Saturday, September 7, 2013

HIPAA Privacy Compliance


The U.S. Department of Health and Human Services issued the Privacy Rule to put into practice the requirement of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The Privacy Rule standards address the use and disclosure of individuals' health information-called "protected health information" (PHI). PHI is any information held by a covered entity which concerns health status, provision of health care, or payment for health care that can be linked to an individual.

A main goal of the Privacy Rule is to assure that individuals' health information is suitably protected while allowing the flow of health information needed to provide and promote high quality health care and to protect the public's health and well being. An appropriate balance is maintained by the rule that permits important uses of information, while protecting the privacy of people who seek care and healing.

The Privacy Rule gives individuals the right to request that a covered entity correct any inaccurate PHI. It also requires covered entities to take reasonable steps to ensure the confidentiality of communications with individuals. Also covered entities are required to notify individuals of uses of their PHI. A track of disclosures of PHI and document privacy policies and procedures need to be maintained by the covered entities. A Privacy Official and a contact person responsible for receiving complaints must be appointed and all the members of their workforce in procedures regarding PHI must be trained properly to avoid any kind of divergence.

HIPAA's Privacy Rule requires that a covered entity must develop comprehensive HIPAA Privacy policies with respect to PHI. It is essential that the policies and procedures must be reasonably designed, taking into account the size of and the type of activities that relate to protected health information undertaken by the covered entity, to ensure such compliance.

"Essentially, a covered entity is required to develop and implement policies and procedures appropriate to the entity's business practices and workforce that reasonably minimize the amount of protected health information used, disclosed, and requested;" - HIPAA Privacy Rule 45 CFR Part 160

To jump start your HIPAA Security policy creation, it is recommend to use templates. HIPAA Privacy Policies templates can be used by Healthcare entities like Hospitals, Insurers, Long Term Care/Skilled Nursing Facilities, Ambulatory Surgery Centers, Assisted Living/Intermediate Care Facilities, Clinical Laboratories, Clinics, Dialysis Providers, Employer Plans, HMOs, Home Health Agencies, Hospices, Pharmacies, Physicians, PPOs, Rehabilitation Facilities, other payees & providers and business associates of healthcare organizations

We recommend these Privacy Policies templates to achieve your HIPAA Privacy Compliance where all 51 policies are available in MS Word format and can be easily customized as per your requirements.

No comments:

Post a Comment