What is the HIPAA Privacy Rule?
Congress passed the Health Insurance Portability and Accountability Act (HIPAA) in 1996. HIPAA has simple goals with far-reaching effects. The part of HIPAA that deals with privacy provisions is called the Privacy Rule. It lays out requirements for protecting individuals’ medical records and other personal health information, referred to as protected health information (PHI). Generally, the Privacy Rule requires health care providers, health plans and health care clearinghouses to: • Limit the use and disclosure of protected health information. • Obtain a written authorization for some uses and disclosures of protected health information. • Notify individuals about their privacy rights and respond when individuals invoke their rights. • Require their business associates, including sales representatives, to agree to safeguard the privacy of protected health information. • Adopt and implement privacy policies and procedures. • Train their workforce on privacy policies and procedures. • S
The HIPAA Privacy Rule created standards and requirements specific to procedural policies that Covered Entities must follow to ensure the privacy of PHI, such as: Notifying patients about their privacy rights and how their information can be used.Adopting and implementing privacy procedures.Training employees to understand privacy procedures.Securing patient records.
Related Questions
- By establishing new waiver criteria and authorization requirements, hasn t the HIPAA Privacy Rule, in effect, modified the Common Rule?
- Why was the consent requirement eliminated from the HIPAA Privacy Rule, and how will it affect individuals’ privacy protections?
- My State law is more proactive of HIV information. Is it preempted by the HIPAA Privacy Rule?
