The Health Insurance Portability and Accountability Act, or
HIPAA, went into effect in 1996, with an aim to protect the privacy of
individually identifiable medical records. In April 2003, a mandatory
Privacy Rule to protect individually identifiable health information
came into effect for all health plans, health care clearinghouses, and
providers who use electronic medical records. The Privacy Rule mandates
the adoption of certain standards across the United States to protect,
and prevent the misuse of, individually identifiable medical
information. Failure to do may carry civil and criminal penalties under
federal law. HIPAA is not meant to replace any existing laws that
protect individual medical records, and some states have even more
stringent laws in place to protect patients' privacy.
An entity covered under HIPAA is permitted to use medical information and to make certain incidental disclosures regarding medical information if reasonable safeguards are in place to prevent the use of such information for purposes not permitted under the Privacy Rule. Such safeguards include physician and medical staff discretion in discussing a patient's medical information, and structural safeguards such as storing patient files in a secure location with controlled access, protecting electronic records with passwords and firewalls, etc.
Another guiding principle of the Privacy Rule is that when medical information is disclosed for permitted purposes, the minimum necessary information, and no more, should be revealed. The minimum necessary standard does not apply to disclosures to or requests by physicians for patient information for treatment purposes. It also does not apply if an individual wants to access his or her own medical records, or authorizes others to access these records. Disclosures are also permitted where dictated by HIPAA, including disclosures to the Department of Health and Human Services where such disclosure is required for enforcement purposes.
An entity covered under HIPAA is permitted to use medical information and to make certain incidental disclosures regarding medical information if reasonable safeguards are in place to prevent the use of such information for purposes not permitted under the Privacy Rule. Such safeguards include physician and medical staff discretion in discussing a patient's medical information, and structural safeguards such as storing patient files in a secure location with controlled access, protecting electronic records with passwords and firewalls, etc.
Another guiding principle of the Privacy Rule is that when medical information is disclosed for permitted purposes, the minimum necessary information, and no more, should be revealed. The minimum necessary standard does not apply to disclosures to or requests by physicians for patient information for treatment purposes. It also does not apply if an individual wants to access his or her own medical records, or authorizes others to access these records. Disclosures are also permitted where dictated by HIPAA, including disclosures to the Department of Health and Human Services where such disclosure is required for enforcement purposes.
Electronic Medical Records
[http://www.WetPluto.com/Electronic-Medical-Record-Companies.html]
provides detailed information on Electronic Medical Records, Electronic
Medical Record Software, Electronic Medical Record Systems, Electronic
Medical Record Companies and more. Electronic Medical Records is
affiliated with HIPAA Laws.
Article Source:
http://EzineArticles.com/?expert=Kent_Pinkerton
No comments:
Post a Comment