There is much confusion among the general public, and even among health care workers, as to the investigation, penalties and individual rights regarding HIPAA violations. The Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides federal law protection of personal health information in the possession of covered entities and allows patients various rights with respect to that information. The Privacy Rule is not overly restrictive however, and it permits the disclosure of information when necessary to facilitate patient care and for some other important purposes.
Individuals, organizations, and agencies that meet the definition of a covered entity under HIPAA must comply with the Rules' requirements to protect the privacy and security of health information and must provide individuals with certain rights with respect to their information. If an entity is not a covered entity, it does not have to comply with the Privacy Rule or the Security Rule. Covered entities include health care providers, health plans and health care information clearing houses. Your best friend, family member or neighbor, unless they are also your health care provider, is not a covered entity.
The Privacy Rule, a Federal law, gives you rights over your information and sets rules and limits on who can look at and receive your information. The Privacy Rule applies to all forms of individuals' protected information, whether electronic, written, or oral. The Security Rule, a Federal law that protects this information in electronic form, requires entities covered by HIPAA to ensure that electronic information is secure.
The U.S. Department of Health and Human Services' Office for Civil Rights(OCR) is responsible for enforcing the Privacy and Security Rules. Enforcement of the Privacy Rule began April 14, 2003 for most HIPAA covered entities. HIPAA does not create or allow for an individual to bring a lawsuit against a covered entity. If an individual believes a violation of their right to privacy or private medical information security under HIPAA has occurred, they must file a complaint with the OCR if they wish action be taken. Individuals of course have the right to file a lawsuit based on violation of privacy, etc., but such lawsuits are not a part of HIPAA itself.
The OCR investigates all complaints according to a defined process. If a violation has occurred, the OCR may fine the entity and/or have the entity take corrective action. For criminal misuse of private information the Department of Justice may bring criminal charges.
HIPAA Violations - Not a Cause of Action For a Lawsuit Check For The New Release in Health, Fitness & Dieting Category of Books NOW!
Check What Are The Top Cooking Books in Last 90 Days Best Cheap Deal!
Check For Cookbooks Best Sellers 2012 Discount OFFER!
Check for Top 100 Most Popular Books People Are Buying Daily Price Update!
Check For 100 New Release & BestSeller Books For Your Collection
Greg Stocks CRNA EJD has practiced as a Certified Registered Nurse Anesthetist for 20 years. He holds an Executive Juris Doctor in Health Law and is a consultant for cases of medical malpractice.
http://lawmedconsultant.com/645
No comments:
Post a Comment