The document discusses HIPAA (Health Insurance Portability and Accountability Act) and the protection of patient health information (PHI). It defines key terms like HIPAA, PHI, and covered entities. It also outlines HIPAA's rules for use and disclosure of PHI. Finally, it discusses Grady Health System's commitment to complying with HIPAA and protecting patient privacy, and provides resources for further information.

1. Understanding Patient Privacy
General Rules for Uses and
Disclosures of PHI in accordance to
HIPAA

2. Defining HIPAA and PHI
HIPAA
The HIPAA Privacy Rule provides federal protections for
individually identifiable health information held by
covered entities and their business associates and gives
patients an array of rights with respect to that
information. At the same time, the Privacy Rule is
balanced so that it permits the disclosure of health
information needed for patient care and other important
purposes.
The Security Rule specifies a series of administrative,
physical, and technical safeguards for covered entities
and their business associates to use to assure the
confidentiality, integrity, and availability of electronic
protected health information.
Source: United States Dept. of Public Health
http://www.hhs.gov/ocr/privacy/hipaa/understanding/index.html
PHI
In short, Protected Health Information (PHI) is
defined as
•Individually identifiable health information
•Health information, including demographic information
•Relates to an individual’s physical or mental health or
the provision of or payment for health care
•Transmitted or maintained in any form or medium by a
covered entity or its business associate
Source: United States Dept. of Public Health
http://www.hhs.gov/ocr/privacy/hipaa/understanding/index.html

3. HIPAA and The Grady Health
System
Grady Health System is committed to ensuring the
privacy and the security of our patients' health
information. The Health Insurance Portability and
Accountability Act of 1996 (HIPAA) strengthens our
commitment to our patients.

4. Questions?
Employees should refer to the HIPAA
Compliance Policy manual for a better
understanding of the HIPAA legislation and of
the legislation's impact on treatment, payment
and operational practices at Grady Health
System.

5. Resources
Questions or issues regarding HIPAA Compliance can be directed to the Compliance Hotline at 1.800.349.4098.
Need more information about HIPAA? Go to these websites:
United States Dept. of Health & Human Services
http://www.hhs.gov/ocr/privacy/hipaa/understanding/index.html
Grady Health System General Rules for Uses and Disclosure of PHI
http://gradynet/PoliciesAndProcedures/default.aspx?RootFolder=%2fPoliciesAndProcedures%2fDocuments%2fHIPAA&FolderCTID=0x01200053BB21193D38E943AED3ED3C504AEF7D&View=
%7bF1004619%2d2D71%2d442D%2d8ACA%2d140308A8B246%7d

6. Resources
Questions or issues regarding HIPAA Compliance can be directed to the Compliance Hotline at 1.800.349.4098.
Need more information about HIPAA? Go to these websites:
United States Dept. of Health & Human Services
http://www.hhs.gov/ocr/privacy/hipaa/understanding/index.html
Grady Health System General Rules for Uses and Disclosure of PHI
http://gradynet/PoliciesAndProcedures/default.aspx?RootFolder=%2fPoliciesAndProcedures%2fDocuments%2fHIPAA&FolderCTID=0x01200053BB21193D38E943AED3ED3C504AEF7D&View=
%7bF1004619%2d2D71%2d442D%2d8ACA%2d140308A8B246%7d