As part of the requirements under the Health Insurance Portability and Accountability Act of 1996, the covered entity must receive a written agreement from each of its business associates prior to disclosing any protected health information. Question 1: Does HIPPA affect the patient’s access to his or her medical records? If so, describe the effect and the procedure for obtaining access. Answer: Yes, HIPPA does affect the patient’s access to his or her medical records. Patients have the right to access their health information and control the use and disclosure of such information.
Even though it is not required by HIPPA to have a written notice to obtain medical records, it is a good idea to provide a written request to obtain access to patients’ records. Question 2: Under what circumstances can personal health information be used for purposes unrelated to health care? (Hint: There should be at least 12 circumstances. ) Answer: The Privacy Rule permits use and disclosure of protected health information, without an individual’s authorization or permission, for 12 national priority purposes.
Starting with: if Required by Law; for Public Health Activities; if Victims of Abuse, Neglect or Domestic Violence; for Health Oversight Activities; for Judicial and Administrative Proceedings; for Law Enforcement Purposes; for Decedents; for Cadaveric Organ, Eye, or Tissue Donation; for Research; for Serious Threat to Health or Safety; for Essential Government Functions and lastly for Workers’ Compensation. Question 3: Are there requirements for covered entities to have written privacy policies?
If so, what has to be addressed in the policy? Answer: Yes, covered entities are required to develop and distribute a notice that provides a clear explanation of privacy policies. The notice must state the covered entity’s duties to protect privacy, provide a notice of privacy practices, and abide by the terms of the current notice. The notice must describe individuals’ rights, including the right to complain to HHS and to the covered entity if they believe their privacy rights have been violated.
Medical office employees must be trained to understand that HIPPA is designed to protect the privacy of patients and their protected health information. Those in violation of these policies can be disciplined up to and including termination. Consequences may vary from company to company, and should be clearly stated in the employee policies handbook. Employees should be trained as soon as possible. The manner of the training should be the one best suited to the employer and employee, in order for the employee to be the best he/she can be at that particular job so success can be achieved.
Centers for Medicare & Medicaid Services, 13 Nov. 2010 <http://cms.gov/HIPAAGenInfo/>.
“Health Information Privacy” United States Department of Health & Human Services. 13 Nov. 2010 <http://hhs.gov/ocr/privacy/hipaa/understanding/consumers/index.htlm>.
“Health Information Privacy” United States Department of Health & Human Services. 20 Nov. 2010 <http://hhs.gov/ocr/privacy/hipaa/understanding/srsummary.html>.
Cite this Health Information Management
Health Information Management. (2017, Feb 23). Retrieved from https://graduateway.com/health-information-management/