Although HIPAA (Health Insurance Portability and Accountability Act) became law in 2003, most Americans don’t understand just what HIPAA is or what it provides for them. Some grasp that it protects their privacy and confidentiality but HIPAA also offers easier access to someone’s own medical records. To understand HIPAA, the act must be broken down into several parts and converted into everyday language.
Defining and Understand HIPPA’s Key Points
The first and foremost mission of the HIPAA act was to protect medical records and other health information. The Department of Health and Human Services worked to create new standards that give patients increased control over how their records are used, who can access those records, and more ability to protect individual privacy. The law first passed in 1996 but did not begin to affect individual patients until most health care providers (doctors, pharmacies, hospitals, medical centers, clinics, and health insurance carriers) were required to comply in 2003. The major points that affect patients and their privacy are:
- Access to medical records. Patients can now see and have copies of their medical records. If errors are spotted, patients have the right to request corrections. Access to records must be given within 30 days of the request. HIPAA does allow providers to charge a small fee for duplication if print copies are requested.
- Notice of privacy practices. Health plans, insurance coverage, doctors, nurses, and all health practitioners are required to give patients written notice of how medical information will be used. Most providers will have patients sign or initial a copy of this information if they have not already done so. At this time, most providers will allow patients to note if anyone else – such as a spouse – can be given information about medical conditions or even appointments.
- Limits on use of personal information. HIPAA limits the ways in which health plans and covered providers can use personal health information. It does not limit doctors, nurses, or other medical people to necessary information but it does limit what information can be given to banks, marketing associates, life insurance representatives, and health insurance companies without the patient knowledge or permission.
- Prohibits marketing. HIPAA restricts and limits how patient information can be used for marketing purposes. No health care professional is permitted to make public or provide any company with information about medical diagnosis for marketing purposes, not without patient permission.
- Strengthen state laws. HIPAA strengthens existing state laws that provide extra privacy protections. HIPAA builds a nationwide standard for patient privacy for all Americans. Federal privacy regulations, however, do not pre-empt state law in matters necessary for public safety such as an infectious disease epidemic.
- Confidential communications. Patients have the right to make certain that all communications are confidential. Unless the patient makes other arrangements, medical professionals can not discuss or divulge any information about the patients care or treatment. This includes notification of appointment changes or reminders. Patients can request that they receive phone calls at work rather than at home or vice versa. HIPAA puts the patient in charge of when and where health matters will be discussed and who can be privy to the information.
How HIPPA Is Enforced
To ensure that the Health Insurance Portability And Accountability Act (HIPAA) is enforced, the United States Government has established standards. These include:
- Materials. A wealth of materials is available to explain the HIPAA rules for both patients and providers.
- Conferences and seminars are ongoing to explain and clarify what HIPAA is and how it works.