Frequently Asked Questions Regarding HIPAA And The Privacy Notice
What is HIPAA?
HIPAA is an acronym that stands for the Health Insurance Portability and Accountability Act of 1996. HIPAA includes regulations that govern the use and release of a patient's personal health information. Besides privacy standards, HIPAA creates new standards for administrative transactions and the security of individual health information.
How did the rule get to this point?
Privacy provisions under federal law were established in 1996 with the Health Insurance Portability and Accountability Act (HIPAA). The Department of Health and Human Services (HHS) published regulations, "Standards for Privacy of Individually Identifiable Health Information," applicable to entities covered by HIPAA on December 28, 2000. These regulations became effective on April 14, 2001, and April 14, 2003 is the date on which "covered entities" must be in compliance with the new HIPAA privacy rule. The rule governs the use and disclosure of individually identifiable health information.
Who is considered a "covered entity" and subject to fines and penalties under HIPAA?
All health care providers, including hospitals, physicians and emergency medical or ambulance personnel that transmit protected health information in electronic form in connection with certain administrative and financial transactions are considered covered entities and are subject to the requirements of the rule. Police, firefighters and family members are not considered covered entities under HIPAA.
So what will change?
The new law gives patients four rights. They have the right to receive the Privacy Notice, the right to request to have their information amended, the right to request restrictions on their information and the right to request disclosure of their information.
What about fundraisers and marketing strategies?
At present we are not doing fundraisers. Letters you may receive from us in the future will continue to deal with announcements of physician changes or new services that will be of interest. We will not, nor have we ever given any patient information to outside vendors.
What law governs security and intelligence?
A covered entity may disclose protected health information to authorized federal officials for the conduct of lawful intelligence, counter-intelligence, and other national security activities authorized by the National Security Act (50 US.S.C. 401, et seq.) and implementing authority (e.g. Executive Order 12333).