Hipaa Guidelines

HIPAA, which stands for the American Health Insurance Portability and Accountability Act of 1996, is a set of rules to be followed by doctors, hospitals and other health care providers. HIPAA helps ensure that all medical records, medical billing, and patient accounts meet certain consistent standards with regard to documentation, handling and privacy. The HIPAA Privacy Rule establishes the conditions under which protected health information may be used or disclosed by covered entities for research purposes. Previously, healthcare information has been protected by state law. However, since this information crosses state lines, the need for federal protection has been warranted. HIPAA provides the first federal protection for the privacy of medical records (Burke & Weill, 2005) HIPPA encourages the use of electronic medical record and the sharing of medical records between healthcare providers, because it can aid in saving lives. HIPAA requires that patients have some knowledge of the use of their medical records and must be notified in writing of their provider's' privacy policy. HIPAA has technical requirements which a healthcare provider, insurer, or service provider, unless exempt under state law, must provide. An organization must conduct a self evaluation to learn what threats its records face, and develop techniques needed to protect the information (HIPAA, 1996).

All healthcare providers have a responsibility to keep their staff well trained and informed regarding HIPAA compliance. Having a well trained staff will ensure there are no breaches. All offices should do regular evaluations, to establish clarity, and refresh all guidelines. Whether intentional or accidental, unauthorized disclosure of PHI is considered a violation of HIPAA (2). Most common breaches sometimes fall under a simple unintentional conversation in front of another patient by stating another patient's name and or information. Disclosing confidential patient information without patient consent can happen in the healthcare field quite often and is the reason for many cases brought against health care facilities. There are many ways confidential information gets into the wrong hands. The number one rule of thumb to prevent this from happening is to always discard PHI by placing it through a shredder, never throw away any documents without shredding.

When confidential patient information is disclosed without consent it is a violation of the HIPAA Title II Security Rule (3). This rule was enacted in response to private information being leaked to the news and emails containing privileged information were read by unauthorized people. Identity theft is a real concern so patient privacy should be taken seriously.

Gossip in a medical office can have devastating effects on a healthcare facility’s reputation. As a medical office assistant it’s your primary duty to follow all HIPPA laws, always

...