HIPAA: To Tell or Not to Tell
Many healthcare professionals are unclear about the HIPAA rule. What does the HIPAA Privacy Rule require the average healthcare provider to do? This question can confuse healthcare staff, and it is imperative that they have a clear understanding of the HIPAA rule.
Our HIPAA: Do the Right Thing training program explains the rule. Here are some main points:
- Think Minimum
Limit use and disclosure of Protected Health Information (PHI), inside and outside of your facility, to the least amount of information necessary to get the job done right. One (though by no means the sole) exception is if PHI disclosure is essential to treatment. Healthcare providers need access to the entire record to provide quality care. - Know When to Disclose PHI
You CAN disclose patient information in cases including:- A nurse and behavioral therapist talking about their patient's care
- A secretary scheduling a surgical procedure
- Payment-claims billing
- Physicians or nurses conferring at nurse's station
- Understand Patient Authorization
In general, authorization is NOT required in cases including:- Disease prevention
- Monitoring the safety of FDA-regulated products
- Certain law enforcement purposes
- Compliance with HIPAA investigation
- Uphold Patient Rights
Trust and good communication are the foundations of quality care. Do not violate your patients' trust. Give them the right to make informed choices about how personal health information is used. Remember the written Privacy Notice:- Outlines the facility's privacy practices about use or disclosure of PHI
- Outlines facility legal responsibilities
- Is displayed at the site of service and on a website
- Is revised when privacy practices change