Hippa Privacy Act

The HIPAA Privacy act was created in order to keep our personal information private. When you go to see any type of healthcare provider you have to give them your name, address, and social security number. With the HIPAA Privacy act, that information is not allowed to be shared with anyone unless you the patient specify. This Privacy act also explains how that information can be used and disclosed.

Today, a lot of providers in the healthcare field use electronic medical records to keep patient information. If you transmit any patient information electronically, you are a covered entity under HIPAA. A covered entity would be a healthcare provider, health plans, and healthcare clearinghouse. Patients want to know that their private information is kept safe, and that no one who shouldn't have that information gets their hands on it. Your name, date of birth, social security number, and home address are the main thing, besides insurance information, you are asked to provide when you go to receive care. If anyone were to get ahold of that information, they could potentially steal your identity. Healthcare providers have guidelines they have to follow, and all of their staff does as well. If there were a violation to occur, there are hefty fines that come along with it. Leaving your screen up with patient information on it, so that everyone who walks past can see it is an example of a violation. If you are sharing a patient's personal information with someone who is not the patient's doctor or the patient, you are in violation.

Individually identifiable health information includes demographic data, the patient's past, present, and future medical conditions, and payment information.

This information is protected under the HIPAA privacy act; because it is information that can be used to identify that individual or is believed that it can identify the patient (U.S. Dept. of Health and Human Services, 2013). This information can only be disclosed to certain people, and for certain reasons. The provider can disclose this information to the patient, and they are also allowed to disclose certain information in order to get paid, to further the patient's care if they need to see more than one provider, and for certain healthcare operational activities. The healthcare provider might ask you for permission to share information with relatives as well, in case they are unable to get ahold of you or there is an emergency. Information is also allowed to be shared with law enforcement for law enforcement purposes, and to government agencies if the patient is a victim of abuse, rape, and domestic violence (U.S. Dept. of Health and Human Services, 2013).

If a healthcare provider violates the Privacy Act, there are penalties for doing so. The Office for Civil Rights enforces the HIPAA Security and Privacy rules, while the Centers for Medicare and Medicaid enforce transactions and code sets, national identifiers, and the insurance portability requirements. A healthcare provider found to be in violation will receive a fine. The fines vary depending on some factors such as date of violation, if the person who committed the violation knew they did, or if it was willful neglect. The fines range for each violation from $100 to $50,000 or more. There is a yearly cap which is $1,500,000, which in my opinion should never be reached in the first place. There are certain situations in which one will not get fined. If it was not willful neglect, and the problem was corrected with-in 30 days, there will be no fines assessed. The OCR can choose to lower the fine as well if the violation was due to a reasonable cause.

First violation from an entity that was knowingly in violation, can receive a fine of

...