 2003. The US Congress enacted the Health Insurance Portability and Accountability Act or HIPAA in 1996. The act covered a wide array of issues surrounding the health insurance industry but in particular it required administration simplification, which addressed the issue of security and privacy of health information.
HIPAA is designed to standardize the way all health care organizations electronically exchange sensitive patient data and to protect patients from unauthorized disclosure of their medical records (whether paper or electronic). HIPAA outlined standards to improve the nation’s health care system by incorporating electronic data exchange between health care providers. The idea of course was to allow various health providers to access the records of a particular patient. So, when a patient visits a new hospital, the covering doctor can access that patients past record and in so doing provide him with better care. However, as one could envisage, this raised a great number of apprehensions with respect to the privacy and confidentiality of people’s medical records. So the legislature created a fundamental list of rules and regulations with which health care providers must comply. And the creation of these rules and regulations gave birth to the industry that is called HIPAA Compliance.
To ensure HIPAA compliance, there are certain key provisions, which need to be followed. For instance, individuals should be able to access their records and request correction of errors. Also, they should be informed about how their personal information will be used. The ‘protected health information’ (PHI) indicates that the information cannot be used for marketing purposes without the clear consent of the patients in question. People should be able to ask their covered entities (which maintain PHI about them), to ensure that their communications with the patient are confidential. It should be possible for people to file formal privacy-related complaints to the Department of Health and Human Services (HHS) Office for Civil Rights. Covered entities should document their privacy procedures, however, they have discretion on what to include in their privacy procedure. They are required to designate a privacy officer and train their employees. Covered entities can use an individual’s information without the individual’s consent if the purpose is to provide treatment, obtain payment for services and to perform the non-treatment operational tasks of the provider’s business. Some of the agencies, government bodies and individuals who can access the medical records of a person under HIPAA compliance rules are the insurance companies, employers, courts, hospitals, or individual physicians. This is also considered as a downside of the HIPAA Privacy rule because sponsors of a research study; makers of drugs for the particular study and the researchers involved in the study are included in this list.
However, the ultimate objective of HIPAA is to increase the efficiency and effectiveness of health information systems through improvements in electronic health care transactions as well as to maintain the security and privacy of individually identifiable health information.
Question regarding HIPAA covered entities and privacy rule?
Are doctors, nurses, and other medical professionals that work for an employer, on site, in a medical department, a covered entity under HIPAA?
My medical records have been compromised and revealed to numerous personnel and upper management through the company’s medical department by lead nurses and doctors. History of my prescriptions and personal matters relating to stress related anxiety have been seen by eyes whose medical records shouldn’t belong to.
They used my medical records as a basis and grounds for termination of employment.
I’m seeing a lawyer about it tomorrow morning but am curious if this sounds like something I could build a case off of.
I’ll add one thing to the answer above: you DID sign a waiver allowing the company to access any medical records held by company doctors which relate to your employment. That is absolutely standard procedure.
They had a perfect right to divulge that information to management.
In any event, they didn’t have to use it as ‘grounds’ for termination. In the US, there is no NEED for grounds, they can terminate for no reason at all.
Health Insurance Exchanges Stakeholders Conference – Panel 2: Small Employers (08/30/2010)
|
|
The Practical Guide to HIPAA Privacy and Security Compliance $85.99 HIPAA is very complex. So are the privacy and security initiatives that must occur to reach and maintain HIPAA compliance. Organizations need a quick, concise reference in order to meet HIPAA requirements and maintain ongoing compliance. The Practical Guide to HIPAA Privacy and Security Compliance is a one-stop resource for real-world HIPAA privacy and security advice that you can immediately appl… |
|
|
Responsibilities grow under HIPAA: employers need to check fiduciary liability policies.(Fiduciary Liability)(Health Insurance Portability and … & Casualty-Risk & Benefits Management $5.95 This digital document is an article from National Underwriter Property & Casualty-Risk & Benefits Management, published by The National Underwriter Company on November 1, 2004. The length of the article is 791 words. The page length shown above is based on a typical 300-word page. The article is delivered in HTML format and is available in your Amazon.com Digital Locker immediately after purchase…. |
|
|
HIPAA Privacy Guide for Employers: A Guide to the New Health Insurance Portability & Accountability ACT Privacy Rules $129.00 Instant HIPAA Compliance Help – BLR’s Privacy Guide HIPAA’s privacy deadlines are in effect as of April 2004, even for smaller employers. But you don’t have to risk noncompliance. BLR’s HIPAA Privacy Guide delivers all the specific analysis, practical policies, and specific procedures you need for step-by-step compliance with the sweeping new privacy changes in the Health Insurance Portability… |
