2. HIPAA
HIPAA is the acronym for the Health Insurance Portability and Accountability
Act that was passed by Congress in 1996.
HIPAA does the following:
• Reduces health care fraud and abuse;
• Mandates industry-wide standards for health care information on
electronic billing and other processes; and
• Requires the protection and confidential handling of protected health
information
3. The patient has the right to:
• Request access to health info.
• Request to amend their health info.
• Request restrictions to information sharing.
• Request accountability of disclosures.
4. Protection and Confidential
Handling of Health Information
The HIPAA Privacy regulations require health care providers and organizations, as well as
their business associates, to develop and follow procedures that ensure the confidentiality
and security of protected health information (PHI) when it is transferred, received, handled,
or shared.
This applies to all forms of PHI, including paper, oral, and electronic, etc. Furthermore,
only the minimum health information necessary to conduct business is to be used or
shared.
5. Things to remember:
• Make sure not to share sensitive PHI with others who shouldn’t have access, including co-
workers or personal acquaintances.
• Avoid accessing a patient’s record unless needed for work or with written permission from the
patient.
• Minimize occurrences of others overhearing patient information. Do not use a patient’s whole
name within hearing distance of others.
• Secure all paperwork containing PHI by placing in a drawer or folder when not in use. Cover
charts so patient names are not visible. Never leave records and other PHI unattended.
• Close computer programs containing patient information when not in use. Practice management
systems with automatic time out settings can be valuable in this regard.
6. Things to remember continued:
• Assign different levels of security clearance to specific people. Role-based security prevents
employees from accidentally changing or seeing information that does not pertain to their
specific duties.
• Never share passwords between staff members.
• Make sure computers have updated anti-virus scanning software installed. This guarantees your
practice is reasonably guarded against malicious software.
7. References
AMN Healthcare Services Education. (2015). An Overview of HIPAA for Healthcare Professionals.
Retrieved from https://lms.rn.com/getpdf.php/1808.pdf
DHCS. (2020). Health Insurance Portability & Accountability Act. Retrieved from
https://www.dhcs.ca.gov/formsandpubs/laws/hipaa/Pages/1.00WhatisHIPAA.aspx
Fox News. (2008). Report Over 120 UCLA hospital staff saw celebrity health records (Links to an
external site.). Retrieved from https://www.foxnews.com/story/report-over-120-ucla-hospital-staff-saw-
celebrity-health-records
National Ethics Committee of the Veterans Health Administration. (2004). Online Patient-Clinician
Messaging: Fundamentals of Ethical PracticePreview the document. Retrieved from
http://www.ethics.va.gov/docs/necrpts/NEC_Report_20040701_Online_Clinician-Pt_Messaging.pdf