HIPAA is a set of confidentiality regulations that governs the sharing of patient data and information. These regulations are enforced by the HHS Office for Civil Rights and can be a big headache for any organization.
3 hipaa confidentiality regulations
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) established national standards for how covered entities, health care clearinghouses and business associates share and store personal health information (PHI). These rules cover all of the administrative, technical, and physical safeguards that are required to protect PHI from unauthorized access, use, and disclosure.
Rule #1: Privacy
The Privacy Rule ensures the integrity and privacy of PHI. This includes requiring Covered Entities to make reasonable efforts to use, request and disclose only the minimum amount of PHI necessary to accomplish its intended purpose.
Rule #2: Right of Access
The Right of Access rule ensures that patients are given access to their records. This can be done through a phone call or an in-person visit. It is important to verify that the person requesting information has legal authority to do so.
Rule #3: Secure Disposal of PHI
This rule requires that all patient information be disposed of in a secure manner. This can include destroying data or removing it from hard disks and backups.
Rule #4: Breach Notification
If you think you may have accidentally disclosed patient ePHI, notify the individual and the HHS Office for Civil Rights as soon as possible. This is a good way to minimize the risk of an impermissible disclosure.
SITES WE SUPPORT
SOCIAL LINKS
Comments